| |
| |||||||
Log-Analyse und Auswertung: PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.07.2015, 22:05
| #1 |
 |  PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. Hallo zusammen, Zu meinem Problem: Seit gestern Nachmittag friert mein PC regelmäßig ein. Ich bekomme allerdings kein Blue Screen oder sonstige Warnungen/Meldungen. Wenn Sound läuft, "rauscht" dieser kurz (es klingt als wird der letzte Ton ganz schnell hintereinander immer wieder wiederholt) und die Maus bleibt hängen. Am PC geht dann Garnichts mehr (Weder Maus, noch sämtliche Tastatureingaben). Alles was hilft ist ein manueller Neustart. Der Fehler kommt allerdings nur wenn ich einen Browser benutze und ich glaube auch meistens nur wenn Videos oder Sounddateien spielen. Heute morgen wollte ich direkt nach dem starten Chrome starten (benutze sonst eig. nur Firefox) und der PC hing direkt. Überhitzung kann es also eigentlich nicht sein. Der PC war ja gerade erst gestartet. Konnte gestern Battlefield und LoL zocken, ohne Fehler zu bekommen. Ich habe den Flash Player heute bereits neu installiert und Java aktualisiert, da ich die beiden im Verdacht hatte. Hat aber nix gebracht. Wenn ich mit TOR browse scheint nichts zu passieren. Aber hier sind ja auch alle Addons ausgeschaltet... Ich bin nicht sicher, ob es sich um einen Virus/etc. handelt, aber ich weiß nicht weiter. Die ständigen Neustarts nerven ziemlich  Ich hoffe ihr könnt helfen. Vielen Dank im Voraus. Anbei meine Logs: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 07.07.2015 Suchlaufzeit: 11:56 Protokolldatei: Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.07.07.02 Rootkit-Datenbank: v2015.07.05.03 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Scotty Suchlauftyp: Benutzerdefinierter Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 997051 Abgelaufene Zeit: 4 Std., 11 Min., 3 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 PUP.Riskware.Patcher, D:\Videobearbeitung\Photodex Proshow Producer 7.0.3518 Final_1905\Patch.exe, In Quarantäne, [935b578766245ed8c6a31b2b34cd4cb4], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:24 on 07/07/2015 (Scotty)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Scotty (administrator) on SCOTTY-PC on 07-07-2015 22:24:51
Running from C:\Users\Scotty\Desktop
Loaded Profiles: Scotty (Available Profiles: Scotty)
Platform: Windows 7 Professional N Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) D:\Avast Antivir\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\ASGT.exe
(Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() D:\GnuPG\dirmngr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Flux Software LLC) C:\Users\Scotty\AppData\Local\FluxSoftware\Flux\flux.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Avast Software s.r.o.) D:\Avast Antivir\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avast Software s.r.o.) D:\Avast Antivir\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) D:\Tor\Browser\firefox.exe
() D:\Tor\Browser\TorBrowser\Tor\tor.exe
() C:\Users\Scotty\Desktop\Defogger.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => D:\Office 2010\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Avast Antivir\AvastUI.exe [5511352 2015-03-19] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\Run: [f.lux] => C:\Users\Scotty\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\MountPoints2: {12d205c2-1b66-11e5-a762-74d02b2709de} - N:\LaunchU3.exe -a
HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\MountPoints2: {551699af-0979-11e3-9b03-74d02b2709de} - F:\setup.exe
HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\MountPoints2: {96bdfa79-0808-11e3-aa33-806e6f6e6963} - D:\Bin\ASSETUP.exe
AppInit_DLLs: D:\Sophos\SOPHOS~1\SOPHOS~2.DLL => D:\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [218256 2012-09-21] (Sophos Limited)
AppInit_DLLs-x32: D:\Sophos\SOPHOS~1\SOPHOS~1.DLL => D:\Sophos\Sophos Anti-Virus\sophos_detoured.dll [221840 2012-09-21] (Sophos Limited)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Avast Antivir\ashShA64.dll [2015-03-19] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => D:\Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => D:\Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => D:\Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => D:\Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => D:\Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Avast Antivir\aswWebRepIE64.dll [2015-03-19] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-06] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Avast Antivir\aswWebRepIE.dll [2015-03-19] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Office 2010\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-06] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9F464A7F-1380-41B4-9A30-B723D70986A3}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B7416966-CFB3-445C-9893-0E14162E8441}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default
FF NewTab: about:blank
FF DefaultSearchEngine: DuckDuckGo
FF SearchEngineOrder.1: Google
FF Homepage: facebook.com
FF Keyword.URL: https://www.google.com/search
