Hallo zusammen

Ich habe ein Problem mit meinem Computer!
Ich habe das Programm Free Youtube to MP3 converter downgeladet! Dies werde ich nie mehr tun!

Jetzt ist Firefox und Google Chrom ganz langsam!
Wenn ich Youtube auf Firefox lade kommt bei mir unten links beim laden

i.ytimg.com und s.ytimg.com.

Nach einer weile haben z.B. auf der Startseite bei Youtube alle Videos das gleiche Bild, erst wenn ich mit der Maus drüber fahre kommt das Originalbild!

Und wenn ich auf Facebook gehe mit Firefox oder Google Chrom kommt unten links

fbstatic-a.akamahid.net

bei Facebook! Computer ist schon einmal abgestürtzt deswegen!

Ich hatte diese PopUP Virus schon einmal, konnte sie aber mit Emsisoft entfernen!
Jetzt geht es nicht mehr!
Folgende Programme habe ich schon genutzt! Haben aber nichts gebracht!

Norton Internet Security
Avira Free Antivirus
Spybot-S&D Start Center
Wise Registry Cleaner
Eset Online Scanner
Junkware Remove Tool
Malwarebytes Anti-Malware
Malwarebytes Anti-Rootkit Beta
CCleaner
Adw Cleaner
Emsisogt Anti Malware

Ich hoffe, ihr könnt mir helfen! Nicht, dass dieser Müll meinen PC kaputt macht!
Ich habe den PC Wiederhergestellt (Neu aufgesetzt) und meine Daten selbstverständlich auf einer Festplatte gespeichert! Der PC ist also jetzt komplett leer! Keine Programme, etc.

Kann mir jemand helfen oder muss ich den PC zum reparieren bringen?
MFG!

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:

• Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
• Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
• Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
• Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
• Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
• Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:


Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

• Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
• Drücke Start Scan
  
• Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
  TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
  Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort

• die Logdatei von TDSS-Killer,
• die beiden neuen Logdateien von FRST.

OK!

Aber was ist den FRST?
Norton meldet, dass es eine Bedrohung ist!

Servus,


FRST ist ein Analysetool. Das ist eine Fehlermeldung von Norton.

Bitte FRST ausführen, ggf. Norton deaktivieren bzw. FRST das Ausführen erlauben...

FRST.txt


FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Julio (administrator) on JULIO-HP on 09-06-2015 12:15:47
Running from C:\Users\Julio\Desktop
Loaded Profiles: Julio (Available Profiles: Julio)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\JAN2OSD.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\mswinext.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11046504 2010-07-13] (Realtek Semiconductor)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP KEYBOARDx] => C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [710656 2010-02-11] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-25] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-04-25] (EasyBits Software AS)
HKLM-x32\...\Run: [Buttons & OSDs control application gen3] => c:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe [53248 2009-11-30] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [895512 2010-10-23] (PDF Complete Inc)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [730416 2015-05-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-02-17]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk [2011-02-17]
ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/12
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/12
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12
HKU\S-1-5-21-721091351-975829366-2383312893-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/12
HKU\S-1-5-21-721091351-975829366-2383312893-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-28] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-14] (Microsoft Corporation)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-14] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-02-17] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-02-17] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-02-17] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-02-17] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-02-17] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Julio\AppData\Roaming\Mozilla\Firefox\Profiles\hcvUKeDl.default
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> c:\Program Files (x86)\Virtual Earth 3D\2011-02-17 ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> c:\Program Files (x86)\Virtual Earth 3D\ [2010-08-14] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Extension: Avira Browser Safety - C:\Users\Julio\AppData\Roaming\Mozilla\Firefox\Profiles\hcvUKeDl.default\Extensions\abs@avira.com [2015-06-09]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox
FF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011-02-17]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2011-02-17]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-02-17]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [827184 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [450808 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [450808 2015-05-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1188360 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [681528 2010-08-06] (Hewlett-Packard)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-07-21] (Hewlett-Packard Company) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1121304 2010-10-23] (PDF Complete Inc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACPIService; C:\Windows\System32\DRIVERS\OSDACPI.SYS [17992 2009-06-18] ()
R3 AVerAVF2; C:\Windows\System32\DRIVERS\AVerAVF2.sys [1212416 2010-11-11] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-05-27] (Avira Operations GmbH & Co. KG)
R3 FintekCIR; C:\Windows\System32\DRIVERS\FintekCIR.sys [30248 2009-11-13] (Fintek)
R3 NW1950; C:\Windows\System32\DRIVERS\NW1950.sys [25080 2009-09-17] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 21:35 - 2015-06-09 21:36 - 00000000 ____D C:\ProgramData\Recovery
2015-06-09 12:15 - 2015-06-09 12:16 - 00018016 _____ C:\Users\Julio\Desktop\FRST.txt
2015-06-09 12:15 - 2015-06-09 12:15 - 00000000 ____D C:\FRST
2015-06-09 12:12 - 2015-06-09 12:12 - 02108928 _____ (Farbar) C:\Users\Julio\Desktop\FRST64.exe
2015-06-09 12:06 - 2015-06-09 12:06 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Mozilla
2015-06-09 12:05 - 2015-06-09 12:05 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Avira
2015-06-09 12:04 - 2015-05-27 13:11 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-09 12:04 - 2015-05-27 13:11 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-09 12:04 - 2015-05-27 13:11 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-06-09 12:04 - 2015-05-27 13:11 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-06-09 12:02 - 2015-06-09 12:02 - 00001194 _____ C:\Users\Public\Desktop\Avira.lnk
2015-06-09 12:01 - 2015-06-09 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-09 12:01 - 2015-06-09 12:04 - 00000000 ____D C:\ProgramData\Avira
2015-06-09 12:01 - 2015-06-09 12:04 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-09 12:01 - 2015-06-09 12:01 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-09 11:59 - 2015-06-09 11:59 - 04683232 _____ (Avira Operations GmbH & Co. KG) C:\Users\Julio\Desktop\avira_de_av_5576b8be758c8__ws.exe
2015-06-09 11:57 - 2015-06-09 11:57 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Julio\Desktop\tdsskiller.exe
2015-06-09 11:49 - 2015-06-09 11:49 - 00000000 ____D C:\Users\Julio\AppData\Roaming\PictureMover
2015-06-09 11:49 - 2015-06-09 11:49 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Adobe
2015-06-09 11:48 - 2015-06-09 11:48 - 00003858 _____ C:\Windows\System32\Tasks\DST
2015-06-09 11:48 - 2015-06-09 11:48 - 00000000 ____D C:\Users\Julio\Documents\Bluetooth Exchange Folder
2015-06-09 11:48 - 2015-06-09 11:48 - 00000000 ____D C:\Users\Julio\AppData\Local\PDFC
2015-06-09 11:48 - 2015-06-09 11:48 - 00000000 ____D C:\Users\Julio\AppData\Local\Broadcom
2015-06-09 11:48 - 2015-06-09 11:48 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-09 11:47 - 2015-06-09 11:47 - 00003516 _____ C:\Windows\System32\Tasks\Registration
2015-06-09 11:47 - 2015-06-09 11:47 - 00003408 _____ C:\Windows\System32\Tasks\ServicePlan
2015-06-09 11:47 - 2015-06-09 11:47 - 00001441 _____ C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-09 11:47 - 2015-06-09 11:47 - 00001407 _____ C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-06-09 11:47 - 2015-06-09 11:47 - 00000000 ____D C:\Users\Julio\AppData\Local\RemEngine
2015-06-09 11:46 - 2015-06-09 11:46 - 00062648 _____ C:\Users\Julio\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-09 11:44 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-09 11:44 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-09 11:44 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-09 11:44 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-09 11:44 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-09 11:44 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-09 11:44 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-09 11:44 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-09 11:44 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-09 11:43 - 2015-06-09 11:43 - 00000000 ____D C:\Users\Public\Symantec
2015-06-09 11:43 - 2015-06-09 11:43 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Hewlett-Packard
2015-06-09 11:43 - 2015-06-09 11:43 - 00000000 ____D C:\Users\Julio\AppData\Local\TouchSmartData
2015-06-09 11:42 - 2015-06-09 12:10 - 00000000 ____D C:\Users\Julio\AppData\Local\VirtualStore
2015-06-09 11:42 - 2015-06-09 11:48 - 00000000 ____D C:\Users\Julio\AppData\Local\Hewlett-Packard_Company
2015-06-09 11:42 - 2015-06-09 11:47 - 00000000 ____D C:\Users\Julio\AppData\Local\Hewlett-Packard
2015-06-09 11:42 - 2015-06-09 11:47 - 00000000 ____D C:\Users\Julio
2015-06-09 11:42 - 2015-06-09 11:42 - 00001787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garantie.lnk
2015-06-09 11:42 - 2015-06-09 11:42 - 00000020 ___SH C:\Users\Julio\ntuser.ini
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Vorlagen
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Startmenü
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Netzwerkumgebung
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Lokale Einstellungen
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Eigene Dateien
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Druckumgebung
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Documents\Eigene Musik
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Documents\Eigene Bilder
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\AppData\Local\Verlauf
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\AppData\Local\Anwendungsdaten
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Anwendungsdaten
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_53316J G D_TouchSmart 600_Y53316J G D_0U_Q4CH107_E4CH1075XVC DPS_4A_I2A9A_SPEGATRON CORPORATION_V1.03_6.08_T100715_WU3-0_L407_M3960_J1500_7Intel_8655_92.27_#110723_N10EC8168;18143092_(XS906EA#UUZ)_X_CD3.MRK
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_53316J G D_TouchSmart 600_Y53316J G D_0U_Q4CH107_E4CH1075XVC DPS_4A_I2A9A_SPEGATRON CORPORATION_V1.03_6.08_T100715_WU3-0_L407_M3960_J1500_7Intel_8655_92.27_#110723_N10EC8168;18143092_(XS906EA#UUZ)_X_CD3.MRK
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Benutzerhandbuch
2015-06-09 11:42 - 2011-02-17 20:03 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Macromedia
2015-06-09 11:42 - 2011-02-17 19:30 - 00001200 _____ C:\Users\Public\Desktop\HP TouchSmart.lnk
2015-06-09 11:42 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-09 11:42 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-09 11:41 - 2015-06-09 11:41 - 00003290 _____ C:\Windows\System32\Tasks\RMCreator
2015-06-09 11:40 - 2015-06-09 11:40 - 00000056 ____H C:\Windows\SysWOW64\ezsidmv.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 21:37 - 2011-02-17 19:29 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-06-09 21:36 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2015-06-09 21:36 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-06-09 12:13 - 2011-02-17 19:31 - 00729094 _____ C:\Windows\system32\perfh010.dat
2015-06-09 12:13 - 2011-02-17 19:31 - 00144976 _____ C:\Windows\system32\perfc010.dat
2015-06-09 12:13 - 2011-02-17 19:28 - 00696132 _____ C:\Windows\system32\perfh007.dat
2015-06-09 12:13 - 2011-02-17 19:28 - 00147428 _____ C:\Windows\system32\perfc007.dat
2015-06-09 12:13 - 2011-02-17 19:24 - 00734558 _____ C:\Windows\system32\perfh00C.dat
2015-06-09 12:13 - 2011-02-17 19:24 - 00147480 _____ C:\Windows\system32\perfc00C.dat
2015-06-09 12:13 - 2009-07-14 07:13 - 03367664 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-09 12:12 - 2011-02-17 19:14 - 00136870 _____ C:\Windows\WindowsUpdate.log
2015-06-09 12:11 - 2009-07-14 06:45 - 00015568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-09 12:11 - 2009-07-14 06:45 - 00015568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-09 12:09 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2015-06-09 12:08 - 2011-02-17 20:21 - 00000000 ____D C:\ProgramData\Norton
2015-06-09 12:08 - 2011-02-17 19:11 - 00589276 _____ C:\Windows\PFRO.log
2015-06-09 12:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-09 12:08 - 2009-07-14 06:51 - 00027950 _____ C:\Windows\setupact.log
2015-06-09 12:08 - 2009-07-14 06:45 - 00285592 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-09 11:47 - 2010-06-15 04:07 - 00000000 ____D C:\swsetup
2015-06-09 11:47 - 2009-08-04 23:46 - 00000000 ___HD C:\SYSTEM.SAV
2015-06-09 11:43 - 2011-02-17 19:54 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2015-06-09 11:43 - 2011-02-17 19:54 - 00000000 ___RD C:\Program Files (x86)\Online Services
2015-06-09 11:42 - 2009-07-24 21:22 - 00000000 ____D C:\Windows\Panther
2015-06-09 11:42 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-06-09 11:42 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar

