| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC sehr langsam und lautWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.07.2015, 08:43
| #1 |
 |  PC sehr langsam und laut in letzter Zeit in mein Laptop extrem langsam und laut geworden. Anwendungen brauchen auch lange bis diese geladen worden sind. Laptop ist jetzt ca. 4 JAhre alt danke für support |
|
04.07.2015, 10:09
| #2 |
| /// the machine /// TB-Ausbilder    | PC sehr langsam und laut Hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
04.07.2015, 10:57
| #3 |
| | PC sehr langsam und laut FRST Logfile:
__________________Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-07-2015 Ran by TV (administrator) on TV-PC on 04-07-2015 11:49:55 Running from C:\Users\TV\Desktop Loaded Profiles: TV (Available Profiles: TV) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\Easy Display Manager\dmhkcore.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE () C:\Users\TV\AppData\Local\Amazon Music\Amazon Music Helper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Users\TV\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Sysinternals - www.sysinternals.com) C:\Users\TV\AppData\Local\Temp\Temp2_ProcessExplorer.zip\procexp.exe (Sysinternals - www.sysinternals.com) C:\Users\TV\AppData\Local\Temp\procexp64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9644576 2009-12-15] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2149160 2010-05-21] (Synaptics Incorporated) HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink) HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [UpdatePDRShortCut] => C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl8] => C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.) HKLM-x32\...\Run: [PDVD8LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.) HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.) HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-07-21] (CyberLink Corp.) HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2015-03-18] (Microsoft Corporation) HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\Run: [Amazon Music] => C:\Users\TV\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] () HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd) HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\Run: [Amazon Cloud Player] => C:\Users\TV\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3145536 2014-05-08] () HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\Run: [Dropbox Update] => C:\Users\TV\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.) Startup: C:\Users\TV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-01-12] ShortcutTarget: Dropbox.lnk -> C:\Users\TV\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://fortuna-duesseldorf.de/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000 -> {8AD20FB0-9E52-473B-888E-01B00F5030B0} URL = http://www.google.de/search?q={searchTerms} BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-05-28] (Kaspersky Lab ZAO) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-18] (Kaspersky Lab ZAO) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-05-28] (Kaspersky Lab ZAO) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-05-28] (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-05-28] (Kaspersky Lab ZAO) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-18] (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-05-28] (Kaspersky Lab ZAO) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation) BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-05-28] (Kaspersky Lab ZAO) Tcpip\Parameters: [DhcpNameServer] 192.168.192.1 Tcpip\..\Interfaces\{22239710-D4E9-4FB0-845C-6966EA422BC5}: [DhcpNameServer] 127.0.0.1 192.168.0.1 Tcpip\..\Interfaces\{2E391019-9AB6-4330-BD37-4BEFFF0B6CAB}: [DhcpNameServer] 192.168.192.1 Tcpip\..\Interfaces\{442E212D-2D5D-4AD4-9E90-71AC50384809}: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\TV\AppData\Roaming\Mozilla\Firefox\Profiles\47jofjrp.default FF Homepage: hxxp://www.fortuna-duesseldorf.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-28] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-28] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-02-18] (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1473346268-2668242606-3040593410-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-30] (Amazon.com, Inc.) FF Plugin HKU\S-1-5-21-1473346268-2668242606-3040593410-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-02-18] (Pando Networks) FF Extension: Amazon-Icon - C:\Users\TV\AppData\Roaming\Mozilla\Firefox\Profiles\47jofjrp.default\Extensions\amazon-icon@giga.de [2015-02-09] FF Extension: WOT - C:\Users\TV\AppData\Roaming\Mozilla\Firefox\Profiles\47jofjrp.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-06-28] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-05-19] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-05-19] FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-07-10] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-07-10] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-07-10] FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-07-10] FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-07-10] Chrome: ======= CHR Profile: C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-17] CHR Extension: (Google Docs) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-17] CHR Extension: (Google Drive) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-17] CHR Extension: (WOT) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-28] CHR Extension: (YouTube) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-17] CHR Extension: (Google Search) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-17] CHR Extension: (Kaspersky URL Advisor) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2011-09-11] CHR Extension: (Video Downloader professional) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-12-20] CHR Extension: (Google Sheets) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-17] CHR Extension: (Safe Money) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-11-22] CHR Extension: (Dangerous Websites Blocker) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-11-22] CHR Extension: (Virtual Keyboard) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2011-09-11] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16] CHR Extension: (Google Wallet) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-22] CHR Extension: (Gmail) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-17] CHR Extension: (Anti-Banner) - C:\Users\TV\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2011-09-11] CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2014-05-28] CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2014-05-28] CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2014-05-28] CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2014-05-28] CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2014-05-28] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] () R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2014-05-28] (Kaspersky Lab ZAO) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] () [File not signed] R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-05-28] (Kaspersky Lab ZAO) S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-05-28] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-05-28] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-05-28] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-05-28] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-04] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-06-07] (Windows (R) 2003 DDK 3790 provider) R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-27 09:31 - 2015-06-27 09:31 - 18174128 ____C (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe 2015-06-26 17:35 - 2015-06-27 09:16 - 00136408 ____C (Malwarebytes Corporation) C:\windows\system32\Drivers\594D652C.sys 2015-06-21 01:00 - 2015-07-04 08:38 - 00000336 ____C C:\windows\setupact.log 2015-06-21 01:00 - 2015-06-21 01:00 - 00000000 ____C C:\windows\setuperr.log 2015-06-20 09:06 - 2015-06-20 09:06 - 00000000 ___DC C:\Users\TV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-06-20 09:05 - 2015-07-04 11:10 - 00001212 ____C C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1473346268-2668242606-3040593410-1000UA.job 2015-06-20 09:05 - 2015-07-04 09:11 - 00001160 ____C C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1473346268-2668242606-3040593410-1000Core.job 2015-06-20 09:05 - 2015-06-20 09:05 - 00004176 ____C C:\windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1473346268-2668242606-3040593410-1000UA 2015-06-20 09:05 - 2015-06-20 09:05 - 00003780 ____C C:\windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1473346268-2668242606-3040593410-1000Core 2015-06-20 09:05 - 2015-06-20 09:05 - 00000000 ___DC C:\Users\TV\AppData\Local\Dropbox 2015-06-20 09:05 - 2015-06-20 09:05 - 00000000 ___DC C:\ProgramData\Dropbox 2015-06-13 08:35 - 2015-06-15 18:42 - 00136408 ____C (Malwarebytes Corporation) C:\windows\system32\Drivers\2EB35080.sys 2015-06-11 20:41 - 2015-06-12 01:11 - 14635008 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll 2015-06-11 20:41 - 2015-06-12 01:11 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL 2015-06-11 20:41 - 2015-06-12 01:11 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL 2015-06-11 20:41 - 2015-06-12 01:11 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll 2015-06-11 20:41 - 2015-06-12 01:11 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll 2015-06-11 20:41 - 2015-06-12 01:11 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll 2015-06-11 20:41 - 2015-06-12 01:11 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx 2015-06-11 20:41 - 2015-06-12 01:11 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll 2015-06-11 20:41 - 2015-06-12 01:11 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx 2015-06-11 20:41 - 2015-06-12 01:11 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll 2015-06-11 20:40 - 2015-06-12 01:06 - 01119232 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2015-06-11 20:40 - 2015-06-12 01:06 - 01021440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2015-06-11 20:40 - 2015-06-12 01:06 - 00757248 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2015-06-11 20:40 - 2015-06-12 01:06 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2015-06-11 20:40 - 2015-06-12 01:06 - 00423424 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2015-06-11 20:40 - 2015-06-12 01:06 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2015-06-11 20:40 - 2015-06-12 01:06 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll 2015-06-11 20:40 - 2015-06-12 01:06 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 01255424 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00728576 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2015-06-11 20:40 - 2015-06-12 01:01 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2015-06-11 20:40 - 2015-06-12 01:01 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2015-06-11 20:40 - 2015-06-12 01:01 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-06-11 20:40 - 2015-06-12 01:01 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2015-06-11 20:40 - 2015-06-12 00:34 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll 2015-06-11 20:40 - 2015-06-12 00:34 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll 2015-06-11 20:40 - 2015-06-12 00:14 - 03206144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-06-11 20:39 - 2015-06-11 22:42 - 00069888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys 2015-06-11 20:39 - 2015-06-11 22:40 - 17884672 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 12385280 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 10935296 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 09750528 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 02382848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2015-06-11 20:39 - 2015-06-11 22:40 - 02382848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2015-06-11 20:39 - 2015-06-11 22:40 - 02343424 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 02158080 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 01809920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 01804288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 01494016 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-06-11 20:39 - 2015-06-11 22:40 - 01427968 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2015-06-11 20:39 - 2015-06-11 22:40 - 01392128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 01387520 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 01139712 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 01129472 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00718336 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00607744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2015-06-11 20:39 - 2015-06-11 22:40 - 00421888 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec 2015-06-11 20:39 - 2015-06-11 22:40 - 00353792 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00282112 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00248320 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00237056 _____ (Microsoft Corporation) C:\windows\system32\url.