Some files in TEMP:
====================
C:\Users\Julio\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2009-07-24 20:23

==================== End of log ============================
         

--- --- ---


_________________________________________________

Addition.txt

[CODE]Additional
FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Julio at 2015-06-09 12:16:29
Running from C:\Users\Julio\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-721091351-975829366-2383312893-500 - Administrator - Disabled)
Gast (S-1-5-21-721091351-975829366-2383312893-501 - Limited - Disabled)
Julio (S-1-5-21-721091351-975829366-2383312893-1000 - Administrator - Enabled) => C:\Users\Julio

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{FFB768E4-E427-4553-BC36-A11F5E62A94D}) (Version: 10.1.53.64 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Ancient Hearts (x32 Version: 2.2.0.95 - WildTangent) Hidden
AVerMedia MiniCard Hybrid TV Tuner 1.1.64.56 (HKLM-x32\...\AVerMedia MiniCard Hybrid TV Tuner) (Version: 1.1.64.56 - AVerMedia TECHNOLOGIES, Inc.)
Avira (HKLM-x32\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Azteca (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.0.2282.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 6.0.2282.0 - Microsoft Corporation) Hidden
Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth by hp (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6200 - Broadcom Corporation)
Bob the Builder Can-Do-Zoo (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-Lot - The Elizabethan Era (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.95 - WildTangent) Hidden
Buttons & OSDs control application gen3 (HKLM-x32\...\{79ECA886-C6EF-4BB3-9920-CB7906C01589}) (Version: 1.0.5.0 - Hewlett-Packard)
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Collapse Crunch (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP TouchSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4412 - Hewlett-Packard)
DVD Menu Pack for HP TouchSmart Video (x32 Version: 4.1.4412 - Hewlett-Packard) Hidden
Facebook for HP TouchSmart (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Ambient Light (HKLM\...\{20ED77CC-044F-4355-995E-681607EBE9B0}) (Version: 1.9.6.0 - Hewlett-Packard)
HP AppsCenter for TouchSmart (HKLM-x32\...\{8317485C-067B-4B5B-A2A3-9D36B7B0399E}) (Version: 4.0.0.1 - Hewlett-Packard)
HP Desktop Keyboard (HKLM-x32\...\HP Keyboard_is1) (Version: 1.0.0.13 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{161C9F46-2D15-4CC1-BDF0-B51CBD250E8D}) (Version: 1.01.023 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{802C068E-0576-4F25-8137-D54B7DB0FC5E}) (Version: 8.4.4487.3576 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12845.3522 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}) (Version: 5.1.8.12 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP TouchSmart (HKLM-x32\...\{1502291B-3C1B-4781-99F8-9D6D8C650588}) (Version: 4.0.41.0 - Hewlett-Packard)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
HP TouchSmart Browser (HKLM-x32\...\{4ACC9E9C-12D6-4A9D-8FBC-3FD469B9FD34}) (Version: 4.1.0012 - Hewlett-Packard)
HP TouchSmart Calendar (HKLM-x32\...\{297FA7DE-08E5-44A6-8F66-9E26F61F4810}) (Version: 4.1.3869.29064 - Hewlett-Packard)
HP TouchSmart Canvas (HKLM-x32\...\{909CE9B4-76A7-4C3D-A9AC-CE231B3E4B40}) (Version: 2.0.3917.26233 - Hewlett-Packard)
HP TouchSmart Clock (HKLM-x32\...\{97AA232A-58CB-41A2-A258-0593F98AB1E0}) (Version: 3.1.3881.29051 - Hewlett-Packard)
HP TouchSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4625 - Hewlett-Packard)
HP TouchSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4517 - Hewlett-Packard)
HP TouchSmart Notes (HKLM-x32\...\{1F40643A-3489-4262-B7BA-F2EC6FA0A1C8}) (Version: 4.1.3916.21107 - Hewlett-Packard)
HP TouchSmart Photo (HKLM-x32\...\InstallShield_{C9DCE03F-8CB7-4146-A99C-0612D75177EA}) (Version: 4.1.4503 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP TouchSmart RSS (HKLM-x32\...\{608D7847-39B7-4D1D-AF6D-7DCC38C77615}) (Version: 4.1.0009 - Hewlett-Packard)
HP TouchSmart Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 3.2.0.2 - Hewlett-Packard)
HP TouchSmart Twitter (HKLM-x32\...\{0581D120-6992-46FA-AAA2-42FA7EFF99C1}) (Version: 3.0.3910.29600 - Hewlett-Packard)
HP TouchSmart Video (HKLM-x32\...\InstallShield_{F04BFADD-C8CA-4C86-8F20-B1D7F4F8C66C}) (Version: 4.1.4503 - Hewlett-Packard)
HP TouchSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3303 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{FD71E2F7-B9FC-4072-88DB-AC19E2464D82}) (Version: 1.18.17.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version:  - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Theme Pack for HP TouchSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4412 - Hewlett-Packard)
Movie Theme Pack for HP TouchSmart Video (x32 Version: 4.1.4412 - Hewlett-Packard) Hidden
MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.25 - Hewlett-Packard)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - NVIDIA Corporation)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.14 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.35 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden
R.U.S.E. for TouchSmart (HKLM-x32\...\{E6753FCB-B508-4C74-9686-17032281AF38}_is1) (Version: 1.0.0.0 - Ubisoft)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version:  - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6156 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.2 - Hewlett-Packard)
Skip-Bo - Castaway Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Tropical Fish Shop - Annabel's Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

09-06-2015 12:09:48 Initial Restore Point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A2B5ECD-7243-44B6-8B29-61ABAF5A22C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2010-09-18] (Hewlett-Packard Company)
Task: {7137EDBF-37E4-45AB-B57A-2D596D6D8C7E} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-08-20] (CyberLink)
Task: {92D7E1E6-B5AA-44E5-991A-8AACACE6F610} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {AA76D5E7-7889-486C-8753-4BBA183DF9A0} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-11-17] ()
Task: {B595D127-9D23-4853-B611-39B14D1123B2} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-11-17] ()
Task: {BC1F6C1C-A514-499A-A158-6139EBFA4F02} - System32\Tasks\DST => C:\Program Files (x86)\Hewlett-Packard\Setup Manager\toaster.exe [2010-09-25] (Microsoft)
Task: {DD62C155-6EE7-44EC-B076-795CD0802B1F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-09-04] (CyberLink)

==================== Loaded Modules (Whitelisted) ==============

2011-02-17 19:54 - 2009-07-03 00:58 - 00406016 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
2015-06-09 11:49 - 2010-11-18 22:57 - 12284984 _____ () C:\Users\Julio\AppData\Roaming\PictureMover\Bin\Core.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2015-06-09 11:49 - 2010-11-18 23:07 - 01700920 _____ () C:\Users\Julio\AppData\Roaming\PictureMover\DE-CH\Presentation.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-721091351-975829366-2383312893-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A6632050-D72C-49A9-8547-B52B36829DAD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{CC5D43EE-F5A9-499B-9972-8423699640CB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Photo\HPTouchSmartPhoto.exe
FirewallRules: [{4D0ABF67-0F23-4308-A22A-5AB53F026002}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Photo\PhotoAgent.exe
FirewallRules: [{82F5B4F0-0636-41DC-9AF8-0E6E4E440C60}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\HPTouchSmartMusic.exe
FirewallRules: [{C67B7828-FBDA-432A-9910-361647ECC379}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\HPTouchSmartPhoto.exe
FirewallRules: [{A64EF2EB-82E0-4DE6-882A-07F79446A5FA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\HPTouchSmartVideo.exe
FirewallRules: [{3799F3E8-501E-4A9D-8EFD-CEE3E9C0438F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\TSMAgent.exe
FirewallRules: [{CDC0BDCE-BA30-4FB8-B568-5843FA780D3F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{C752F777-5B47-41C5-B48B-B4376409006D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [{54B9AFC7-6E9E-48DA-89D2-CD8876D6B05E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{5728CA74-CEC4-4F1B-8D41-10DCDE0B97DB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{55207B35-131F-4179-A66E-696E0F3D7603}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{98D52894-FD9D-4D75-A921-F6D666C97605}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{A33700D8-12FB-424C-81A5-D560483E677B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{982E54D7-ABD3-4A21-8052-A2ECE5AF8702}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{BE19821E-D1BC-41A1-9482-605F2AD85633}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe
FirewallRules: [{E21D7632-FB94-471D-99C7-D6CCE15A837E}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe
FirewallRules: [{BF4F4206-AC62-4C51-9CBA-EAFAEA2D750B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{A97B0722-9ADE-48AA-BC8A-CF7CFE91F79B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{5F8DC015-06B2-45F1-8890-7269468B7508}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{0FF622A7-E2F7-4A68-984D-DA7C4D545E25}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{8D7B523B-21C6-4C28-B04F-5F4526F14B7D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A4589FD6-84D4-4E6D-B3D8-8B57DE72D5FE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E4634759-CF5E-4FA8-B621-08FFD5E64974}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F6CC8EB7-0764-4D50-B273-139212D6912E}] => (Allow) LPort=2869
FirewallRules: [{02B7CD84-ADFE-497B-80DE-1F6AD3D7CBE1}] => (Allow) LPort=1900
FirewallRules: [{43D8FE0E-A586-4761-AA0C-7B27459C281B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)


System errors:
=============

Microsoft Office:
=========================
Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 37%
Total physical RAM: 3959.11 MB
Available physical RAM: 2469.13 MB
Total Pagefile: 7916.37 MB
Available Pagefile: 6018.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1371.98 GB) (Free:1329.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:25.19 GB) (Free:3.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: E74450F4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1372 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.2 GB) - (Type=07 NTFS)