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00231936 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00176640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2015-06-11 20:39 - 2015-06-11 22:40 - 00142848 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2015-06-11 20:39 - 2015-06-11 22:40 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00065024 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00041472 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll 2015-06-11 20:39 - 2015-06-11 22:40 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe 2015-06-11 20:39 - 2015-06-11 22:40 - 00011776 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe 2015-06-11 20:39 - 2015-06-11 22:40 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe 2015-06-11 20:39 - 2015-06-11 22:40 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe 2015-06-09 09:22 - 2015-06-09 09:22 - 00136408 ____C (Malwarebytes Corporation) C:\windows\system32\Drivers\227E3BF0.sys ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-04 11:50 - 2014-11-07 21:25 - 00000000 ___DC C:\FRST 2015-07-04 11:49 - 2014-11-22 07:27 - 00000000 ___DC C:\Users\TV\Desktop\FRST-OlderVersion 2015-07-04 11:49 - 2014-11-07 21:26 - 00027149 ____C C:\Users\TV\Desktop\FRST.txt 2015-07-04 11:49 - 2014-11-07 21:24 - 02112512 ____C (Farbar) C:\Users\TV\Desktop\FRST64.exe 2015-07-04 11:43 - 2011-07-18 16:43 - 00000000 ___DC C:\ProgramData\Kaspersky Lab 2015-07-04 11:30 - 2013-05-14 20:49 - 00000884 ____C C:\windows\Tasks\Adobe Flash Player Updater.job 2015-07-04 11:07 - 2014-11-22 07:47 - 00001110 ____C C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-04 10:07 - 2014-11-22 07:47 - 00001106 ____C C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-04 09:37 - 2014-07-17 13:20 - 00113880 ____C (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-04 09:00 - 2012-09-12 20:56 - 01116309 ____C C:\windows\WindowsUpdate.log 2015-07-04 08:51 - 2009-07-14 06:45 - 00028848 ___HC C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-04 08:51 - 2009-07-14 06:45 - 00028848 ___HC C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-04 08:42 - 2014-03-01 11:44 - 00000000 __RDC C:\Users\TV\Dropbox 2015-07-04 08:42 - 2014-03-01 11:42 - 00000000 ___DC C:\Users\TV\AppData\Roaming\Dropbox 2015-07-04 08:40 - 2011-07-18 16:11 - 00000000 ___DC C:\Users\TV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite 2015-07-04 08:39 - 2009-07-14 07:08 - 00000006 ___HC C:\windows\Tasks\SA.DAT 2015-06-28 08:53 - 2011-07-18 16:16 - 00000000 ___DC C:\Users\TV\AppData\Local\Adobe 2015-06-28 08:44 - 2013-05-14 20:49 - 00778416 ____C (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-06-28 08:44 - 2013-05-14 20:49 - 00142512 ____C (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-06-28 08:44 - 2013-05-14 20:49 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-06-28 08:14 - 2015-05-19 14:41 - 00000000 ___DC C:\Program Files (x86)\Mozilla Firefox 2015-06-27 11:57 - 2014-07-17 13:19 - 00000000 ___DC C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-06-27 11:57 - 2013-05-12 13:14 - 00001066 ____C C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-06-26 17:09 - 2014-11-22 07:50 - 00002135 ____C C:\Users\Public\Desktop\Google Chrome.lnk 2015-06-26 16:42 - 2014-12-25 08:59 - 00003886 ____C C:\windows\System32\Tasks\Adobe Acrobat Update Task 2015-06-21 21:18 - 2013-03-26 22:03 - 00000000 ___DC C:\Users\TV\AppData\Roaming\vlc 2015-06-20 10:54 - 2011-04-12 23:43 - 00699682 ____C C:\windows\system32\perfh007.dat 2015-06-20 10:54 - 2011-04-12 23:43 - 00149790 ____C C:\windows\system32\perfc007.dat 2015-06-20 10:54 - 2009-07-14 07:13 - 01620684 ____C C:\windows\system32\PerfStringBackup.INI 2015-06-18 08:41 - 2014-07-17 13:19 - 00109272 ____C (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2015-06-18 08:41 - 2014-07-17 13:19 - 00063704 ____C (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2015-06-18 08:41 - 2013-05-12 13:14 - 00025816 ____C (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2015-06-12 07:47 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD 2015-06-12 07:44 - 2009-07-14 06:45 - 00420648 ____C C:\windows\system32\FNTCACHE.DAT 2015-06-12 07:40 - 2014-12-12 18:09 - 00000000 ___DC C:\windows\system32\appraiser 2015-06-12 07:40 - 2014-05-06 22:43 - 00000000 __SDC C:\windows\system32\CompatTel 2015-06-12 00:55 - 2011-07-18 17:29 - 00000000 ___DC C:\ProgramData\Microsoft Help 2015-06-12 00:12 - 2013-07-24 10:53 - 00000000 ___DC C:\windows\system32\MRT 2015-06-11 22:49 - 2011-07-25 17:01 - 140135120 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-06-11 22:37 - 2009-07-14 04:34 - 00000612 ____C C:\windows\win.ini 2015-06-07 08:02 - 2015-05-14 14:40 - 00040960 ____C C:\Users\TV\Documents\tv.db3 2015-06-07 08:02 - 2015-05-14 14:40 - 00000000 ___DC C:\Users\TV\AppData\Roaming\AckiSoft ==================== Files in the root of some directories ======= 2011-07-18 16:46 - 2011-07-18 16:46 - 0017408 ____C () C:\Users\TV\AppData\Local\WebpageIcons.db 2015-02-07 14:26 - 2015-02-07 14:51 - 0000085 __SHC () C:\ProgramData\.zreglib 2011-04-12 08:22 - 2011-04-12 08:23 - 0000109 ____C () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2011-04-12 08:20 - 2011-04-12 08:21 - 0000106 ____C () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log 2011-04-12 08:14 - 2011-04-12 08:15 - 0000105 ____C () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2011-04-12 08:21 - 2011-04-12 08:22 - 0000110 ____C () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log 2011-04-12 08:14 - 2011-04-12 08:14 - 0000107 ____C () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2011-04-12 08:15 - 2011-04-12 08:20 - 0000110 ____C () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log Some files in TEMP: ==================== C:\Users\TV\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppgq8i1.dll C:\Users\TV\AppData\Local\Temp\procexp64.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-06-28 14:00 ==================== End of log ============================ [HTML]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:04-07-2015
Ran by TV at 2015-07-04 11:54:00
Running from C:\Users\TV\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1473346268-2668242606-3040593410-500 - Administrator - Disabled)
Gast (S-1-5-21-1473346268-2668242606-3040593410-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1473346268-2668242606-3040593410-1002 - Limited - Enabled)
TV (S-1-5-21-1473346268-2668242606-3040593410-1000 - Administrator - Enabled) => C:\Users\TV
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
Amazon Cloud Player (HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\Amazon Amazon Cloud Player) (Version: 2.4.0.33 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.1.0 - Amazon Services LLC)
Amazon Music Importer (x32 Version: 2.1.0 - Amazon Services LLC) Hidden
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1999518974.48.56.34671986 - Audible, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.1.731 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)
Bonbon Quest (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111768557}) (Version: - Oberon Media)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
calibre (HKLM-x32\...\{60C18701-A823-4165-8E58-C083673F90DC}) (Version: 1.14.0 - Kovid Goyal)
Carcassonne (HKLM-x32\...\{8033CA80-B44F-40F9-8D0A-957211442C19}) (Version: 1.0 - Deep Silver)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
ClipboardManager 1.6 (HKLM-x32\...\ClipboardManager_is1) (Version: - )
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Daycare Nightmare (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113128447}) (Version: - Oberon Media)
Dropbox (HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FinanzmanagerV8 (HKLM-x32\...\{78E2401D-39D5-4023-B0BF-7FA96F3FD425}_is1) (Version: 11.0.1.3 - Ackisoft)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version: - Oberon Media)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version: - Oberon Media)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Insaniquarium Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}) (Version: - Oberon Media)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 75 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.2 - Pando Networks Inc.)
PC Inspector smart recovery (HKLM-x32\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Slingo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110160733}) (Version: - Oberon Media)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SteuerSparErklärung 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.34.161 - Akademische Arbeitsgemeinschaft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.22.0 - Synaptics Incorporated)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VirtualDJ Home FREE (HKLM-x32\...\{5E1375CB-6792-4464-8715-CC3EC83D48FA}) (Version: 7.0.5 - Atomix Productions)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\TV\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
CustomCLSID: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
CustomCLSID: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
CustomCLSID: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
CustomCLSID: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
CustomCLSID: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
CustomCLSID: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
CustomCLSID: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TV\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll No File
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2013-05-09 00:59 - 00000027 ___AC C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {19C95EC3-F5DF-4BDE-A822-32B5E0EB397E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {34824F9C-B377-4535-A2DF-08298FA5BAA7} - System32\Tasks\{CB3F2958-C257-4E00-A14D-BFF1D8FC3FE1} => pcalua.exe -a C:\Users\TV\Desktop\AmazonMusicImporterInstaller-2.1.0._V337128703_.exe -d C:\Users\TV\Desktop
Task: {3950917F-300D-49EC-8230-5EFCA995E10E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1473346268-2668242606-3040593410-1000Core => C:\Users\TV\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {3B50976D-4C9E-444D-B1B2-9519C577C325} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-22] (Google Inc.)
Task: {43FFD3FF-DF5E-469B-98B4-611B86DB74D3} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {57EF7F50-4FFE-490C-996F-F57F26AD1D4C} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-10-13] (Samsung Electronics Co., Ltd.)
Task: {747D8FE7-A07D-427A-83ED-8884B4B09CA5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-22] (Google Inc.)
Task: {794C4E54-68CB-47D0-A522-C9810E8BA324} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe
Task: {95B62CC1-763B-4C31-B2F0-82E770E08475} - System32\Tasks\Amazon Music Helper => C:\Users\TV\AppData\Local\Amazon Music\Amazon Music Helper.exe [2014-12-08] ()
Task: {9F089730-CFED-4680-B856-8C941DE93693} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {A481ACFD-2AA7-4DE8-AAE1-060680B94B1D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-28] (Adobe Systems Incorporated)
Task: {BF071C2B-E8E3-46DD-A4A7-6B99DBF2974C} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {D158679B-7087-415C-AFBB-B276DE690B1D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1473346268-2668242606-3040593410-1000UA => C:\Users\TV\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {DB387DA9-7B1F-4638-847D-D4BCF9D1A6A0} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: {DD9B8810-0A43-424F-9B2C-31E1A6D7BB65} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-06-08] (Samsung Electronics Co., Ltd.)