==================== End of log ============================
         

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

12:36:15.0064 0x1658  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:36:31.0874 0x1658  ============================================================
12:36:31.0874 0x1658  Current date / time: 2015/06/09 12:36:31.0874
12:36:31.0874 0x1658  SystemInfo:
12:36:31.0874 0x1658  
12:36:31.0874 0x1658  OS Version: 6.1.7600 ServicePack: 0.0
12:36:31.0874 0x1658  Product type: Workstation
12:36:31.0874 0x1658  ComputerName: JULIO-HP
12:36:31.0874 0x1658  UserName: Julio
12:36:31.0874 0x1658  Windows directory: C:\Windows
12:36:31.0874 0x1658  System windows directory: C:\Windows
12:36:31.0874 0x1658  Running under WOW64
12:36:31.0874 0x1658  Processor architecture: Intel x64
12:36:31.0874 0x1658  Number of processors: 4
12:36:31.0874 0x1658  Page size: 0x1000
12:36:31.0874 0x1658  Boot type: Normal boot
12:36:31.0874 0x1658  ============================================================
12:36:32.0139 0x1658  KLMD registered as C:\Windows\system32\drivers\69355082.sys
12:36:32.0420 0x1658  System UUID: {60991729-5C0A-F9A3-EB6D-A7011128496C}
12:36:32.0904 0x1658  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:36:32.0919 0x1658  ============================================================
12:36:32.0919 0x1658  \Device\Harddisk0\DR0:
12:36:32.0919 0x1658  MBR partitions:
12:36:32.0919 0x1658  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:36:32.0919 0x1658  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAB7F4800
12:36:32.0919 0x1658  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAB827000, BlocksNum 0x3260000
12:36:32.0919 0x1658  ============================================================
12:36:32.0950 0x1658  C: <-> \Device\Harddisk0\DR0\Partition2
12:36:33.0013 0x1658  D: <-> \Device\Harddisk0\DR0\Partition3
12:36:33.0013 0x1658  ============================================================
12:36:33.0013 0x1658  Initialize success
12:36:33.0013 0x1658  ============================================================
12:37:20.0484 0x14c8  ============================================================
12:37:20.0484 0x14c8  Scan started
12:37:20.0484 0x14c8  Mode: Manual; SigCheck; TDLFS; 
12:37:20.0484 0x14c8  ============================================================
12:37:20.0484 0x14c8  KSN ping started
12:37:33.0884 0x14c8  KSN ping finished: true
12:37:34.0960 0x14c8  ================ Scan system memory ========================
12:37:34.0960 0x14c8  System memory - ok
12:37:34.0960 0x14c8  ================ Scan services =============================
12:37:35.0413 0x14c8  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
12:37:35.0506 0x14c8  1394ohci - ok
12:37:35.0538 0x14c8  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
12:37:35.0569 0x14c8  ACPI - ok
12:37:35.0569 0x14c8  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
12:37:35.0584 0x14c8  AcpiPmi - ok
12:37:35.0616 0x14c8  [ DE7E8D852A806BE6091983838BF9697F, DE49EAB730D19807C1C3F4D9C1D475227DF3E6A173798A39CD408C54D2DAFC0C ] ACPIService     C:\Windows\system32\DRIVERS\OSDACPI.SYS
12:37:35.0647 0x14c8  ACPIService - ok
12:37:35.0694 0x14c8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:37:35.0709 0x14c8  adp94xx - ok
12:37:35.0756 0x14c8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:37:35.0772 0x14c8  adpahci - ok
12:37:35.0787 0x14c8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:37:35.0803 0x14c8  adpu320 - ok
12:37:35.0834 0x14c8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:37:35.0896 0x14c8  AeLookupSvc - ok
12:37:35.0990 0x14c8  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
12:37:36.0006 0x14c8  AERTFilters - ok
12:37:36.0052 0x14c8  [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD             C:\Windows\system32\drivers\afd.sys
12:37:36.0115 0x14c8  AFD - ok
12:37:36.0130 0x14c8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
12:37:36.0130 0x14c8  agp440 - ok
12:37:36.0146 0x14c8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:37:36.0162 0x14c8  ALG - ok
12:37:36.0162 0x14c8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
12:37:36.0177 0x14c8  aliide - ok
12:37:36.0177 0x14c8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
12:37:36.0193 0x14c8  amdide - ok
12:37:36.0193 0x14c8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:37:36.0208 0x14c8  AmdK8 - ok
12:37:36.0208 0x14c8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:37:36.0224 0x14c8  AmdPPM - ok
12:37:36.0286 0x14c8  [ AB3166C09438A161FBDE13099A72E0AF, ED1F2AB0FC72514E104C23029D1DDCB579058A0D3968B75B1C800A6F2D49BC9F ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
12:37:36.0302 0x14c8  amdsata - ok
12:37:36.0333 0x14c8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:37:36.0349 0x14c8  amdsbs - ok
12:37:36.0349 0x14c8  [ 5118DCD2065D8C8D752AD5EC0B2D6AA6, 41BDDBB152769819A24EF08C334F13F75016D7572BB6FEBA8AE9A65BA0AAAD50 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
12:37:36.0364 0x14c8  amdxata - ok
12:37:36.0598 0x14c8  [ 3358CAD1887DDDDD2A36B7796B579292, 40BA1A836276C2AA78914F294661C3C918F2D6DFAA9D6EF3FEB6D1EE3B07F584 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
12:37:36.0645 0x14c8  AntiVirMailService - ok
12:37:36.0692 0x14c8  [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
12:37:36.0708 0x14c8  AntiVirSchedulerService - ok
12:37:36.0739 0x14c8  [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
12:37:36.0754 0x14c8  AntiVirService - ok
12:37:36.0801 0x14c8  [ 6FD5165364D88FDABE4FA59E1768376F, B82D11E6FCC297F822E29A49D46C9985955C9F5676D107A397B00D0468F93504 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
12:37:36.0848 0x14c8  AntiVirWebService - ok
12:37:36.0848 0x14c8  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
12:37:36.0864 0x14c8  AppID - ok
12:37:36.0895 0x14c8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:37:36.0926 0x14c8  AppIDSvc - ok
12:37:36.0942 0x14c8  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
12:37:36.0973 0x14c8  Appinfo - ok
12:37:36.0988 0x14c8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:37:36.0988 0x14c8  arc - ok
12:37:37.0004 0x14c8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:37:37.0020 0x14c8  arcsas - ok
12:37:37.0238 0x14c8  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:37:37.0254 0x14c8  aspnet_state - ok
12:37:37.0254 0x14c8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:37:37.0316 0x14c8  AsyncMac - ok
12:37:37.0316 0x14c8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
12:37:37.0332 0x14c8  atapi - ok
12:37:37.0378 0x14c8  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:37:37.0441 0x14c8  AudioEndpointBuilder - ok
12:37:37.0472 0x14c8  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:37:37.0534 0x14c8  AudioSrv - ok
12:37:37.0612 0x14c8  [ 086CBBB45324D56AA7239046CD86149A, 602A5F993ED0D80B521BBE8343C8ABF1D6002268E20F2C62BE7EDE54A181B207 ] AVerAVF2        C:\Windows\system32\DRIVERS\AVerAVF2.sys
12:37:37.0659 0x14c8  AVerAVF2 - ok
12:37:37.0722 0x14c8  [ CC1ABBD9E61B7AA5CCBB45EA87CB033F, 4E5DE485833721E19B36455C017B9D908BAA7D12637A878934A0FAF2326E000B ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
12:37:37.0737 0x14c8  avgntflt - ok
12:37:37.0753 0x14c8  [ 07C8454D3A94BA478752FAFA2B94E0FE, EB19396D4A6D51D6C33ED55C8EF0259045801D39CCE2945931F9163D6006C133 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
12:37:37.0753 0x14c8  avipbb - ok
12:37:37.0815 0x14c8  [ 8884C9DDA76D76BADFD390B33D1DE70D, 0C7EE611C6E8255A280F1C13F7BFE493679E78D05986FB47BF5EF799637F6584 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
12:37:37.0846 0x14c8  Avira.ServiceHost - ok
12:37:37.0846 0x14c8  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
12:37:37.0862 0x14c8  avkmgr - ok
12:37:37.0862 0x14c8  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
12:37:37.0878 0x14c8  avnetflt - ok
12:37:37.0893 0x14c8  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:37:37.0909 0x14c8  AxInstSV - ok
12:37:37.0940 0x14c8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:37:37.0971 0x14c8  b06bdrv - ok
12:37:37.0987 0x14c8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:37:38.0002 0x14c8  b57nd60a - ok
12:37:38.0018 0x14c8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:37:38.0034 0x14c8  BDESVC - ok
12:37:38.0049 0x14c8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:37:38.0096 0x14c8  Beep - ok
12:37:38.0112 0x14c8  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
12:37:38.0190 0x14c8  BFE - ok
12:37:38.0236 0x14c8  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll
12:37:38.0314 0x14c8  BITS - ok
12:37:38.0330 0x14c8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:37:38.0346 0x14c8  blbdrive - ok
12:37:38.0346 0x14c8  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:37:38.0392 0x14c8  bowser - ok
12:37:38.0392 0x14c8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:37:38.0408 0x14c8  BrFiltLo - ok
12:37:38.0424 0x14c8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:37:38.0439 0x14c8  BrFiltUp - ok
12:37:38.0455 0x14c8  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll
12:37:38.0502 0x14c8  Browser - ok
12:37:38.0517 0x14c8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:37:38.0533 0x14c8  Brserid - ok
12:37:38.0533 0x14c8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:37:38.0548 0x14c8  BrSerWdm - ok
12:37:38.0564 0x14c8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:37:38.0580 0x14c8  BrUsbMdm - ok
12:37:38.0580 0x14c8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:37:38.0595 0x14c8  BrUsbSer - ok
12:37:38.0611 0x14c8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
12:37:38.0626 0x14c8  BthEnum - ok
12:37:38.0626 0x14c8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:37:38.0642 0x14c8  BTHMODEM - ok
12:37:38.0658 0x14c8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:37:38.0673 0x14c8  BthPan - ok
12:37:38.0704 0x14c8  [ A51FA9D0E85D5ADABEF72E67F386309C, 4F6F44D5E3A43239B50BCA75CBAA48FE40097E2AFF9360E1956F41ED52BD8183 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
12:37:38.0736 0x14c8  BTHPORT - ok
12:37:38.0736 0x14c8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:37:38.0782 0x14c8  bthserv - ok
12:37:38.0798 0x14c8  [ F740B9A16B2C06700F2130E19986BF3B, 92158FD1B3706DE068F077ACA9A25F5479EF282E8B81F5A2FF8A66CBB5F80FCF ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
12:37:38.0814 0x14c8  BTHUSB - ok
12:37:38.0860 0x14c8  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
12:37:38.0876 0x14c8  btwampfl - ok
12:37:38.0876 0x14c8  [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
12:37:38.0892 0x14c8  btwaudio - ok
12:37:38.0892 0x14c8  [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
12:37:38.0907 0x14c8  btwavdt - ok
12:37:39.0016 0x14c8  [ 6A667ADAD3C2151131E6A478850762BE, 3A98BFB7E201EBDB55CB7C7332CF7C3D876BE03910FDA24F1146F8AAE4C39DD8 ] btwdins         c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:37:39.0048 0x14c8  btwdins - ok
12:37:39.0063 0x14c8  [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
12:37:39.0079 0x14c8  btwl2cap - ok
12:37:39.0079 0x14c8  [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
12:37:39.0094 0x14c8  btwrchid - ok
12:37:39.0188 0x14c8  [ C2600EA81C3E0A9B55FD91A55FDB2307, 1DB65E10E95D2A3C81BD87A743C363CC1262D68834AF2E950DDC8E05B33A522C ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
12:37:39.0204 0x14c8  CalendarSynchService - detected UnsignedFile.Multi.Generic ( 1 )
12:37:44.0430 0x14c8  Detect skipped due to KSN trusted
12:37:44.0430 0x14c8  CalendarSynchService - ok
12:37:44.0445 0x14c8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:37:44.0508 0x14c8  cdfs - ok
12:37:44.0539 0x14c8  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:37:44.0554 0x14c8  cdrom - ok
12:37:44.0586 0x14c8  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:37:44.0648 0x14c8  CertPropSvc - ok
12:37:44.0664 0x14c8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:37:44.0679 0x14c8  circlass - ok
12:37:44.0710 0x14c8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:37:44.0726 0x14c8  CLFS - ok
12:37:44.0835 0x14c8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:37:44.0851 0x14c8  clr_optimization_v2.0.50727_32 - ok
12:37:44.0944 0x14c8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:37:44.0960 0x14c8  clr_optimization_v2.0.50727_64 - ok
12:37:45.0147 0x14c8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:37:45.0163 0x14c8  clr_optimization_v4.0.30319_32 - ok
12:37:45.0194 0x14c8  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:37:45.0210 0x14c8  clr_optimization_v4.0.30319_64 - ok
12:37:45.0241 0x14c8  [ D68D9F4D53010B7E84D4E80A2E485554, B39D7F5737BE7C8EF6BC33595FE4538A90374E148B39BDC618163CBC30719883 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
12:37:45.0256 0x14c8  clwvd - ok
12:37:45.0256 0x14c8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:37:45.0272 0x14c8  CmBatt - ok
12:37:45.0288 0x14c8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
12:37:45.0288 0x14c8  cmdide - ok
12:37:45.0303 0x14c8  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG             C:\Windows\system32\Drivers\cng.sys
12:37:45.0334 0x14c8  CNG - ok
12:37:45.0334 0x14c8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:37:45.0350 0x14c8  Compbatt - ok
12:37:45.0350 0x14c8  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:37:45.0366 0x14c8  CompositeBus - ok
12:37:45.0381 0x14c8  COMSysApp - ok
12:37:45.0381 0x14c8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:37:45.0397 0x14c8  crcdisk - ok
12:37:45.0428 0x14c8  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:37:45.0459 0x14c8  CryptSvc - ok
12:37:45.0522 0x14c8  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:37:45.0584 0x14c8  DcomLaunch - ok
12:37:45.0615 0x14c8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:37:45.0678 0x14c8  defragsvc - ok
12:37:45.0678 0x14c8  [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:37:45.0724 0x14c8  DfsC - ok
12:37:45.0756 0x14c8  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:37:45.0787 0x14c8  Dhcp - ok
12:37:45.0787 0x14c8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:37:45.0834 0x14c8  discache - ok
12:37:45.0865 0x14c8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:37:45.0865 0x14c8  Disk - ok
12:37:45.0912 0x14c8  [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:37:45.0958 0x14c8  Dnscache - ok
12:37:45.0974 0x14c8  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:37:46.0021 0x14c8  dot3svc - ok
12:37:46.0021 0x14c8  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
12:37:46.0068 0x14c8  DPS - ok
12:37:46.0083 0x14c8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:37:46.0099 0x14c8  drmkaud - ok
12:37:46.0146 0x14c8  [ EBCE0B0924835F635F620D19F0529DCE, 15BF803765373264390879FCA86C6D89C92DAFD0B1A36DEFA78EF01EBA2F9C26 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:37:46.0177 0x14c8  DXGKrnl - ok
12:37:46.0224 0x14c8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:37:46.0286 0x14c8  EapHost - ok
12:37:46.0426 0x14c8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:37:46.0536 0x14c8  ebdrv - ok
12:37:46.0582 0x14c8  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
12:37:46.0598 0x14c8  EFS - ok
12:37:46.0707 0x14c8  [ 3D69FAE60EDE442E004611A4EE4DB44C, 480D3F7604C9A70570BBFFF3CA0FABA216805BB38D4F8A73BB50996B547D8017 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:37:46.0754 0x14c8  ehRecvr - ok
12:37:46.0770 0x14c8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:37:46.0785 0x14c8  ehSched - ok
12:37:46.0801 0x14c8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:37:46.0832 0x14c8  elxstor - ok
12:37:46.0832 0x14c8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
12:37:46.0848 0x14c8  ErrDev - ok
12:37:46.0894 0x14c8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:37:46.0941 0x14c8  EventSystem - ok
12:37:46.0957 0x14c8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:37:47.0004 0x14c8  exfat - ok
12:37:47.0004 0x14c8  ezSharedSvc - ok
12:37:47.0019 0x14c8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:37:47.0066 0x14c8  fastfat - ok
12:37:47.0097 0x14c8  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
12:37:47.0128 0x14c8  Fax - ok
12:37:47.0144 0x14c8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:37:47.0144 0x14c8  fdc - ok
12:37:47.0175 0x14c8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:37:47.0222 0x14c8  fdPHost - ok
12:37:47.0222 0x14c8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:37:47.0269 0x14c8  FDResPub - ok
12:37:47.0269 0x14c8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:37:47.0284 0x14c8  FileInfo - ok
12:37:47.0284 0x14c8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:37:47.0331 0x14c8  Filetrace - ok
12:37:47.0362 0x14c8  [ 35DAAD359197828D3CF3965764F5D82C, 03EFC98BCDBB568FDDE9FD0BAD604AEF2FFFA91484EBAEEA25CEA8BE0B72913C ] FintekCIR       C:\Windows\system32\DRIVERS\FintekCIR.sys
12:37:47.0362 0x14c8  FintekCIR - ok
12:37:47.0378 0x14c8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:37:47.0394 0x14c8  flpydisk - ok
12:37:47.0409 0x14c8  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:37:47.0425 0x14c8  FltMgr - ok
12:37:47.0472 0x14c8  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache       C:\Windows\system32\FntCache.dll
12:37:47.0550 0x14c8  FontCache - ok
12:37:47.0596 0x14c8  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:37:47.0596 0x14c8  FontCache3.0.0.0 - ok
12:37:47.0612 0x14c8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:37:47.0628 0x14c8  FsDepends - ok
12:37:47.0628 0x14c8  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:37:47.0643 0x14c8  Fs_Rec - ok
12:37:47.0643 0x14c8  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:37:47.0659 0x14c8  fvevol - ok
12:37:47.0690 0x14c8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:37:47.0690 0x14c8  gagp30kx - ok
12:37:47.0908 0x14c8  [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
12:37:47.0924 0x14c8  GameConsoleService - ok
12:37:48.0002 0x14c8  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:37:48.0033 0x14c8  gpsvc - ok
12:37:48.0049 0x14c8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:37:48.0064 0x14c8  hcw85cir - ok
12:37:48.0080 0x14c8  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:37:48.0111 0x14c8  HdAudAddService - ok
12:37:48.0127 0x14c8  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:37:48.0142 0x14c8  HDAudBus - ok
12:37:48.0189 0x14c8  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
12:37:48.0205 0x14c8  HECIx64 - ok
12:37:48.0205 0x14c8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:37:48.0220 0x14c8  HidBatt - ok
12:37:48.0220 0x14c8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:37:48.0236 0x14c8  HidBth - ok
12:37:48.0252 0x14c8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:37:48.0267 0x14c8  HidIr - ok
12:37:48.0298 0x14c8  [ AC0E56C858B86732420A44827B7CE2C9, 97E7A97C014456D9C3F330CDBDC28EA9E52BEF5533E632B41D37A81BADA09D66 ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
12:37:48.0298 0x14c8  hidkmdf - ok
12:37:48.0314 0x14c8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:37:48.0361 0x14c8  hidserv - ok
12:37:48.0361 0x14c8  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:37:48.0376 0x14c8  HidUsb - ok
12:37:48.0408 0x14c8  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:37:48.0454 0x14c8  hkmsvc - ok
12:37:48.0486 0x14c8  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:37:48.0501 0x14c8  HomeGroupListener - ok
12:37:48.0517 0x14c8  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:37:48.0532 0x14c8  HomeGroupProvider - ok
12:37:48.0579 0x14c8  [ 37965381364B2E106E1DD7D74CDCAA43, 94C30FA88140E802A549549856145824122F138C2697301CDCAAEEEEA3858E12 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
12:37:48.0595 0x14c8  HP Health Check Service - ok
12:37:48.0657 0x14c8  [ DA075126F867727810EE9B98B3041C4C, 3298D7FDB79C64DE73B8C4309E3997311DD50BBF3FF5BE4C6800EF22AB491EEE ] HPAuto          C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
12:37:48.0688 0x14c8  HPAuto - ok
12:37:48.0720 0x14c8  [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
12:37:48.0735 0x14c8  HPClientSvc - ok
12:37:48.0766 0x14c8  [ A48A151D3FA7CB032A51453F087221C7, A74EFC7DC4F75BF29C9B459DCDF4D04F13F868D3D10F8D73606A5F03811170CA ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
12:37:48.0782 0x14c8  HPDrvMntSvc.exe - ok
12:37:48.0813 0x14c8  [ 71BD8A611E0677175D3938C9CEA7339A, 40A67671D231DAD8E9AEB5E38BCB8389192B373FD02ACCF960E9F287E1D8C9AD ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
12:37:48.0844 0x14c8  hpqwmiex - ok
12:37:48.0844 0x14c8  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
12:37:48.0860 0x14c8  HpSAMD - ok
12:37:48.0876 0x14c8  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:37:48.0954 0x14c8  HTTP - ok
12:37:48.0954 0x14c8  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:37:48.0954 0x14c8  hwpolicy - ok
12:37:48.0969 0x14c8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:37:48.0985 0x14c8  i8042prt - ok
12:37:49.0016 0x14c8  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
12:37:49.0032 0x14c8  iaStor - ok
12:37:49.0047 0x14c8  [ 513DC087CFED7D2BB82F005385D3531F, 8ABEABCA28C1701A70261122D00CF550F845A43414A71885E301124F9F215351 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
12:37:49.0063 0x14c8  iaStorV - ok
12:37:49.0110 0x14c8  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:37:49.0141 0x14c8  idsvc - ok
12:37:49.0156 0x14c8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:37:49.0156 0x14c8  iirsp - ok
12:37:49.0203 0x14c8  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
12:37:49.0266 0x14c8  IKEEXT - ok
12:37:49.0406 0x14c8  [ CB5FD9B681AD43B560490B5283DDC1C1, 359F4ACE7BE0FD6BF710AD1EEA48ED3F9E4A97A2B8318EC5616E34449D0C774F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:37:49.0468 0x14c8  IntcAzAudAddService - ok
12:37:49.0484 0x14c8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
12:37:49.0484 0x14c8  intelide - ok
12:37:49.0500 0x14c8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:37:49.0515 0x14c8  intelppm - ok
12:37:49.0546 0x14c8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:37:49.0593 0x14c8  IPBusEnum - ok
12:37:49.0593 0x14c8  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:37:49.0640 0x14c8  IpFilterDriver - ok
12:37:49.0656 0x14c8  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:37:49.0718 0x14c8  iphlpsvc - ok
12:37:49.0718 0x14c8  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
12:37:49.0734 0x14c8  IPMIDRV - ok