Task: {E6C0D70C-3E6F-4065-A999-88450F0F0CC1} - System32\Tasks\{D4A1182C-D26F-4645-9662-75370270E0D4} => pcalua.exe -a C:\Users\TV\Downloads\jxpiinstall.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {EAECB6E1-BE5F-4DAD-A770-5A12C1AD4E3B} - System32\Tasks\{A23F06C8-7C74-4D6F-8D21-21A97A67A72F} => pcalua.exe -a C:\Users\TV\Downloads\AmazonMP3Installer-de_DE(1).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {F62150D1-4CE3-4089-8DED-9E84D3234D4A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {FD63E225-E017-4B02-B066-629E9D2AE44E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1473346268-2668242606-3040593410-1000Core.job => C:\Users\TV\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1473346268-2668242606-3040593410-1000UA.job => C:\Users\TV\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2013-08-05 08:15 - 2013-08-05 08:15 - 00070712 ____C () C:\windows\system32\bdmpega64.acm
2012-03-23 14:25 - 2012-03-23 14:25 - 00087040 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2011-04-12 08:20 - 2009-07-07 20:23 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-07-11 17:27 - 2014-12-08 08:27 - 06277952 ____C () C:\Users\TV\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-01-02 21:52 - 2014-05-08 19:26 - 03145536 ____C () C:\Users\TV\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-12-13 00:24 - 2014-12-13 00:24 - 00047104 ____C () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 ____C () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-04-12 08:24 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 ____C () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 ____C () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 ____C () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 ____C () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 ____C () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2009-06-03 13:59 - 2009-06-03 13:59 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-06-03 13:59 - 2009-06-03 13:59 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-06-26 17:09 - 2015-06-20 07:46 - 01281864 ____C () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-26 17:09 - 2015-06-20 07:46 - 00080712 ____C () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-26 17:09 - 2015-06-20 07:46 - 15003976 ____C () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\...\1001movie.com -> 1001movie.com
There are 6091 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1473346268-2668242606-3040593410-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\TV\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.192.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{17F3357F-01A6-4DDE-A1B3-8B14FE4C8473}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{A6903FF3-46AD-4758-B893-744F67E528D3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{B91F9437-10B3-47AB-A3A6-9E9B20D7CC0B}] => (Allow) LPort=2869
FirewallRules: [{01A0B80F-F943-4FAB-AB83-60E6290E6A07}] => (Allow) LPort=1900
FirewallRules: [{990CE697-311B-46A5-87DA-8B2558251B2A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{B83EEDA4-DD78-47B4-8CE3-2914583F5DBC}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{285A4B6A-EB89-43C7-8F0B-51822976584F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6B7E461A-82D8-4FCD-B853-6258FDF76EFF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{35D7C06B-9277-4B66-BE80-EE73724A31C5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4DAAB37A-BB07-4725-8349-6FDE9F90B1FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BA58D479-BC76-4635-B310-C96CD7101751}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{8FEC4F95-B5A8-4FD6-98B3-E33858A09C7F}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{420B1C71-63F1-4E19-BACA-5BF85B06C964}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{108D7B87-D12E-447D-ADFF-B8E0F7444A46}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{69E8A4D2-CA3A-47F4-82A6-93182CE63CF6}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{9B754887-314B-439A-992C-8A8D05A8BE3B}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{9E232EFF-D118-472C-9FA2-77F4D550AE6A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{2DF9F747-26A1-453F-BBCA-FBF4573E7541}] => (Allow) C:\Users\TV\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{73DF97EF-042E-4B0A-A2BC-2C01F46AFD4E}] => (Allow) C:\Users\TV\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{BE551659-B302-40DE-B860-70332EA7DA0F}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [UDP Query User{42C60249-86B4-4ABC-B493-F5124007A843}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [TCP Query User{268FBDA7-6E06-4073-9ED6-6584239EC876}C:\users\tv\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\tv\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{D53588CD-EBC1-4C01-931B-57B643F74626}C:\users\tv\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\tv\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{7399DE19-D486-4ECD-9263-4817A366704F}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{33752D6D-A88B-46B7-BFC1-4A1B021D9CE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D534239F-EE92-46CA-87D9-3BD19DAB3300}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C5AF51BC-4460-49F2-8B13-E3FB31B44DA2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/04/2015 11:43:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000002a84e
ID des fehlerhaften Prozesses: 0x6ec
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (07/04/2015 09:19:36 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/04/2015 08:40:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2015 08:31:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/28/2015 08:09:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2015 09:51:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 38.0.1.5611, Zeitstempel: 0x55541a90
Name des fehlerhaften Moduls: mozalloc.dll, Version: 38.0.1.5611, Zeitstempel: 0x55540a1e
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x1078
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (06/27/2015 09:17:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/26/2015 04:40:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/21/2015 07:40:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000002a84e
ID des fehlerhaften Prozesses: 0x730
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (06/21/2015 07:24:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/04/2015 09:28:29 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (07/04/2015 09:27:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Apple Mobile Device erreicht.
Error: (07/04/2015 09:09:30 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.201.836.0)
Error: (06/29/2015 08:30:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/29/2015 08:30:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Live ID Sign-in Assistant erreicht.
Error: (06/28/2015 07:43:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst FontCache3.0.0.0 erreicht.
Error: (06/28/2015 02:23:11 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (06/26/2015 05:35:52 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (06/21/2015 09:24:52 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst FontCache3.0.0.0 erreicht.
Error: (06/21/2015 00:21:09 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst FontCache3.0.0.0 erreicht.
Microsoft Office:
=========================
Error: (07/04/2015 11:43:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4msvcrt.dll7.0.7601.177444eeb033f40000015000000000002a84e6ec01d0b62420498953C:\windows\Explorer.EXEC:\windows\system32\msvcrt.dll27a6d686-2231-11e5-a8c0-e81132847be7
Error: (07/04/2015 09:19:36 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\TV\Downloads\esetsmartinstaller_deu.exe
Error: (07/04/2015 08:40:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/29/2015 08:31:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/28/2015 08:09:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2015 09:51:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa1107801d0b0ad4db47b6fC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll45ba255c-1ca1-11e5-a219-e81132847be7
Error: (06/27/2015 09:17:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/26/2015 04:40:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/21/2015 07:40:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4msvcrt.dll7.0.7601.177444eeb033f40000015000000000002a84e73001d0ac46e7310ea4C:\windows\Explorer.EXEC:\windows\system32\msvcrt.dll95d6c281-183c-11e5-9649-e81132847be7
Error: (06/21/2015 07:24:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2015-02-14 09:17:41.839
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-14 09:17:41.498
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-13 08:51:05.923
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-13 08:51:05.912
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-13 08:42:49.112
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-13 08:42:49.077
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-23 11:28:26.404
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-23 11:28:26.347
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-23 11:28:26.322
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-23 11:28:26.268
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 87%
Total physical RAM: 3892.55 MB
Available physical RAM: 501.1 MB
Total Virtual: 7783.31 MB
Available Virtual: 2754.68 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:112 GB) (Free:0.16 GB) NTFS
Drive d: () (Fixed) (Total:165.99 GB) (Free:156.15 GB) NTFS
Drive f: (USB-HDD) (Fixed) (Total:298.02 GB) (Free:23.27 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 7B2A787C)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=166 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: A2C2ADF9)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=0C)
==================== End of log ============================
|
|
05.07.2015, 07:21
| #4 |
| /// the machine /// TB-Ausbilder | PC sehr langsam und laut hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.07.2015, 08:41
| #5 |
| | PC sehr langsam und lautCode:
ATTFilter 08:55:59.0712 0x1d24 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
08:56:10.0825 0x1d24 ============================================================
08:56:10.0825 0x1d24 Current date / time: 2015/07/05 08:56:10.0825
08:56:10.0825 0x1d24 SystemInfo:
08:56:10.0825 0x1d24
08:56:10.0825 0x1d24 OS Version: 6.1.7601 ServicePack: 1.0
08:56:10.0825 0x1d24 Product type: Workstation
08:56:10.0825 0x1d24 ComputerName: TV-PC
08:56:10.0826 0x1d24 UserName: TV
08:56:10.0826 0x1d24 Windows directory: C:\windows
08:56:10.0826 0x1d24 System windows directory: C:\windows
08:56:10.0826 0x1d24 Running under WOW64
08:56:10.0826 0x1d24 Processor architecture: Intel x64
08:56:10.0826 0x1d24 Number of processors: 4
08:56:10.0826 0x1d24 Page size: 0x1000
08:56:10.0826 0x1d24 Boot type: Normal boot
08:56:10.0826 0x1d24 ============================================================
08:56:11.0031 0x1d24 KLMD registered as C:\windows\system32\drivers\59940788.sys
08:56:11.0720 0x1d24 System UUID: {EE0553AC-A297-ECD1-F284-70AF41808BEB}
08:56:13.0165 0x1d24 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:56:13.0185 0x1d24 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:56:13.0560 0x1d24 ============================================================