12:37:49.0749 0x14c8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:37:49.0796 0x14c8  IPNAT - ok
12:37:49.0796 0x14c8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:37:49.0812 0x14c8  IRENUM - ok
12:37:49.0812 0x14c8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
12:37:49.0827 0x14c8  isapnp - ok
12:37:49.0843 0x14c8  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
12:37:49.0858 0x14c8  iScsiPrt - ok
12:37:49.0874 0x14c8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:37:49.0890 0x14c8  kbdclass - ok
12:37:49.0890 0x14c8  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:37:49.0905 0x14c8  kbdhid - ok
12:37:49.0921 0x14c8  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
12:37:49.0936 0x14c8  KeyIso - ok
12:37:49.0952 0x14c8  [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:37:49.0952 0x14c8  KSecDD - ok
12:37:49.0983 0x14c8  [ A8C63880EF6F4D3FEC7B616B9C060215, 036AE3ABBF991F5748C5C46E1DF62FBBC832BCDBF8C1B6E3C22A22A3703BBBCA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:37:49.0983 0x14c8  KSecPkg - ok
12:37:49.0999 0x14c8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:37:50.0030 0x14c8  ksthunk - ok
12:37:50.0092 0x14c8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:37:50.0186 0x14c8  KtmRm - ok
12:37:50.0202 0x14c8  [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:37:50.0248 0x14c8  LanmanServer - ok
12:37:50.0264 0x14c8  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:37:50.0311 0x14c8  LanmanWorkstation - ok
12:37:50.0389 0x14c8  [ B1E1C8BB1392537E4D415FCDCB93B1D3, 8F47F88743C1FA0CD9EABF712BD42FDAE04BEFD8568A5BD74CA3146AA975D08E ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:37:50.0404 0x14c8  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
12:37:52.0807 0x14c8  Detect skipped due to KSN trusted
12:37:52.0807 0x14c8  LightScribeService - ok
12:37:52.0822 0x14c8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:37:52.0869 0x14c8  lltdio - ok
12:37:52.0900 0x14c8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:37:52.0963 0x14c8  lltdsvc - ok
12:37:52.0963 0x14c8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:37:53.0010 0x14c8  lmhosts - ok
12:37:53.0072 0x14c8  [ E38775922D4A4C05B5D96733AB4CE169, 92888BF351C4249C81189CA7F25419077017DD2F1F88FD91D1F4A51CEBF98A62 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:37:53.0088 0x14c8  LMS - ok
12:37:53.0103 0x14c8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:37:53.0119 0x14c8  LSI_FC - ok
12:37:53.0134 0x14c8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:37:53.0150 0x14c8  LSI_SAS - ok
12:37:53.0150 0x14c8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:37:53.0166 0x14c8  LSI_SAS2 - ok
12:37:53.0166 0x14c8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:37:53.0181 0x14c8  LSI_SCSI - ok
12:37:53.0181 0x14c8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:37:53.0228 0x14c8  luafv - ok
12:37:53.0244 0x14c8  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:37:53.0259 0x14c8  Mcx2Svc - ok
12:37:53.0259 0x14c8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:37:53.0275 0x14c8  megasas - ok
12:37:53.0275 0x14c8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:37:53.0290 0x14c8  MegaSR - ok
12:37:53.0337 0x14c8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:37:53.0384 0x14c8  MMCSS - ok
12:37:53.0384 0x14c8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:37:53.0431 0x14c8  Modem - ok
12:37:53.0431 0x14c8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:37:53.0446 0x14c8  monitor - ok
12:37:53.0462 0x14c8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:37:53.0462 0x14c8  mouclass - ok
12:37:53.0478 0x14c8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:37:53.0493 0x14c8  mouhid - ok
12:37:53.0493 0x14c8  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:37:53.0509 0x14c8  mountmgr - ok
12:37:53.0524 0x14c8  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
12:37:53.0524 0x14c8  mpio - ok
12:37:53.0540 0x14c8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:37:53.0587 0x14c8  mpsdrv - ok
12:37:53.0634 0x14c8  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:37:53.0696 0x14c8  MpsSvc - ok
12:37:53.0712 0x14c8  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:37:53.0727 0x14c8  MRxDAV - ok
12:37:53.0743 0x14c8  [ 767A4C3BCF9410C286CED15A2DB17108, D9EA9EF7D4048081B132B804E0AE5A60A58FA6B25B7F5B87D5D7E354B2D94C79 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:37:53.0758 0x14c8  mrxsmb - ok
12:37:53.0774 0x14c8  [ 920EE0FF995FCFDEB08C41605A959E1C, 977195011912166F7C7E209D90B973E3F507B5297504AF9B6797FA8D1051534C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:37:53.0790 0x14c8  mrxsmb10 - ok
12:37:53.0790 0x14c8  [ 740D7EA9D72C981510A5292CF6ADC941, C55C2F73410C008F829D194EF072721A8D7945BCC48458982D2409761908E7AE ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:37:53.0805 0x14c8  mrxsmb20 - ok
12:37:53.0821 0x14c8  [ 2BA4FF3D5EB68587DD662A896F649C7D, E7262683BC370A279C33D0B83F7CE445E51584F0CF3DDA5FBB1C808265CDDB30 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
12:37:53.0821 0x14c8  msahci - ok
12:37:53.0836 0x14c8  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
12:37:53.0852 0x14c8  msdsm - ok
12:37:53.0868 0x14c8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:37:53.0883 0x14c8  MSDTC - ok
12:37:53.0899 0x14c8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:37:53.0930 0x14c8  Msfs - ok
12:37:53.0946 0x14c8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:37:53.0977 0x14c8  mshidkmdf - ok
12:37:53.0992 0x14c8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
12:37:53.0992 0x14c8  msisadrv - ok
12:37:54.0008 0x14c8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:37:54.0055 0x14c8  MSiSCSI - ok
12:37:54.0070 0x14c8  msiserver - ok
12:37:54.0070 0x14c8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:37:54.0102 0x14c8  MSKSSRV - ok
12:37:54.0117 0x14c8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:37:54.0148 0x14c8  MSPCLOCK - ok
12:37:54.0148 0x14c8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:37:54.0195 0x14c8  MSPQM - ok
12:37:54.0211 0x14c8  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:37:54.0226 0x14c8  MsRPC - ok
12:37:54.0226 0x14c8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:37:54.0242 0x14c8  mssmbios - ok
12:37:54.0242 0x14c8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:37:54.0289 0x14c8  MSTEE - ok
12:37:54.0289 0x14c8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:37:54.0304 0x14c8  MTConfig - ok
12:37:54.0304 0x14c8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:37:54.0320 0x14c8  Mup - ok
12:37:54.0336 0x14c8  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
12:37:54.0398 0x14c8  napagent - ok
12:37:54.0414 0x14c8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:37:54.0445 0x14c8  NativeWifiP - ok
12:37:54.0476 0x14c8  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:37:54.0507 0x14c8  NDIS - ok
12:37:54.0523 0x14c8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:37:54.0554 0x14c8  NdisCap - ok
12:37:54.0570 0x14c8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:37:54.0601 0x14c8  NdisTapi - ok
12:37:54.0616 0x14c8  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:37:54.0663 0x14c8  Ndisuio - ok
12:37:54.0663 0x14c8  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:37:54.0710 0x14c8  NdisWan - ok
12:37:54.0710 0x14c8  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:37:54.0757 0x14c8  NDProxy - ok
12:37:54.0757 0x14c8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:37:54.0804 0x14c8  NetBIOS - ok
12:37:54.0819 0x14c8  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:37:54.0866 0x14c8  NetBT - ok
12:37:54.0866 0x14c8  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
12:37:54.0882 0x14c8  Netlogon - ok
12:37:54.0913 0x14c8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:37:54.0960 0x14c8  Netman - ok
12:37:55.0006 0x14c8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:37:55.0006 0x14c8  NetMsmqActivator - ok
12:37:55.0022 0x14c8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:37:55.0038 0x14c8  NetPipeActivator - ok
12:37:55.0053 0x14c8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:37:55.0100 0x14c8  netprofm - ok
12:37:55.0194 0x14c8  [ 1982B291DF9833FB3ADC397EBD310A18, 09E97EE548218558625A49AC88BF761153E15F6F429DDCEE6B184590BAE6BC0A ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
12:37:55.0256 0x14c8  netr28x - ok
12:37:55.0272 0x14c8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:37:55.0272 0x14c8  NetTcpActivator - ok
12:37:55.0287 0x14c8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:37:55.0287 0x14c8  NetTcpPortSharing - ok
12:37:55.0303 0x14c8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:37:55.0318 0x14c8  nfrd960 - ok
12:37:55.0350 0x14c8  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:37:55.0396 0x14c8  NlaSvc - ok
12:37:55.0552 0x14c8  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
12:37:55.0646 0x14c8  NOBU - ok
12:37:55.0646 0x14c8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:37:55.0693 0x14c8  Npfs - ok
12:37:55.0708 0x14c8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:37:55.0755 0x14c8  nsi - ok
12:37:55.0755 0x14c8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:37:55.0802 0x14c8  nsiproxy - ok
12:37:55.0849 0x14c8  [ 1AD8FEF2D6AC7116B68B887A9782FD33, C3C584AA1B927AF775CCE4C5D95837535479EF2CA019393C7226FA5D2E854E26 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:37:55.0911 0x14c8  Ntfs - ok
12:37:55.0911 0x14c8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:37:55.0958 0x14c8  Null - ok
12:37:56.0364 0x14c8  [ 2218C0F9D4C694460340F2F8ADCCC9C0, 21F27ACD79A00C5E135B9107E3543047A002DBE3B01ADF24F83360BE3C962213 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:37:56.0676 0x14c8  nvlddmkm - ok
12:37:56.0707 0x14c8  [ DEAB10231CBDB0881FC25428EBE11506, 3FF30FD757B70B79F4D49298DD5A594787229E577B9AEED0EBF561470FDFB998 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
12:37:56.0722 0x14c8  nvraid - ok
12:37:56.0738 0x14c8  [ 0AF7B8136794E23E87BE138992880E64, F7C5E192563DB7716E5594931CB1E0497A8819A86F29633654A659793F5294A8 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
12:37:56.0738 0x14c8  nvstor - ok
12:37:56.0769 0x14c8  [ 5218967E54DBC9CB4AAEA53247A0F275, ED6B79623CD024C795DA14EBCDE0E8CC9EA2ACA5F0927D734E02612788A3CEE8 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:37:56.0785 0x14c8  nvsvc - ok
12:37:56.0800 0x14c8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
12:37:56.0816 0x14c8  nv_agp - ok
12:37:56.0832 0x14c8  [ 1490B742E560E337AC6D2F80CE9FE14B, DD12429EA600F882D6A92B8830049A37BA0273F6DB9A924F82489B84173E5523 ] NW1950          C:\Windows\system32\DRIVERS\NW1950.sys
12:37:56.0832 0x14c8  NW1950 - ok
12:37:56.0847 0x14c8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
12:37:56.0863 0x14c8  ohci1394 - ok
12:37:56.0894 0x14c8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:37:56.0910 0x14c8  p2pimsvc - ok
12:37:56.0925 0x14c8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:37:56.0956 0x14c8  p2psvc - ok
12:37:56.0972 0x14c8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:37:56.0988 0x14c8  Parport - ok
12:37:56.0988 0x14c8  [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:37:57.0003 0x14c8  partmgr - ok