08:56:13.0560 0x1d24 \Device\Harddisk0\DR0:
08:56:13.0582 0x1d24 MBR partitions:
08:56:13.0582 0x1d24 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000
08:56:13.0582 0x1d24 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0xE000000
08:56:13.0602 0x1d24 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10833000, BlocksNum 0x14BFB000
08:56:13.0602 0x1d24 \Device\Harddisk1\DR1:
08:56:13.0602 0x1d24 MBR partitions:
08:56:13.0602 0x1d24 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x2542D682
08:56:13.0603 0x1d24 ============================================================
08:56:13.0725 0x1d24 C: <-> \Device\Harddisk0\DR0\Partition2
08:56:13.0726 0x1d24 F: <-> \Device\Harddisk1\DR1\Partition1
08:56:14.0247 0x1d24 D: <-> \Device\Harddisk0\DR0\Partition3
08:56:14.0248 0x1d24 ============================================================
08:56:14.0248 0x1d24 Initialize success
08:56:14.0248 0x1d24 ============================================================
08:56:23.0774 0x1db4 ============================================================
08:56:23.0774 0x1db4 Scan started
08:56:23.0774 0x1db4 Mode: Manual;
08:56:23.0774 0x1db4 ============================================================
08:56:23.0774 0x1db4 KSN ping started
08:56:45.0589 0x1db4 KSN ping finished: true
08:57:15.0044 0x1db4 ================ Scan system memory ========================
08:57:15.0045 0x1db4 System memory - ok
08:57:15.0045 0x1db4 ================ Scan services =============================
08:57:18.0666 0x1db4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
08:57:18.0742 0x1db4 1394ohci - ok
08:57:20.0774 0x1db4 [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
08:57:20.0786 0x1db4 AAV UpdateService - ok
08:57:21.0067 0x1db4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
08:57:21.0075 0x1db4 ACPI - ok
08:57:21.0171 0x1db4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
08:57:21.0209 0x1db4 AcpiPmi - ok
08:57:21.0681 0x1db4 [ A542C712794FB8FBD27E37271C730F36, 8C327BFAC10C7BBD48277D4FEB862D58CA1F22DC10F0632BB8B18CF54A507216 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:57:21.0696 0x1db4 AdobeARMservice - ok
08:57:21.0877 0x1db4 [ 1234A12B71DAE034E45C714AE5A54412, 079E6BC834F38322ED5ED76295EC3961ED894084EF5CB171DFFBD9B3822CC78D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:57:21.0887 0x1db4 AdobeFlashPlayerUpdateSvc - ok
08:57:22.0045 0x1db4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
08:57:22.0103 0x1db4 adp94xx - ok
08:57:22.0260 0x1db4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
08:57:22.0309 0x1db4 adpahci - ok
08:57:22.0383 0x1db4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
08:57:22.0415 0x1db4 adpu320 - ok
08:57:22.0488 0x1db4 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
08:57:22.0504 0x1db4 AeLookupSvc - ok
08:57:22.0679 0x1db4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
08:57:22.0706 0x1db4 AFD - ok
08:57:22.0793 0x1db4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
08:57:22.0838 0x1db4 agp440 - ok
08:57:22.0893 0x1db4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
08:57:22.0908 0x1db4 ALG - ok
08:57:22.0963 0x1db4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
08:57:22.0974 0x1db4 aliide - ok
08:57:23.0034 0x1db4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
08:57:23.0045 0x1db4 amdide - ok
08:57:23.0087 0x1db4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
08:57:23.0098 0x1db4 AmdK8 - ok
08:57:23.0121 0x1db4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
08:57:23.0148 0x1db4 AmdPPM - ok
08:57:23.0209 0x1db4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
08:57:23.0226 0x1db4 amdsata - ok
08:57:23.0274 0x1db4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
08:57:23.0294 0x1db4 amdsbs - ok
08:57:23.0315 0x1db4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
08:57:23.0327 0x1db4 amdxata - ok
08:57:23.0389 0x1db4 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\windows\system32\drivers\appid.sys
08:57:23.0403 0x1db4 AppID - ok
08:57:23.0425 0x1db4 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\windows\System32\appidsvc.dll
08:57:23.0452 0x1db4 AppIDSvc - ok
08:57:23.0519 0x1db4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
08:57:23.0522 0x1db4 Appinfo - ok
08:57:23.0862 0x1db4 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:57:23.0894 0x1db4 Apple Mobile Device - ok
08:57:23.0983 0x1db4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
08:57:24.0014 0x1db4 arc - ok
08:57:24.0046 0x1db4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
08:57:24.0060 0x1db4 arcsas - ok
08:57:24.0264 0x1db4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:57:24.0296 0x1db4 aspnet_state - ok
08:57:24.0342 0x1db4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
08:57:24.0344 0x1db4 AsyncMac - ok
08:57:24.0383 0x1db4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
08:57:24.0412 0x1db4 atapi - ok
08:57:24.0538 0x1db4 [ 7D89B0C443F6068E5B27AA3B972069FF, 34CBB7D44D060F1D614BCA1357C8A260A002C21E67D33E819F57815AC400CCBD ] athr C:\windows\system32\DRIVERS\athrx.sys
08:57:24.0611 0x1db4 athr - ok
08:57:24.0669 0x1db4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
08:57:24.0684 0x1db4 AudioEndpointBuilder - ok
08:57:24.0705 0x1db4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\windows\System32\Audiosrv.dll
08:57:24.0718 0x1db4 AudioSrv - ok
08:57:24.0939 0x1db4 [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
08:57:24.0946 0x1db4 AVP - ok
08:57:25.0022 0x1db4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
08:57:25.0041 0x1db4 AxInstSV - ok
08:57:25.0094 0x1db4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
08:57:25.0115 0x1db4 b06bdrv - ok
08:57:25.0154 0x1db4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
08:57:25.0177 0x1db4 b57nd60a - ok
08:57:25.0200 0x1db4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
08:57:25.0224 0x1db4 BDESVC - ok
08:57:25.0249 0x1db4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
08:57:25.0259 0x1db4 Beep - ok
08:57:25.0316 0x1db4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
08:57:25.0333 0x1db4 BFE - ok
08:57:25.0380 0x1db4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\system32\qmgr.dll
08:57:25.0445 0x1db4 BITS - ok
08:57:25.0470 0x1db4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
08:57:25.0484 0x1db4 blbdrive - ok
08:57:25.0601 0x1db4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:57:25.0619 0x1db4 Bonjour Service - ok
08:57:25.0645 0x1db4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
08:57:25.0667 0x1db4 bowser - ok
08:57:25.0709 0x1db4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
08:57:25.0719 0x1db4 BrFiltLo - ok
08:57:25.0730 0x1db4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
08:57:25.0747 0x1db4 BrFiltUp - ok
08:57:25.0796 0x1db4 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
08:57:25.0808 0x1db4 BridgeMP - ok
08:57:25.0835 0x1db4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
08:57:25.0844 0x1db4 Browser - ok
08:57:25.0871 0x1db4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
08:57:25.0909 0x1db4 Brserid - ok
08:57:25.0922 0x1db4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
08:57:25.0933 0x1db4 BrSerWdm - ok
08:57:25.0954 0x1db4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
08:57:25.0963 0x1db4 BrUsbMdm - ok
08:57:25.0979 0x1db4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
08:57:25.0994 0x1db4 BrUsbSer - ok
08:57:26.0022 0x1db4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
08:57:26.0037 0x1db4 BTHMODEM - ok
08:57:26.0086 0x1db4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
08:57:26.0105 0x1db4 bthserv - ok
08:57:26.0145 0x1db4 catchme - ok
08:57:26.0180 0x1db4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
08:57:26.0211 0x1db4 cdfs - ok
08:57:26.0273 0x1db4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
08:57:26.0289 0x1db4 cdrom - ok
08:57:26.0319 0x1db4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
08:57:26.0334 0x1db4 CertPropSvc - ok
08:57:26.0361 0x1db4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
08:57:26.0399 0x1db4 circlass - ok
08:57:26.0462 0x1db4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\windows\system32\CLFS.sys
08:57:26.0470 0x1db4 CLFS - ok
08:57:26.0543 0x1db4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:57:26.0596 0x1db4 clr_optimization_v2.0.50727_32 - ok
08:57:26.0644 0x1db4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:57:26.0675 0x1db4 clr_optimization_v2.0.50727_64 - ok
08:57:26.0764 0x1db4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:57:26.0768 0x1db4 clr_optimization_v4.0.30319_32 - ok
08:57:26.0797 0x1db4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:57:26.0803 0x1db4 clr_optimization_v4.0.30319_64 - ok
08:57:26.0856 0x1db4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
08:57:26.0867 0x1db4 CmBatt - ok
08:57:26.0911 0x1db4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
08:57:26.0938 0x1db4 cmdide - ok
08:57:26.0989 0x1db4 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\windows\system32\Drivers\cng.sys
08:57:27.0023 0x1db4 CNG - ok
08:57:27.0094 0x1db4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
08:57:27.0105 0x1db4 Compbatt - ok
08:57:27.0140 0x1db4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
08:57:27.0152 0x1db4 CompositeBus - ok
08:57:27.0171 0x1db4 COMSysApp - ok
08:57:27.0191 0x1db4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
08:57:27.0203 0x1db4 crcdisk - ok
08:57:27.0231 0x1db4 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\windows\system32\cryptsvc.dll
08:57:27.0236 0x1db4 CryptSvc - ok
08:57:27.0283 0x1db4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
08:57:27.0296 0x1db4 DcomLaunch - ok
08:57:27.0325 0x1db4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
08:57:27.0334 0x1db4 defragsvc - ok
08:57:27.0352 0x1db4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
08:57:27.0381 0x1db4 DfsC - ok
08:57:27.0430 0x1db4 [ E428DFFA96FAD07D8CA3C9082563A225, F3D2E94A9FF2CF68CC99A8B42B8DEA5E57D46000D1845DC0908224493480C79F ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys
08:57:27.0445 0x1db4 dg_ssudbus - ok
08:57:27.0500 0x1db4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
08:57:27.0509 0x1db4 Dhcp - ok
08:57:27.0680 0x1db4 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\windows\system32\diagtrack.dll
08:57:27.0724 0x1db4 DiagTrack - ok
08:57:27.0762 0x1db4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
08:57:27.0763 0x1db4 discache - ok
08:57:27.0845 0x1db4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys
08:57:27.0859 0x1db4 Disk - ok
08:57:27.0910 0x1db4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
08:57:27.0915 0x1db4 Dnscache - ok
08:57:27.0999 0x1db4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
08:57:28.0028 0x1db4 dot3svc - ok
08:57:28.0044 0x1db4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
08:57:28.0050 0x1db4 DPS - ok
08:57:28.0096 0x1db4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
08:57:28.0141 0x1db4 drmkaud - ok
08:57:28.0220 0x1db4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
08:57:28.0273 0x1db4 DXGKrnl - ok
08:57:28.0319 0x1db4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
08:57:28.0324 0x1db4 EapHost - ok
08:57:28.0442 0x1db4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
08:57:28.0566 0x1db4 ebdrv - ok
08:57:28.0615 0x1db4 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS C:\windows\System32\lsass.exe
08:57:28.0617 0x1db4 EFS - ok
08:57:28.0696 0x1db4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
08:57:28.0715 0x1db4 ehRecvr - ok
08:57:28.0730 0x1db4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
08:57:28.0745 0x1db4 ehSched - ok
08:57:28.0799 0x1db4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
08:57:28.0825 0x1db4 elxstor - ok
08:57:28.0841 0x1db4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
08:57:28.0850 0x1db4 ErrDev - ok
08:57:28.0905 0x1db4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
08:57:28.0916 0x1db4 EventSystem - ok
08:57:28.0942 0x1db4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
08:57:28.0984 0x1db4 exfat - ok
08:57:29.0010 0x1db4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
08:57:29.0047 0x1db4 fastfat - ok
08:57:29.0292 0x1db4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
08:57:29.0325 0x1db4 Fax - ok
08:57:29.0389 0x1db4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
08:57:29.0408 0x1db4 fdc - ok
08:57:29.0453 0x1db4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
08:57:29.0455 0x1db4 fdPHost - ok
08:57:29.0469 0x1db4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
08:57:29.0472 0x1db4 FDResPub - ok
08:57:29.0482 0x1db4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
08:57:29.0496 0x1db4 FileInfo - ok
08:57:29.0514 0x1db4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
08:57:29.0530 0x1db4 Filetrace - ok
08:57:29.0545 0x1db4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
08:57:29.0562 0x1db4 flpydisk - ok
08:57:29.0588 0x1db4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
08:57:29.0614 0x1db4 FltMgr - ok
08:57:29.0935 0x1db4 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\windows\system32\FntCache.dll
08:57:29.0966 0x1db4 FontCache - ok
08:57:30.0014 0x1db4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:57:30.0015 0x1db4 FontCache3.0.0.0 - ok
08:57:30.0033 0x1db4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
08:57:30.0047 0x1db4 FsDepends - ok
08:57:30.0071 0x1db4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
08:57:30.0105 0x1db4 Fs_Rec - ok
08:57:30.0137 0x1db4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
08:57:30.0141 0x1db4 fvevol - ok
08:57:30.0177 0x1db4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
08:57:30.0192 0x1db4 gagp30kx - ok
08:57:30.0250 0x1db4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
08:57:30.0261 0x1db4 GEARAspiWDM - ok
08:57:30.0309 0x1db4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
08:57:30.0328 0x1db4 gpsvc - ok
08:57:30.0418 0x1db4 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:57:30.0422 0x1db4 gupdate - ok
08:57:30.0453 0x1db4 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:57:30.0455 0x1db4 gupdatem - ok
08:57:30.0487 0x1db4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
08:57:30.0512 0x1db4 hcw85cir - ok
08:57:30.0564 0x1db4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
08:57:30.0596 0x1db4 HdAudAddService - ok
08:57:30.0614 0x1db4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
08:57:30.0616 0x1db4 HDAudBus - ok
08:57:30.0644 0x1db4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
08:57:30.0656 0x1db4 HidBatt - ok
08:57:30.0694 0x1db4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys
08:57:30.0716 0x1db4 HidBth - ok
08:57:30.0755 0x1db4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
08:57:30.0767 0x1db4 HidIr - ok
08:57:30.0806 0x1db4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\System32\hidserv.dll
08:57:30.0816 0x1db4 hidserv - ok
08:57:30.0887 0x1db4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\drivers\hidusb.sys
08:57:30.0916 0x1db4 HidUsb - ok
08:57:31.0034 0x1db4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
08:57:31.0077 0x1db4 hkmsvc - ok
08:57:31.0194 0x1db4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
08:57:31.0205 0x1db4 HomeGroupListener - ok
08:57:31.0242 0x1db4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
08:57:31.0249 0x1db4 HomeGroupProvider - ok
08:57:31.0282 0x1db4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
08:57:31.0299 0x1db4 HpSAMD - ok
08:57:31.0334 0x1db4 [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot C:\windows\system32\DRIVERS\htcnprot.sys
08:57:31.0346 0x1db4 htcnprot - ok
08:57:31.0450 0x1db4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\windows\system32\drivers\HTTP.sys
08:57:31.0466 0x1db4 HTTP - ok
08:57:31.0482 0x1db4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
08:57:31.0483 0x1db4 hwpolicy - ok
08:57:31.0525 0x1db4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
08:57:31.0543 0x1db4 i8042prt - ok
08:57:31.0595 0x1db4 [ A5F72BB0D024E7E463344105BE613AE4, 22B1DED17118C85ACC1F57996FA13428FFE8C96051FAF5212A7E37430F4C62E8 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
08:57:31.0610 0x1db4 iaStor - ok
08:57:31.0647 0x1db4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
08:57:31.0679 0x1db4 iaStorV - ok
08:57:31.0759 0x1db4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:57:31.0873 0x1db4 idsvc - ok
08:57:32.0297 0x1db4 [ 677AA5991026A65ADA128C4B59CF2BAD, 013F9D7362960EEE1DB70EE8B90A896EACA0B752924717FD019A6DD3BFF50C00 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
08:57:32.0850 0x1db4 igfx - ok
08:57:32.0928 0x1db4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
08:57:32.0939 0x1db4 iirsp - ok
08:57:32.0992 0x1db4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
08:57:33.0018 0x1db4 IKEEXT - ok
08:57:33.0148 0x1db4 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
08:57:33.0168 0x1db4 Impcd - ok
08:57:33.0377 0x1db4 [ 801946CE25DD2179FE68599826B0BB88, 4C9D10303DF1EC005693DD28220A9C5B87DD32244112BA1F09D8AD0CF7D311DC ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
08:57:33.0481 0x1db4 IntcAzAudAddService - ok
08:57:33.0549 0x1db4 [ C6C1F19205DA83C801BE7C25F4E2EE07, AE28686272D0F3789751C8F73BE998026BA80D93539C81DDE148E34A34A9AD0C ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
08:57:33.0592 0x1db4 IntcDAud - ok
08:57:33.0628 0x1db4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
08:57:33.0643 0x1db4 intelide - ok
08:57:33.0699 0x1db4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
08:57:33.0700 0x1db4 intelppm - ok
08:57:33.0721 0x1db4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
08:57:33.0739 0x1db4 IPBusEnum - ok
08:57:33.0777 0x1db4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
08:57:33.0794 0x1db4 IpFilterDriver - ok
08:57:33.0834 0x1db4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
08:57:33.0871 0x1db4 iphlpsvc - ok
08:57:33.0921 0x1db4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
08:57:33.0936 0x1db4 IPMIDRV - ok
08:57:33.0957 0x1db4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
08:57:34.0004 0x1db4 IPNAT - ok
08:57:34.0128 0x1db4 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:57:34.0148 0x1db4 iPod Service - ok
08:57:34.0174 0x1db4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
08:57:34.0200 0x1db4 IRENUM - ok
08:57:34.0233 0x1db4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
08:57:34.0250 0x1db4 isapnp - ok
08:57:34.0341 0x1db4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
08:57:34.0362 0x1db4 iScsiPrt - ok
08:57:34.0386 0x1db4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
08:57:34.0403 0x1db4 kbdclass - ok
08:57:34.0454 0x1db4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
08:57:34.0530 0x1db4 kbdhid - ok
08:57:34.0550 0x1db4 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso C:\windows\system32\lsass.exe
08:57:34.0552 0x1db4 KeyIso - ok
08:57:34.0624 0x1db4 [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] KL1 C:\windows\system32\DRIVERS\kl1.sys
08:57:34.0655 0x1db4 KL1 - ok
08:57:34.0783 0x1db4 [ D0C3AEF67932D2A80736FBCB956C017D, 166C2FD5F1B6FFE7A71CD821DFDD02B68D25CBF0D44BD6F2522C65CF1DEB363C ] klflt C:\windows\system32\DRIVERS\klflt.sys
08:57:34.0800 0x1db4 klflt - ok
08:57:34.0866 0x1db4 [ 41DF293A7F0418F5DDED9F0297DC68F3, 25DE4BB7F2D915FCF576ABD46EEDC5574B694A2D1E5CB7AB565792C7BB57C76B ] KLIF C:\windows\system32\DRIVERS\klif.sys
08:57:34.0895 0x1db4 KLIF - ok
08:57:34.0973 0x1db4 [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6 C:\windows\system32\DRIVERS\klim6.sys
08:57:34.0997 0x1db4 KLIM6 - ok
08:57:35.0047 0x1db4 [ 8DA5BC75C3E8A995335642F26CAEA54B, 3995AAB499A37077AA4FB372E75CD9259BA3EA7020B961CF482AC948D2D47AB4 ] klkbdflt C:\windows\system32\DRIVERS\klkbdflt.sys
08:57:35.0071 0x1db4 klkbdflt - ok
08:57:35.0096 0x1db4 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\windows\system32\DRIVERS\klmouflt.sys
08:57:35.0106 0x1db4 klmouflt - ok
08:57:35.0149 0x1db4 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\windows\system32\DRIVERS\klpd.sys
08:57:35.0176 0x1db4 klpd - ok
08:57:35.0226 0x1db4 [ 4828B3D2BC89B05E07101C6E60CE0A6A, C2D40EA03A526286AEDF27DE80CB0576EB59EB7581C9E9ECFCB867349593D7CE ] kltdi C:\windows\system32\DRIVERS\kltdi.sys
08:57:35.0239 0x1db4 kltdi - ok
08:57:35.0336 0x1db4 [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps C:\windows\system32\DRIVERS\kneps.sys
08:57:35.0355 0x1db4 kneps - ok
08:57:35.0386 0x1db4 [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
08:57:35.0402 0x1db4 KSecDD - ok
08:57:35.0415 0x1db4 [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
08:57:35.0433 0x1db4 KSecPkg - ok
08:57:35.0460 0x1db4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
08:57:35.0473 0x1db4 ksthunk - ok
08:57:35.0521 0x1db4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
08:57:35.0554 0x1db4 KtmRm - ok
08:57:35.0601 0x1db4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\System32\srvsvc.dll
08:57:35.0610 0x1db4 LanmanServer - ok
08:57:35.0645 0x1db4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
08:57:35.0651 0x1db4 LanmanWorkstation - ok
08:57:35.0695 0x1db4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
08:57:35.0713 0x1db4 lltdio - ok
08:57:35.0751 0x1db4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
08:57:35.0773 0x1db4 lltdsvc - ok
08:57:35.0789 0x1db4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
08:57:35.0792 0x1db4 lmhosts - ok
08:57:35.0822 0x1db4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
08:57:35.0851 0x1db4 LSI_FC - ok
08:57:35.0894 0x1db4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
08:57:35.0910 0x1db4 LSI_SAS - ok
08:57:35.0935 0x1db4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
08:57:35.0958 0x1db4 LSI_SAS2 - ok
08:57:35.0984 0x1db4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
08:57:36.0000 0x1db4 LSI_SCSI - ok
08:57:36.0033 0x1db4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
08:57:36.0055 0x1db4 luafv - ok
08:57:36.0127 0x1db4 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\windows\system32\drivers\mbam.sys
08:57:36.0141 0x1db4 MBAMProtector - ok
08:57:36.0319 0x1db4 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
08:57:36.0427 0x1db4 MBAMScheduler - ok
08:57:36.0545 0x1db4 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
08:57:36.0582 0x1db4 MBAMService - ok
08:57:36.0661 0x1db4 [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy C:\windows\system32\drivers\MBAMSwissArmy.sys
08:57:36.0677 0x1db4 MBAMSwissArmy - ok
08:57:36.0733 0x1db4 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
08:57:36.0744 0x1db4 MBAMWebAccessControl - ok