12:37:57.0003 0x14c8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:37:57.0034 0x14c8  PcaSvc - ok
12:37:57.0034 0x14c8  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
12:37:57.0050 0x14c8  pci - ok
12:37:57.0050 0x14c8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
12:37:57.0066 0x14c8  pciide - ok
12:37:57.0081 0x14c8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:37:57.0097 0x14c8  pcmcia - ok
12:37:57.0097 0x14c8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:37:57.0112 0x14c8  pcw - ok
12:37:57.0128 0x14c8  pdfcDispatcher - ok
12:37:57.0175 0x14c8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:37:57.0237 0x14c8  PEAUTH - ok
12:37:57.0518 0x14c8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:37:57.0549 0x14c8  PerfHost - ok
12:37:57.0627 0x14c8  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
12:37:57.0705 0x14c8  pla - ok
12:37:57.0736 0x14c8  [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:37:57.0799 0x14c8  PlugPlay - ok
12:37:57.0814 0x14c8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:37:57.0830 0x14c8  PNRPAutoReg - ok
12:37:57.0830 0x14c8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:37:57.0861 0x14c8  PNRPsvc - ok
12:37:57.0924 0x14c8  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:37:57.0970 0x14c8  PolicyAgent - ok
12:37:57.0986 0x14c8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:37:58.0033 0x14c8  Power - ok
12:37:58.0048 0x14c8  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:37:58.0095 0x14c8  PptpMiniport - ok
12:37:58.0111 0x14c8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:37:58.0126 0x14c8  Processor - ok
12:37:58.0142 0x14c8  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll
12:37:58.0189 0x14c8  ProfSvc - ok
12:37:58.0204 0x14c8  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:37:58.0220 0x14c8  ProtectedStorage - ok
12:37:58.0236 0x14c8  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:37:58.0267 0x14c8  Psched - ok
12:37:58.0360 0x14c8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:37:58.0407 0x14c8  ql2300 - ok
12:37:58.0407 0x14c8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:37:58.0423 0x14c8  ql40xx - ok
12:37:58.0454 0x14c8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:37:58.0470 0x14c8  QWAVE - ok
12:37:58.0485 0x14c8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:37:58.0501 0x14c8  QWAVEdrv - ok
12:37:58.0501 0x14c8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:37:58.0548 0x14c8  RasAcd - ok
12:37:58.0579 0x14c8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:37:58.0626 0x14c8  RasAgileVpn - ok
12:37:58.0626 0x14c8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:37:58.0672 0x14c8  RasAuto - ok
12:37:58.0688 0x14c8  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:37:58.0735 0x14c8  Rasl2tp - ok
12:37:58.0766 0x14c8  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
12:37:58.0828 0x14c8  RasMan - ok
12:37:58.0828 0x14c8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:37:58.0875 0x14c8  RasPppoe - ok
12:37:58.0875 0x14c8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:37:58.0922 0x14c8  RasSstp - ok
12:37:58.0938 0x14c8  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:37:58.0984 0x14c8  rdbss - ok
12:37:58.0984 0x14c8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:37:59.0000 0x14c8  rdpbus - ok
12:37:59.0000 0x14c8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:37:59.0047 0x14c8  RDPCDD - ok
12:37:59.0047 0x14c8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:37:59.0094 0x14c8  RDPENCDD - ok
12:37:59.0094 0x14c8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:37:59.0140 0x14c8  RDPREFMP - ok
12:37:59.0140 0x14c8  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:37:59.0218 0x14c8  RDPWD - ok
12:37:59.0218 0x14c8  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:37:59.0234 0x14c8  rdyboost - ok
12:37:59.0265 0x14c8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:37:59.0312 0x14c8  RemoteAccess - ok
12:37:59.0328 0x14c8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:37:59.0374 0x14c8  RemoteRegistry - ok
12:37:59.0390 0x14c8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:37:59.0406 0x14c8  RFCOMM - ok
12:37:59.0437 0x14c8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:37:59.0484 0x14c8  RpcEptMapper - ok
12:37:59.0515 0x14c8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:37:59.0530 0x14c8  RpcLocator - ok
12:37:59.0577 0x14c8  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
12:37:59.0640 0x14c8  RpcSs - ok
12:37:59.0640 0x14c8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:37:59.0686 0x14c8  rspndr - ok
12:37:59.0733 0x14c8  [ 3B01789EE4EAEE97F5EB46B711387D5E, 154D6D409E02AAEA8CC34FA70F71630D67A31F033F65EE854448112C45F164B4 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:37:59.0749 0x14c8  RTL8167 - ok
12:37:59.0749 0x14c8  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
12:37:59.0764 0x14c8  SamSs - ok
12:37:59.0780 0x14c8  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
12:37:59.0796 0x14c8  sbp2port - ok
12:37:59.0827 0x14c8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:37:59.0874 0x14c8  SCardSvr - ok
12:37:59.0874 0x14c8  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:37:59.0920 0x14c8  scfilter - ok
12:37:59.0967 0x14c8  [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule        C:\Windows\system32\schedsvc.dll
12:38:00.0045 0x14c8  Schedule - ok
12:38:00.0076 0x14c8  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:38:00.0108 0x14c8  SCPolicySvc - ok
12:38:00.0123 0x14c8  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:38:00.0139 0x14c8  SDRSVC - ok
12:38:00.0217 0x14c8  [ 331E7BDE228914574FC9AE6CD520DAFA, 15C6364E73328E86E431DA0960DEE794F96A6E83FF82C9CA181E70127E395311 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
12:38:00.0232 0x14c8  SeaPort - ok
12:38:00.0232 0x14c8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:38:00.0279 0x14c8  secdrv - ok
12:38:00.0295 0x14c8  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
12:38:00.0326 0x14c8  seclogon - ok
12:38:00.0342 0x14c8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:38:00.0388 0x14c8  SENS - ok
12:38:00.0404 0x14c8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:38:00.0420 0x14c8  SensrSvc - ok
12:38:00.0420 0x14c8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:38:00.0435 0x14c8  Serenum - ok
12:38:00.0435 0x14c8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:38:00.0451 0x14c8  Serial - ok
12:38:00.0466 0x14c8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:38:00.0482 0x14c8  sermouse - ok
12:38:00.0482 0x14c8  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:38:00.0529 0x14c8  SessionEnv - ok
12:38:00.0529 0x14c8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
12:38:00.0544 0x14c8  sffdisk - ok
12:38:00.0544 0x14c8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
12:38:00.0560 0x14c8  sffp_mmc - ok
12:38:00.0560 0x14c8  [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
12:38:00.0576 0x14c8  sffp_sd - ok
12:38:00.0576 0x14c8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:38:00.0591 0x14c8  sfloppy - ok
12:38:00.0622 0x14c8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:38:00.0669 0x14c8  SharedAccess - ok
12:38:00.0700 0x14c8  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:38:00.0732 0x14c8  ShellHWDetection - ok
12:38:00.0732 0x14c8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:38:00.0747 0x14c8  SiSRaid2 - ok
12:38:00.0747 0x14c8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:38:00.0763 0x14c8  SiSRaid4 - ok
12:38:00.0763 0x14c8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:38:00.0810 0x14c8  Smb - ok
12:38:00.0825 0x14c8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:38:00.0841 0x14c8  SNMPTRAP - ok
12:38:00.0841 0x14c8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:38:00.0856 0x14c8  spldr - ok
12:38:00.0888 0x14c8  [ F8E1FA03CB70D54A9892AC88B91D1E7B, 55EECAAD4C7EC0868BE937F4ADDA026AFDFCC614E94DE4B3248BFF2BE7FF13E8 ] Spooler         C:\Windows\System32\spoolsv.exe
12:38:00.0919 0x14c8  Spooler - ok
12:38:01.0075 0x14c8  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
12:38:01.0200 0x14c8  sppsvc - ok
12:38:01.0215 0x14c8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:38:01.0262 0x14c8  sppuinotify - ok
12:38:01.0278 0x14c8  [ 43067A65522EAEC33D31A12D6FA8E3F4, 244CE66A10B34DC756962D0A164B34B98D89AB41B64C7AAF1F31E8642D8B013B ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:38:01.0293 0x14c8  srv - ok
12:38:01.0309 0x14c8  [ 03715CF9C30B563DA35FC5F2B8F7B8E0, 694EE380955AAD3E21DD72D2656141017E113EC726E5CBE856EF4D7E4FE10387 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:38:01.0340 0x14c8  srv2 - ok
12:38:01.0340 0x14c8  [ FBD09635227A8026C0F7790F604343C6, 582D40DD57D33BF79642E6DF069E82187EF79978B7192D669FD21678B0D8A9C4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:38:01.0356 0x14c8  srvnet - ok
12:38:01.0371 0x14c8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:38:01.0418 0x14c8  SSDPSRV - ok
12:38:01.0434 0x14c8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:38:01.0480 0x14c8  SstpSvc - ok
12:38:01.0480 0x14c8  Steam Client Service - ok
12:38:01.0496 0x14c8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:38:01.0496 0x14c8  stexstor - ok
12:38:01.0527 0x14c8  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
12:38:01.0574 0x14c8  stisvc - ok
12:38:01.0574 0x14c8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:38:01.0574 0x14c8  swenum - ok
12:38:01.0621 0x14c8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:38:01.0668 0x14c8  swprv - ok
12:38:01.0746 0x14c8  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
12:38:01.0824 0x14c8  SysMain - ok
12:38:01.0839 0x14c8  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:38:01.0855 0x14c8  TabletInputService - ok
12:38:01.0870 0x14c8  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:38:01.0917 0x14c8  TapiSrv - ok
12:38:01.0933 0x14c8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:38:01.0980 0x14c8  TBS - ok
12:38:02.0058 0x14c8  [ 90A2D722CF64D911879D6C4A4F802A4D, 2D825BC1FD73315BF51F36CAEF6A8EFE9042A4C260151C6351064260CF699194 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:38:02.0120 0x14c8  Tcpip - ok
12:38:02.0198 0x14c8  [ 90A2D722CF64D911879D6C4A4F802A4D, 2D825BC1FD73315BF51F36CAEF6A8EFE9042A4C260151C6351064260CF699194 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:38:02.0260 0x14c8  TCPIP6 - ok
12:38:02.0276 0x14c8  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:38:02.0323 0x14c8  tcpipreg - ok
12:38:02.0323 0x14c8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:38:02.0370 0x14c8  TDPIPE - ok
12:38:02.0370 0x14c8  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:38:02.0416 0x14c8  TDTCP - ok
12:38:02.0416 0x14c8  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:38:02.0463 0x14c8  tdx - ok
12:38:02.0479 0x14c8  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:38:02.0479 0x14c8  TermDD - ok
12:38:02.0526 0x14c8  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
12:38:02.0588 0x14c8  TermService - ok
12:38:02.0604 0x14c8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:38:02.0619 0x14c8  Themes - ok
12:38:02.0635 0x14c8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:38:02.0682 0x14c8  THREADORDER - ok