08:57:36.0786 0x1db4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
08:57:36.0800 0x1db4 Mcx2Svc - ok
08:57:36.0825 0x1db4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
08:57:36.0839 0x1db4 megasas - ok
08:57:36.0860 0x1db4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
08:57:36.0883 0x1db4 MegaSR - ok
08:57:37.0112 0x1db4 Microsoft SharePoint Workspace Audit Service - ok
08:57:37.0190 0x1db4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
08:57:37.0205 0x1db4 MMCSS - ok
08:57:37.0229 0x1db4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
08:57:37.0241 0x1db4 Modem - ok
08:57:37.0277 0x1db4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
08:57:37.0278 0x1db4 monitor - ok
08:57:37.0318 0x1db4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
08:57:37.0331 0x1db4 mouclass - ok
08:57:37.0383 0x1db4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
08:57:37.0396 0x1db4 mouhid - ok
08:57:37.0428 0x1db4 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\windows\system32\drivers\mountmgr.sys
08:57:37.0430 0x1db4 mountmgr - ok
08:57:37.0496 0x1db4 [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:57:37.0499 0x1db4 MozillaMaintenance - ok
08:57:37.0531 0x1db4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
08:57:37.0551 0x1db4 mpio - ok
08:57:37.0576 0x1db4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
08:57:37.0595 0x1db4 mpsdrv - ok
08:57:37.0642 0x1db4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
08:57:37.0664 0x1db4 MpsSvc - ok
08:57:37.0705 0x1db4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
08:57:37.0735 0x1db4 MRxDAV - ok
08:57:37.0758 0x1db4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
08:57:37.0778 0x1db4 mrxsmb - ok
08:57:37.0816 0x1db4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
08:57:37.0844 0x1db4 mrxsmb10 - ok
08:57:37.0858 0x1db4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
08:57:37.0875 0x1db4 mrxsmb20 - ok
08:57:37.0896 0x1db4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
08:57:37.0912 0x1db4 msahci - ok
08:57:37.0939 0x1db4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
08:57:37.0955 0x1db4 msdsm - ok
08:57:37.0979 0x1db4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
08:57:37.0997 0x1db4 MSDTC - ok
08:57:38.0046 0x1db4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
08:57:38.0061 0x1db4 Msfs - ok
08:57:38.0069 0x1db4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
08:57:38.0079 0x1db4 mshidkmdf - ok
08:57:38.0091 0x1db4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
08:57:38.0100 0x1db4 msisadrv - ok
08:57:38.0149 0x1db4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
08:57:38.0193 0x1db4 MSiSCSI - ok
08:57:38.0197 0x1db4 msiserver - ok
08:57:38.0239 0x1db4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
08:57:38.0255 0x1db4 MSKSSRV - ok
08:57:38.0286 0x1db4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
08:57:38.0296 0x1db4 MSPCLOCK - ok
08:57:38.0332 0x1db4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
08:57:38.0344 0x1db4 MSPQM - ok
08:57:38.0397 0x1db4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
08:57:38.0418 0x1db4 MsRPC - ok
08:57:38.0469 0x1db4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
08:57:38.0470 0x1db4 mssmbios - ok
08:57:38.0491 0x1db4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
08:57:38.0502 0x1db4 MSTEE - ok
08:57:38.0522 0x1db4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
08:57:38.0531 0x1db4 MTConfig - ok
08:57:38.0547 0x1db4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
08:57:38.0562 0x1db4 Mup - ok
08:57:38.0603 0x1db4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
08:57:38.0613 0x1db4 napagent - ok
08:57:38.0708 0x1db4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
08:57:38.0733 0x1db4 NativeWifiP - ok
08:57:38.0804 0x1db4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
08:57:38.0837 0x1db4 NDIS - ok
08:57:38.0893 0x1db4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
08:57:38.0927 0x1db4 NdisCap - ok
08:57:38.0984 0x1db4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
08:57:39.0003 0x1db4 NdisTapi - ok
08:57:39.0028 0x1db4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
08:57:39.0047 0x1db4 Ndisuio - ok
08:57:39.0081 0x1db4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
08:57:39.0120 0x1db4 NdisWan - ok
08:57:39.0135 0x1db4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
08:57:39.0155 0x1db4 NDProxy - ok
08:57:39.0194 0x1db4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
08:57:39.0217 0x1db4 NetBIOS - ok
08:57:39.0250 0x1db4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
08:57:39.0256 0x1db4 NetBT - ok
08:57:39.0275 0x1db4 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon C:\windows\system32\lsass.exe
08:57:39.0294 0x1db4 Netlogon - ok
08:57:39.0453 0x1db4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
08:57:39.0470 0x1db4 Netman - ok
08:57:39.0552 0x1db4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:57:39.0555 0x1db4 NetMsmqActivator - ok
08:57:39.0625 0x1db4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:57:39.0631 0x1db4 NetPipeActivator - ok
08:57:39.0737 0x1db4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
08:57:39.0756 0x1db4 netprofm - ok
08:57:39.0785 0x1db4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:57:39.0788 0x1db4 NetTcpActivator - ok
08:57:39.0810 0x1db4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:57:39.0814 0x1db4 NetTcpPortSharing - ok
08:57:39.0857 0x1db4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
08:57:39.0909 0x1db4 nfrd960 - ok
08:57:39.0979 0x1db4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
08:57:39.0990 0x1db4 NlaSvc - ok
08:57:40.0016 0x1db4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
08:57:40.0046 0x1db4 Npfs - ok
08:57:40.0074 0x1db4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
08:57:40.0083 0x1db4 nsi - ok
08:57:40.0110 0x1db4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
08:57:40.0111 0x1db4 nsiproxy - ok
08:57:40.0315 0x1db4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
08:57:40.0392 0x1db4 Ntfs - ok
08:57:40.0433 0x1db4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
08:57:40.0592 0x1db4 Null - ok
08:57:40.0630 0x1db4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
08:57:40.0651 0x1db4 nvraid - ok
08:57:40.0698 0x1db4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
08:57:40.0732 0x1db4 nvstor - ok
08:57:40.0770 0x1db4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
08:57:40.0788 0x1db4 nv_agp - ok
08:57:40.0802 0x1db4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
08:57:40.0827 0x1db4 ohci1394 - ok
08:57:41.0013 0x1db4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:57:41.0028 0x1db4 ose - ok
08:57:42.0041 0x1db4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:57:42.0215 0x1db4 osppsvc - ok
08:57:42.0287 0x1db4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
08:57:42.0296 0x1db4 p2pimsvc - ok
08:57:42.0334 0x1db4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
08:57:42.0351 0x1db4 p2psvc - ok
08:57:42.0462 0x1db4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys
08:57:42.0479 0x1db4 Parport - ok
08:57:42.0515 0x1db4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
08:57:42.0537 0x1db4 partmgr - ok
08:57:42.0649 0x1db4 [ AFADA8B97BE3C9398DC6C770409C3544, 670451D08AD1534D424D7D6B9BD7D2C71F526313FE2DD34B1F277D7CD403F39B ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
08:57:42.0668 0x1db4 PassThru Service - ok
08:57:42.0708 0x1db4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\windows\System32\pcasvc.dll
08:57:42.0718 0x1db4 PcaSvc - ok
08:57:42.0749 0x1db4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
08:57:42.0780 0x1db4 pci - ok
08:57:42.0824 0x1db4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
08:57:42.0835 0x1db4 pciide - ok
08:57:42.0899 0x1db4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
08:57:42.0922 0x1db4 pcmcia - ok
08:57:42.0958 0x1db4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
08:57:42.0971 0x1db4 pcw - ok
08:57:43.0018 0x1db4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\windows\system32\drivers\peauth.sys
08:57:43.0043 0x1db4 PEAUTH - ok
08:57:43.0111 0x1db4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
08:57:43.0124 0x1db4 PerfHost - ok
08:57:43.0209 0x1db4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
08:57:43.0277 0x1db4 pla - ok
08:57:43.0327 0x1db4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
08:57:43.0342 0x1db4 PlugPlay - ok
08:57:43.0353 0x1db4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
08:57:43.0363 0x1db4 PNRPAutoReg - ok
08:57:43.0387 0x1db4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
08:57:43.0394 0x1db4 PNRPsvc - ok
08:57:43.0445 0x1db4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
08:57:43.0459 0x1db4 PolicyAgent - ok
08:57:43.0522 0x1db4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
08:57:43.0527 0x1db4 Power - ok
08:57:43.0568 0x1db4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
08:57:43.0582 0x1db4 PptpMiniport - ok
08:57:43.0607 0x1db4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
08:57:43.0648 0x1db4 Processor - ok
08:57:43.0780 0x1db4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
08:57:43.0788 0x1db4 ProfSvc - ok
08:57:43.0811 0x1db4 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\windows\system32\lsass.exe
08:57:43.0841 0x1db4 ProtectedStorage - ok
08:57:43.0884 0x1db4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
08:57:43.0887 0x1db4 Psched - ok
08:57:44.0027 0x1db4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
08:57:44.0374 0x1db4 ql2300 - ok
08:57:44.0429 0x1db4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
08:57:44.0476 0x1db4 ql40xx - ok
08:57:44.0567 0x1db4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
08:57:44.0611 0x1db4 QWAVE - ok
08:57:44.0692 0x1db4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
08:57:44.0714 0x1db4 QWAVEdrv - ok
08:57:44.0732 0x1db4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
08:57:44.0757 0x1db4 RasAcd - ok
08:57:44.0876 0x1db4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
08:57:44.0920 0x1db4 RasAgileVpn - ok
08:57:44.0961 0x1db4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
08:57:44.0983 0x1db4 RasAuto - ok
08:57:45.0029 0x1db4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
08:57:45.0057 0x1db4 Rasl2tp - ok
08:57:45.0126 0x1db4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
08:57:45.0145 0x1db4 RasMan - ok
08:57:45.0173 0x1db4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
08:57:45.0195 0x1db4 RasPppoe - ok
08:57:45.0238 0x1db4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
08:57:45.0263 0x1db4 RasSstp - ok
08:57:45.0362 0x1db4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
08:57:45.0404 0x1db4 rdbss - ok
08:57:45.0456 0x1db4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
08:57:45.0476 0x1db4 rdpbus - ok
08:57:45.0489 0x1db4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
08:57:45.0489 0x1db4 RDPCDD - ok
08:57:45.0574 0x1db4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
08:57:45.0575 0x1db4 RDPENCDD - ok
08:57:45.0606 0x1db4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
08:57:45.0607 0x1db4 RDPREFMP - ok
08:57:45.0810 0x1db4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
08:57:45.0836 0x1db4 RdpVideoMiniport - ok