12:38:02.0697 0x14c8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:38:02.0744 0x14c8  TrkWks - ok
12:38:02.0822 0x14c8  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:38:02.0853 0x14c8  TrustedInstaller - ok
12:38:02.0853 0x14c8  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:38:02.0900 0x14c8  tssecsrv - ok
12:38:02.0916 0x14c8  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:38:02.0962 0x14c8  tunnel - ok
12:38:02.0962 0x14c8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:38:02.0978 0x14c8  uagp35 - ok
12:38:02.0994 0x14c8  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:38:03.0040 0x14c8  udfs - ok
12:38:03.0056 0x14c8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:38:03.0072 0x14c8  UI0Detect - ok
12:38:03.0072 0x14c8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
12:38:03.0087 0x14c8  uliagpkx - ok
12:38:03.0087 0x14c8  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:38:03.0103 0x14c8  umbus - ok
12:38:03.0118 0x14c8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:38:03.0118 0x14c8  UmPass - ok
12:38:03.0290 0x14c8  [ 02C298382359653BEC4C737C2AB7F9C5, 44F285478591DAD476B7FDF5F15A78C76FE3FB207408D1C665ACD54B758EAC1B ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:38:03.0352 0x14c8  UNS - ok
12:38:03.0384 0x14c8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:38:03.0446 0x14c8  upnphost - ok
12:38:03.0446 0x14c8  [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:38:03.0462 0x14c8  usbccgp - ok
12:38:03.0462 0x14c8  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
12:38:03.0493 0x14c8  usbcir - ok
12:38:03.0508 0x14c8  [ DF9F9AFC9AAABD8ED47975D44E38169A, 3EB9E900F35B13208D4B3F9FF3B42972EF3FAFEE1225CC144AC2340410B991C8 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:38:03.0524 0x14c8  usbehci - ok
12:38:03.0540 0x14c8  [ 372A91BC3C6603080A793880B0873785, DC24793760922B92278335AF3B752EBE4373132A1D5CD02EF86466DCC90EB560 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:38:03.0555 0x14c8  usbhub - ok
12:38:03.0555 0x14c8  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:38:03.0571 0x14c8  usbohci - ok
12:38:03.0586 0x14c8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:38:03.0602 0x14c8  usbprint - ok
12:38:03.0602 0x14c8  [ A60E7E0FA88FF067D049D525547CD5E9, A6929516C9FDB1C3537F3D65590A4026536E6131AFC9B9F70241EE76ACE191D3 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:38:03.0618 0x14c8  USBSTOR - ok
12:38:03.0618 0x14c8  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:38:03.0633 0x14c8  usbuhci - ok
12:38:03.0680 0x14c8  [ D501E12614B00A3252073101D6A1A74B, DFA3A83978125B3CE45C71DD9069E8A7938366D0F4B4B2401CDD07251253FA8C ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
12:38:03.0696 0x14c8  usbvideo - ok
12:38:03.0711 0x14c8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:38:03.0758 0x14c8  UxSms - ok
12:38:03.0774 0x14c8  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
12:38:03.0789 0x14c8  VaultSvc - ok
12:38:03.0789 0x14c8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
12:38:03.0805 0x14c8  vdrvroot - ok
12:38:03.0836 0x14c8  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
12:38:03.0867 0x14c8  vds - ok
12:38:03.0867 0x14c8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:38:03.0883 0x14c8  vga - ok
12:38:03.0883 0x14c8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:38:03.0930 0x14c8  VgaSave - ok
12:38:03.0945 0x14c8  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
12:38:03.0961 0x14c8  vhdmp - ok
12:38:03.0961 0x14c8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
12:38:03.0976 0x14c8  viaide - ok
12:38:03.0976 0x14c8  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
12:38:03.0992 0x14c8  volmgr - ok
12:38:03.0992 0x14c8  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:38:04.0023 0x14c8  volmgrx - ok
12:38:04.0023 0x14c8  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
12:38:04.0039 0x14c8  volsnap - ok
12:38:04.0054 0x14c8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:38:04.0070 0x14c8  vsmraid - ok
12:38:04.0148 0x14c8  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
12:38:04.0210 0x14c8  VSS - ok
12:38:04.0226 0x14c8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:38:04.0242 0x14c8  vwifibus - ok
12:38:04.0242 0x14c8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:38:04.0273 0x14c8  vwififlt - ok
12:38:04.0288 0x14c8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:38:04.0335 0x14c8  W32Time - ok
12:38:04.0351 0x14c8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:38:04.0366 0x14c8  WacomPen - ok
12:38:04.0366 0x14c8  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:38:04.0413 0x14c8  WANARP - ok
12:38:04.0413 0x14c8  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:38:04.0460 0x14c8  Wanarpv6 - ok
12:38:04.0538 0x14c8  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
12:38:04.0600 0x14c8  wbengine - ok
12:38:04.0616 0x14c8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:38:04.0632 0x14c8  WbioSrvc - ok
12:38:04.0647 0x14c8  [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:38:04.0678 0x14c8  wcncsvc - ok
12:38:04.0678 0x14c8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:38:04.0694 0x14c8  WcsPlugInService - ok
12:38:04.0710 0x14c8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:38:04.0710 0x14c8  Wd - ok
12:38:04.0725 0x14c8  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:38:04.0756 0x14c8  Wdf01000 - ok
12:38:04.0788 0x14c8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:38:04.0803 0x14c8  WdiServiceHost - ok
12:38:04.0819 0x14c8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:38:04.0834 0x14c8  WdiSystemHost - ok
12:38:04.0850 0x14c8  [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient       C:\Windows\System32\webclnt.dll
12:38:04.0866 0x14c8  WebClient - ok
12:38:04.0897 0x14c8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:38:04.0944 0x14c8  Wecsvc - ok
12:38:04.0944 0x14c8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:38:04.0990 0x14c8  wercplsupport - ok
12:38:05.0022 0x14c8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:38:05.0053 0x14c8  WerSvc - ok
12:38:05.0068 0x14c8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:38:05.0100 0x14c8  WfpLwf - ok
12:38:05.0115 0x14c8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:38:05.0115 0x14c8  WIMMount - ok
12:38:05.0146 0x14c8  WinDefend - ok
12:38:05.0146 0x14c8  WinHttpAutoProxySvc - ok
12:38:05.0271 0x14c8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:38:05.0334 0x14c8  Winmgmt - ok
12:38:05.0427 0x14c8  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:38:05.0536 0x14c8  WinRM - ok
12:38:05.0583 0x14c8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:38:05.0630 0x14c8  Wlansvc - ok
12:38:05.0786 0x14c8  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:38:05.0848 0x14c8  wlidsvc - ok
12:38:05.0864 0x14c8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:38:05.0880 0x14c8  WmiAcpi - ok
12:38:05.0911 0x14c8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:38:05.0926 0x14c8  wmiApSrv - ok
12:38:05.0942 0x14c8  WMPNetworkSvc - ok
12:38:05.0958 0x14c8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:38:05.0973 0x14c8  WPCSvc - ok
12:38:05.0989 0x14c8  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:38:06.0004 0x14c8  WPDBusEnum - ok
12:38:06.0004 0x14c8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:38:06.0051 0x14c8  ws2ifsl - ok
12:38:06.0067 0x14c8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:38:06.0098 0x14c8  wscsvc - ok
12:38:06.0098 0x14c8  WSearch - ok
12:38:06.0207 0x14c8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:38:06.0285 0x14c8  wuauserv - ok
12:38:06.0301 0x14c8  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:38:06.0332 0x14c8  WudfPf - ok
12:38:06.0363 0x14c8  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:38:06.0410 0x14c8  WUDFRd - ok
12:38:06.0426 0x14c8  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:38:06.0472 0x14c8  wudfsvc - ok
12:38:06.0535 0x14c8  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:38:06.0550 0x14c8  WwanSvc - ok
12:38:06.0566 0x14c8  ================ Scan global ===============================
12:38:06.0597 0x14c8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:38:06.0613 0x14c8  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
12:38:06.0628 0x14c8  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
12:38:06.0644 0x14c8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:38:06.0660 0x14c8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:38:06.0675 0x14c8  [ Global ] - ok
12:38:06.0675 0x14c8  ================ Scan MBR ==================================
12:38:06.0691 0x14c8  [ EA992228D7CB77EFD3BC631124E09ADC ] \Device\Harddisk0\DR0
12:38:07.0034 0x14c8  \Device\Harddisk0\DR0 - ok
12:38:07.0034 0x14c8  ================ Scan VBR ==================================
12:38:07.0050 0x14c8  [ E42B7E9DFCE1AE26BEDCBD1CBE663784 ] \Device\Harddisk0\DR0\Partition1
12:38:07.0128 0x14c8  \Device\Harddisk0\DR0\Partition1 - ok
12:38:07.0128 0x14c8  [ 4D203AA96EEDDD447B2AF6662D05B290 ] \Device\Harddisk0\DR0\Partition2
12:38:07.0175 0x14c8  \Device\Harddisk0\DR0\Partition2 - ok
12:38:07.0175 0x14c8  [ 58911217C6936EB21CE7A8556BE0C048 ] \Device\Harddisk0\DR0\Partition3
12:38:07.0175 0x14c8  \Device\Harddisk0\DR0\Partition3 - ok
12:38:07.0175 0x14c8  ================ Scan generic autorun ======================
12:38:07.0627 0x14c8  [ 63C3AED5744F0BB8884413D19BFDB99A, 84DDF092DDAF6109D6185E86165CE60CD43A03F4B3C2ECAA7B109F17BED43BDB ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:38:07.0986 0x14c8  RtHDVCpl - ok
12:38:08.0001 0x14c8  NvCplDaemon - ok
12:38:08.0048 0x14c8  [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
12:38:08.0064 0x14c8  hpsysdrv - ok
12:38:08.0095 0x14c8  [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
12:38:08.0111 0x14c8  HP Software Update - ok
12:38:08.0220 0x14c8  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:38:08.0313 0x14c8  Sidebar - ok
12:38:08.0329 0x14c8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:38:08.0360 0x14c8  mctadmin - ok
12:38:08.0407 0x14c8  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:38:08.0454 0x14c8  Sidebar - ok
12:38:08.0469 0x14c8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:38:08.0485 0x14c8  mctadmin - ok
12:38:08.0485 0x14c8  Waiting for KSN requests completion. In queue: 352
12:38:09.0499 0x14c8  Waiting for KSN requests completion. In queue: 41
12:38:10.0513 0x14c8  Waiting for KSN requests completion. In queue: 41
12:38:11.0652 0x14c8  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.11.550 ), 0x41000 ( enabled : updated )
12:38:11.0667 0x14c8  Win FW state via NFP2: enabled
12:38:14.0101 0x14c8  ============================================================
12:38:14.0101 0x14c8  Scan finished
12:38:14.0101 0x14c8  ============================================================
12:38:14.0117 0x15f0  Detected object count: 0
12:38:14.0117 0x15f0  Actual detected object count: 0
         

Ich hoffe, ich habe alles richtig gemacht!
Musste mich sehr konzentrieren dabei!

Servus

Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Darf ich auf Youtube Dokus schauen bis Du mir schreibst? Wenn ich das System nicht verwende sehe ich auch nicht wenn Du mir schreibst