08:57:45.0908 0x1db4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
08:57:45.0952 0x1db4 RDPWD - ok
08:57:46.0020 0x1db4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
08:57:46.0073 0x1db4 rdyboost - ok
08:57:46.0103 0x1db4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
08:57:46.0136 0x1db4 RemoteAccess - ok
08:57:46.0215 0x1db4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
08:57:46.0266 0x1db4 RemoteRegistry - ok
08:57:46.0481 0x1db4 [ 7CCAEBCAB6FC1ED0206C07E083E79207, 40BFA1BEDFF093652279494EDD397FC094794B76916C2681D0544D6793314DFE ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
08:57:46.0501 0x1db4 RichVideo - ok
08:57:46.0566 0x1db4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
08:57:46.0580 0x1db4 RpcEptMapper - ok
08:57:46.0636 0x1db4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
08:57:46.0652 0x1db4 RpcLocator - ok
08:57:46.0727 0x1db4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
08:57:46.0739 0x1db4 RpcSs - ok
08:57:46.0765 0x1db4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
08:57:46.0779 0x1db4 rspndr - ok
08:57:46.0829 0x1db4 [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
08:57:46.0891 0x1db4 RTL8167 - ok
08:57:47.0078 0x1db4 [ 4CA0DBA9E224473D664C25E411F5A3BD, 71423A66165782EFB4DB7BE6CE48DDB463D9F65FD0F266D333A6558791D158E5 ] rtport C:\windows\SysWOW64\drivers\rtport.sys
08:57:47.0102 0x1db4 rtport - ok
08:57:47.0134 0x1db4 [ 62DB6CC4B0818F1B5F3441241B098F12, 7A53B3FBA3F82EDE6FA688E531FBE7EC9E1AE329090C0AFE0DCD64F65BD90F21 ] SABI C:\windows\system32\Drivers\SABI.sys
08:57:47.0144 0x1db4 SABI - ok
08:57:47.0163 0x1db4 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs C:\windows\system32\lsass.exe
08:57:47.0165 0x1db4 SamSs - ok
08:57:47.0242 0x1db4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
08:57:47.0298 0x1db4 sbp2port - ok
08:57:47.0349 0x1db4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
08:57:47.0368 0x1db4 SCardSvr - ok
08:57:47.0408 0x1db4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
08:57:47.0426 0x1db4 scfilter - ok
08:57:47.0526 0x1db4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
08:57:47.0563 0x1db4 Schedule - ok
08:57:47.0594 0x1db4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
08:57:47.0596 0x1db4 SCPolicySvc - ok
08:57:47.0619 0x1db4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
08:57:47.0648 0x1db4 SDRSVC - ok
08:57:47.0690 0x1db4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
08:57:47.0743 0x1db4 secdrv - ok
08:57:47.0775 0x1db4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
08:57:47.0779 0x1db4 seclogon - ok
08:57:47.0809 0x1db4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\system32\sens.dll
08:57:47.0820 0x1db4 SENS - ok
08:57:47.0844 0x1db4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
08:57:47.0855 0x1db4 SensrSvc - ok
08:57:47.0880 0x1db4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\drivers\serenum.sys
08:57:47.0897 0x1db4 Serenum - ok
08:57:47.0927 0x1db4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys
08:57:47.0994 0x1db4 Serial - ok
08:57:48.0025 0x1db4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
08:57:48.0037 0x1db4 sermouse - ok
08:57:48.0071 0x1db4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
08:57:48.0089 0x1db4 SessionEnv - ok
08:57:48.0102 0x1db4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
08:57:48.0113 0x1db4 sffdisk - ok
08:57:48.0118 0x1db4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
08:57:48.0130 0x1db4 sffp_mmc - ok
08:57:48.0150 0x1db4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
08:57:48.0178 0x1db4 sffp_sd - ok
08:57:48.0221 0x1db4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
08:57:48.0255 0x1db4 sfloppy - ok
08:57:48.0380 0x1db4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
08:57:48.0436 0x1db4 SharedAccess - ok
08:57:48.0538 0x1db4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
08:57:48.0556 0x1db4 ShellHWDetection - ok
08:57:48.0587 0x1db4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
08:57:48.0617 0x1db4 SiSRaid2 - ok
08:57:48.0675 0x1db4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
08:57:48.0702 0x1db4 SiSRaid4 - ok
08:57:48.0739 0x1db4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
08:57:48.0764 0x1db4 Smb - ok
08:57:48.0815 0x1db4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
08:57:48.0833 0x1db4 SNMPTRAP - ok
08:57:48.0885 0x1db4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
08:57:48.0895 0x1db4 spldr - ok
08:57:49.0058 0x1db4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
08:57:49.0075 0x1db4 Spooler - ok
08:57:49.0528 0x1db4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
08:57:49.0680 0x1db4 sppsvc - ok
08:57:49.0712 0x1db4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
08:57:49.0757 0x1db4 sppuinotify - ok
08:57:49.0910 0x1db4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
08:57:49.0990 0x1db4 srv - ok
08:57:50.0086 0x1db4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
08:57:50.0146 0x1db4 srv2 - ok
08:57:50.0178 0x1db4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
08:57:50.0213 0x1db4 srvnet - ok
08:57:50.0301 0x1db4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
08:57:50.0320 0x1db4 SSDPSRV - ok
08:57:50.0366 0x1db4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
08:57:50.0385 0x1db4 SstpSvc - ok
08:57:50.0506 0x1db4 [ AAF6F247F1DC370C593B4430974EAD9C, 232D0D62EC83A5537ADB28B5DC01074BA812FE6C70C54F70CD7A5EF1BC19D3E1 ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys
08:57:50.0595 0x1db4 ssudmdm - ok
08:57:50.0630 0x1db4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
08:57:50.0644 0x1db4 stexstor - ok
08:57:50.0750 0x1db4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
08:57:50.0774 0x1db4 stisvc - ok
08:57:50.0811 0x1db4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\DRIVERS\swenum.sys
08:57:50.0834 0x1db4 swenum - ok
08:57:50.0936 0x1db4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
08:57:51.0006 0x1db4 swprv - ok
08:57:51.0102 0x1db4 [ 14FEB5052837D9277520088DCE549036, 8A0AC2E5F3E202E97C71A500CE5947A19163B166FB1D88FDB9FCD69A7FFC8E1D ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
08:57:51.0197 0x1db4 SynTP - ok
08:57:52.0308 0x1db4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
08:57:52.0663 0x1db4 SysMain - ok
08:57:53.0020 0x1db4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
08:57:53.0071 0x1db4 TabletInputService - ok
08:57:53.0123 0x1db4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
08:57:53.0144 0x1db4 TapiSrv - ok
08:57:53.0169 0x1db4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
08:57:53.0180 0x1db4 TBS - ok
08:57:53.0542 0x1db4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
08:57:53.0589 0x1db4 Tcpip - ok
08:57:53.0768 0x1db4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
08:57:53.0805 0x1db4 TCPIP6 - ok
08:57:53.0866 0x1db4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
08:57:53.0888 0x1db4 tcpipreg - ok
08:57:53.0932 0x1db4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
08:57:53.0957 0x1db4 TDPIPE - ok
08:57:53.0996 0x1db4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
08:57:54.0019 0x1db4 TDTCP - ok
08:57:54.0073 0x1db4 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\windows\system32\DRIVERS\tdx.sys
08:57:54.0101 0x1db4 tdx - ok
08:57:54.0148 0x1db4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\DRIVERS\termdd.sys
08:57:54.0169 0x1db4 TermDD - ok
08:57:54.0278 0x1db4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
08:57:54.0434 0x1db4 TermService - ok
08:57:54.0474 0x1db4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
08:57:54.0492 0x1db4 Themes - ok
08:57:54.0540 0x1db4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
08:57:54.0543 0x1db4 THREADORDER - ok
08:57:54.0590 0x1db4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
08:57:54.0609 0x1db4 TrkWks - ok
08:57:54.0672 0x1db4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
08:57:54.0702 0x1db4 TrustedInstaller - ok
08:57:54.0734 0x1db4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
08:57:54.0758 0x1db4 tssecsrv - ok
08:57:54.0798 0x1db4 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
08:57:54.0810 0x1db4 TsUsbFlt - ok
08:57:54.0857 0x1db4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
08:57:54.0881 0x1db4 TsUsbGD - ok
08:57:54.0950 0x1db4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
08:57:54.0979 0x1db4 tunnel - ok
08:57:55.0021 0x1db4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
08:57:55.0035 0x1db4 uagp35 - ok
08:57:55.0135 0x1db4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
08:57:55.0170 0x1db4 udfs - ok
08:57:55.0207 0x1db4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
08:57:55.0244 0x1db4 UI0Detect - ok
08:57:55.0311 0x1db4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
08:57:55.0352 0x1db4 uliagpkx - ok
08:57:55.0377 0x1db4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
08:57:55.0396 0x1db4 umbus - ok
08:57:55.0445 0x1db4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\drivers\umpass.sys
08:57:55.0484 0x1db4 UmPass - ok
08:57:55.0529 0x1db4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
08:57:55.0542 0x1db4 upnphost - ok
08:57:55.0583 0x1db4 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
08:57:55.0596 0x1db4 USBAAPL64 - ok
08:57:55.0629 0x1db4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
08:57:55.0645 0x1db4 usbccgp - ok
08:57:55.0743 0x1db4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
08:57:55.0777 0x1db4 usbcir - ok
08:57:55.0878 0x1db4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\drivers\usbehci.sys
08:57:55.0946 0x1db4 usbehci - ok
08:57:56.0008 0x1db4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
08:57:56.0061 0x1db4 usbhub - ok
08:57:56.0139 0x1db4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\drivers\usbohci.sys
08:57:56.0175 0x1db4 usbohci - ok
08:57:56.0240 0x1db4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
08:57:56.0275 0x1db4 usbprint - ok
08:57:56.0335 0x1db4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
08:57:56.0363 0x1db4 usbscan - ok
08:57:56.0447 0x1db4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
08:57:56.0512 0x1db4 USBSTOR - ok
08:57:56.0551 0x1db4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
08:57:56.0581 0x1db4 usbuhci - ok
08:57:56.0626 0x1db4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
08:57:56.0645 0x1db4 usbvideo - ok
08:57:56.0698 0x1db4 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\windows\system32\drivers\usb8023x.sys
08:57:56.0708 0x1db4 usb_rndisx - ok
08:57:56.0737 0x1db4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
08:57:56.0740 0x1db4 UxSms - ok
08:57:56.0757 0x1db4 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc C:\windows\system32\lsass.exe
08:57:56.0760 0x1db4 VaultSvc - ok
08:57:56.0783 0x1db4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
08:57:56.0857 0x1db4 vdrvroot - ok
08:57:56.0890 0x1db4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
08:57:56.0936 0x1db4 vds - ok
08:57:56.0997 0x1db4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
08:57:57.0032 0x1db4 vga - ok
08:57:57.0063 0x1db4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
08:57:57.0114 0x1db4 VgaSave - ok
08:57:57.0161 0x1db4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
08:57:57.0213 0x1db4 vhdmp - ok
08:57:57.0275 0x1db4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
08:57:57.0299 0x1db4 viaide - ok
08:57:57.0318 0x1db4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
08:57:57.0336 0x1db4 volmgr - ok
08:57:57.0361 0x1db4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
08:57:57.0368 0x1db4 volmgrx - ok
08:57:57.0438 0x1db4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys
08:57:57.0485 0x1db4 volsnap - ok
08:57:57.0584 0x1db4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
08:57:57.0603 0x1db4 vsmraid - ok
08:57:57.0683 0x1db4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
08:57:57.0738 0x1db4 VSS - ok
08:57:57.0759 0x1db4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
08:57:57.0769 0x1db4 vwifibus - ok
08:57:57.0808 0x1db4 [ 13A0DECD1794DE60A8427862C8669D27, 4024AF9F2F052BC80C85F5B9A671499C20AF38838206CC649E6EFE37C380D3BF ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
08:57:57.0828 0x1db4 vwififlt - ok
08:57:57.0859 0x1db4 [ 49003B357D101CDC474937437ECF5ABC, D3EC570D616DC39FE6BF02DA1CD6C30CD07C27CC5B4B6FD6DACB5D8A4F1596A6 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
08:57:57.0860 0x1db4 vwifimp - ok
08:57:57.0902 0x1db4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
08:57:57.0912 0x1db4 W32Time - ok
08:57:57.0958 0x1db4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
08:57:58.0010 0x1db4 WacomPen - ok
08:57:58.0054 0x1db4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
08:57:58.0071 0x1db4 WANARP - ok
08:57:58.0076 0x1db4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
08:57:58.0079 0x1db4 Wanarpv6 - ok
08:57:58.0187 0x1db4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
08:57:58.0230 0x1db4 WatAdminSvc - ok
08:57:58.0301 0x1db4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
08:57:58.0354 0x1db4 wbengine - ok
08:57:58.0450 0x1db4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
08:57:58.0491 0x1db4 WbioSrvc - ok
08:57:58.0604 0x1db4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
08:57:58.0616 0x1db4 wcncsvc - ok
08:57:58.0630 0x1db4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
08:57:58.0643 0x1db4 WcsPlugInService - ok
08:57:58.0676 0x1db4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
08:57:58.0733 0x1db4 Wd - ok
08:57:58.0798 0x1db4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
08:57:58.0828 0x1db4 Wdf01000 - ok
08:57:58.0876 0x1db4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
08:57:58.0880 0x1db4 WdiServiceHost - ok
08:57:58.0886 0x1db4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
08:57:58.0890 0x1db4 WdiSystemHost - ok
08:57:58.0929 0x1db4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
08:57:58.0956 0x1db4 WebClient - ok
08:57:58.0990 0x1db4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
08:57:59.0013 0x1db4 Wecsvc - ok
08:57:59.0034 0x1db4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
08:57:59.0038 0x1db4 wercplsupport - ok
08:57:59.0060 0x1db4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
08:57:59.0073 0x1db4 WerSvc - ok
08:57:59.0088 0x1db4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
08:57:59.0098 0x1db4 WfpLwf - ok
08:57:59.0130 0x1db4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
08:57:59.0168 0x1db4 WIMMount - ok
08:57:59.0213 0x1db4 WinDefend - ok
08:57:59.0235 0x1db4 WinHttpAutoProxySvc - ok
08:57:59.0404 0x1db4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
08:57:59.0438 0x1db4 Winmgmt - ok
08:58:00.0315 0x1db4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
08:58:00.0499 0x1db4 WinRM - ok
08:58:00.0568 0x1db4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\drivers\WinUsb.sys
08:58:00.0586 0x1db4 WinUsb - ok
08:58:01.0004 0x1db4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
08:58:01.0038 0x1db4 Wlansvc - ok
08:58:01.0178 0x1db4 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:58:01.0206 0x1db4 wlcrasvc - ok
08:58:01.0385 0x1db4 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:58:01.0451 0x1db4 wlidsvc - ok
08:58:01.0496 0x1db4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
08:58:01.0520 0x1db4 WmiAcpi - ok
08:58:01.0566 0x1db4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
08:58:01.0585 0x1db4 wmiApSrv - ok
08:58:01.0624 0x1db4 WMPNetworkSvc - ok
08:58:01.0653 0x1db4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
08:58:01.0665 0x1db4 WPCSvc - ok
08:58:01.0683 0x1db4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
08:58:01.0700 0x1db4 WPDBusEnum - ok
08:58:01.0727 0x1db4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
08:58:01.0728 0x1db4 ws2ifsl - ok
08:58:01.0737 0x1db4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\system32\wscsvc.dll
08:58:01.0742 0x1db4 wscsvc - ok
08:58:01.0746 0x1db4 WSearch - ok
08:58:01.0845 0x1db4 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\windows\system32\wuaueng.dll
08:58:01.0913 0x1db4 wuauserv - ok
08:58:01.0943 0x1db4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
08:58:01.0956 0x1db4 WudfPf - ok
08:58:02.0011 0x1db4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\drivers\WUDFRd.sys
08:58:02.0048 0x1db4 WUDFRd - ok
08:58:02.0084 0x1db4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
08:58:02.0126 0x1db4 wudfsvc - ok
08:58:02.0237 0x1db4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
08:58:02.0282 0x1db4 WwanSvc - ok
08:58:02.0370 0x1db4 [ 64F88AF327AA74E03658AE32B48CCB8B, 52C8941D96F2EF89BBC4A4268DC59E5BC89AE2DAB199C13BBFF11C2606BE7FFA ] yukonw7 C:\windows\system32\DRIVERS\yk62x64.sys
08:58:02.0378 0x1db4 yukonw7 - ok
08:58:02.0443 0x1db4 ================ Scan global ===============================
08:58:02.0474 0x1db4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
08:58:02.0521 0x1db4 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\windows\system32\winsrv.dll
08:58:02.0543 0x1db4 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\windows\system32\winsrv.dll
08:58:02.0574 0x1db4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
08:58:02.0616 0x1db4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
08:58:02.0625 0x1db4 [ Global ] - ok
08:58:02.0626 0x1db4 ================ Scan MBR ==================================
08:58:02.0650 0x1db4 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
08:58:02.0966 0x1db4 \Device\Harddisk0\DR0 - ok
08:58:03.0326 0x1db4 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk1\DR1
08:58:03.0334 0x1db4 \Device\Harddisk1\DR1 - ok
08:58:03.0334 0x1db4 ================ Scan VBR ==================================
08:58:03.0338 0x1db4 [ BBB7126136A3FE7A0A0DA8E633C84140 ] \Device\Harddisk0\DR0\Partition1
08:58:03.0339 0x1db4 \Device\Harddisk0\DR0\Partition1 - ok
08:58:03.0342 0x1db4 [ 6FBB8AA90FD594EC986683C5BD9D35E5 ] \Device\Harddisk0\DR0\Partition2
08:58:03.0343 0x1db4 \Device\Harddisk0\DR0\Partition2 - ok
08:58:03.0366 0x1db4 [ AD3863A6B046CD1AFD408590A0FC51FB ] \Device\Harddisk0\DR0\Partition3
08:58:03.0368 0x1db4 \Device\Harddisk0\DR0\Partition3 - ok
08:58:03.0372 0x1db4 [ B70F7CB60EE75C7F81B86465E69F8F1B ] \Device\Harddisk1\DR1\Partition1
08:58:03.0393 0x1db4 \Device\Harddisk1\DR1\Partition1 - ok
08:58:03.0394 0x1db4 ================ Scan generic autorun ======================
08:58:03.0749 0x1db4 [ 1E1FDBB3DF6EAE61984AEBC213271175, FA92FD4BBC60A3795FCAC90EC8A64A10E8C665A22B4B40F531685A043642C11E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
08:58:04.0082 0x1db4 RtHDVCpl - ok
08:58:04.0094 0x1db4 SynTPEnh - ok
08:58:04.0134 0x1db4 [ 358918CCA96AC65CFEA2C271C7B0D4ED, C6A844A2E8DB7A903C7F6B9E7B2A9B60C2B00E4D47A93BCD6EA8A6D2EE10885F ] C:\windows\system32\igfxtray.exe
08:58:04.0139 0x1db4 IgfxTray - ok
08:58:04.0172 0x1db4 [ E3B83A43E60DF321644450188966CC2C, 26002A5B795ED6693CE24347B80F13C5D4B48A9A5E66D3D51418CFF6BBAF5B69 ] C:\windows\system32\hkcmd.exe
08:58:04.0181 0x1db4 HotKeysCmds - ok
08:58:04.0209 0x1db4 [ 77645F69474E1892FEE1612E9D013E09, 6B5D2D3E16BFFE7F260382DC5A182545FB1BFBA81FB3D2FD0433B66BBE159BA7 ] C:\windows\system32\igfxpers.exe
08:58:04.0219 0x1db4 Persistence - ok
08:58:04.0309 0x1db4 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
08:58:04.0317 0x1db4 UpdateLBPShortCut - ok
08:58:04.0602 0x1db4 [ 54FA8528EDA1B6B34615F4EA3FCB35E6, B078821475D6FDED19579A487484D0752DC6E1AA0D1ACA71353C743B00291C61 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
08:58:04.0621 0x1db4 CLMLServer - ok
08:58:04.0723 0x1db4 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
08:58:04.0735 0x1db4 UpdateP2GoShortCut - ok
08:58:04.0840 0x1db4 [ AAD52179D4A526AD4A705B87C6E4F72A, 0015F316DD2E73D5D2434DAC7CAB47050B21BF8CAE23482302A0E1982EF8A3BD ] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
08:58:04.0849 0x1db4 UpdatePDRShortCut - ok
08:58:04.0900 0x1db4 [ 28FD28A29C637C9AFEFE0A26E27C6DFE, A490ADCD7BC9863B6E8773CADFDE6CA58A0743CD64C39D14AF380B18ABDEC003 ] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
08:58:04.0903 0x1db4 RemoteControl8 - ok
08:58:04.0920 0x1db4 [ F8270CFD51F9D6BF42140FA4071C83FE, B7AAF6B13C01CB6B94DEABBDD40249A6D298DD4BCBE2921D8E332F88ED3B754A ] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe
08:58:04.0922 0x1db4 PDVD8LanguageShortcut - ok
08:58:05.0017 0x1db4 [ 9ACFD9D5E12D849B28C78FED6D620EB3, 203D1EECFB44BA7D3936AAA2280B1D88207BA7655AB735C17BF9F3AAF3D8A803 ] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
08:58:05.0024 0x1db4 UpdatePPShortCut - ok
08:58:05.0183 0x1db4 [ 82A3031F7FAA61CB5E040B0D98A104AF, 5EB990BACE18112658208F517EE2E635DBD00A06380DD9DAB253556C980DEA99 ] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
08:58:05.0191 0x1db4 UpdatePSTShortCut - ok
08:58:05.0345 0x1db4 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
08:58:05.0352 0x1db4 UCam_Menu - ok
08:58:06.0237 0x1db4 [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
08:58:06.0239 0x1db4 APSDaemon - ok
08:58:06.0366 0x1db4 [ 3A9FA910E679385D3F5647B9B8CF5CA2, DE321EB829E461CF91474C942FEDCC6FA0C20D9674067FE21C6F3DF438F61A4B ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
08:58:06.0392 0x1db4 OfficeSyncProcess - ok
08:58:06.0498 0x1db4 [ 48C3EBD6D5E52AFCB1A0FA9B7F9802FA, 4F2E27AA8305FFC94F65C65C5FDB8462C92ED02A7B37627404382C3CAB65AC59 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
08:58:06.0500 0x1db4 iCloudServices - ok
08:58:07.0303 0x1db4 [ 2E570D03FA146EB4B1A40164B3873C7D, 7D3BE64F366B5D84CAD0B90A46B6D7746DA9A2BA6141FBC61792F8E34735C85D ] C:\Program Files\CCleaner\CCleaner64.exe
08:58:08.0171 0x1db4 CCleaner Monitoring - ok
08:58:08.0181 0x1db4 Waiting for KSN requests completion. In queue: 100
08:58:09.0182 0x1db4 Waiting for KSN requests completion. In queue: 100
08:58:10.0516 0x1db4 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
08:58:10.0531 0x1db4 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x41010 ( enabled )
08:58:11.0745 0x1db4 ============================================================
08:58:11.0745 0x1db4 Scan finished
08:58:11.0745 0x1db4 ============================================================
08:58:11.0759 0x1dac Detected object count: 0
08:58:11.0759 0x1dac Actual detected object count: 0
|
|
05.07.2015, 18:30
| #6 |
| /// the machine /// TB-Ausbilder | PC sehr langsam und laut und das erste Tool?
__________________ --> PC sehr langsam und laut |
|
| Themen zu PC sehr langsam und laut |
| anwendungen, brauche, extrem, extrem langsam, geladen, gen, jahre, lange, langsam, laptop, pc sehr langsam, sehr langsam, support |
Linear-Darstellung