FF NetworkProxy: "ftp", "131.109.42.105"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "131.109.42.105"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "131.109.42.105"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "131.109.42.105"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-07-07] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\PDF_XViewer\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-06-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\PDF_XViewer\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-06-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-07] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\PDF_XViewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-06-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-06] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\OFFICE~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\OFFICE~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2015-06-26] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\PDF_XViewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-06-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> D:\VLC Player\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> D:\VLC Player\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> D:\VLC Player\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> D:\VLC Player\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\VLC Player\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\VLC Player\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-4268881813-2952948070-2875398935-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\PDF_XViewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-06-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4268881813-2952948070-2875398935-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Scotty\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-26] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4268881813-2952948070-2875398935-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-16] ()
FF SearchPlugin: C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\searchplugins\duckduckgo.xml [2014-09-22]
FF SearchPlugin: C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\searchplugins\metager.xml [2014-12-28]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-12-20]
FF Extension: Disconnect - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\2.0@disconnect.me.xpi [2015-04-18]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\elemhidehelper@adblockplus.org.xpi [2013-08-18]
FF Extension: Ghostery - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\firefox@ghostery.com.xpi [2014-01-08]
FF Extension: MEGA - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\firefox@mega.co.nz.xpi [2015-02-03]
FF Extension: YouTube Enhancer Plus - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\firefoxaddon@youtubeenhancer.com.xpi [2015-04-07]
FF Extension: Privacy Badger Firefox - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2015-04-18]
FF Extension: Reddit Enhancement Suite - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2013-10-29]
FF Extension: ProxTube - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-09-12]
FF Extension: Video DownloadHelper - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-18]
FF Extension: Adblock Plus - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-18]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-20]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Avast Antivir\WebRep\FF
FF Extension: Avast Online Security - D:\Avast Antivir\WebRep\FF [2013-08-18]
FF HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-20]
StartMenuInternet: FIREFOX.EXE - D:\Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-18]
CHR Extension: (Google Drive) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-18]
CHR Extension: (YouTube) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-18]
CHR Extension: (Adblock Plus) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-18]
CHR Extension: (Google Search) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-18]
CHR Extension: (AdBlock) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-18]
CHR Extension: (Avast Online Security) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-09-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-19]
CHR Extension: (Ghostery) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-02-25]
CHR Extension: (Google Wallet) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Avast Antivir\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 avast! Antivirus; D:\Avast Antivir\AvastSvc.exe [343336 2015-03-19] (Avast Software s.r.o.)
R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2647256 2014-01-24] (Blue Coat Systems, Inc.)
R2 DirMngr; D:\GnuPG\dirmngr.exe [218112 2013-10-07] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; D:\Malwarebytes' Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Microsoft SharePoint Workspace Audit Service; D:\Office 2010\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2004488 2015-07-01] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-06-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-06-16] ()
R2 Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [45056 2010-01-21] (Realtek) [File not signed]
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2015-06-26] ()
S2 SkypeUpdate; D:\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-01] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-10-26] ()
R2 bckd; C:\Windows\System32\drivers\bckd.sys [126168 2014-01-24] (Blue Coat Systems, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-08-20] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-10-26] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-07-07] (SlimWare Utilities, Inc.)
R1 truecrypt; C:\Windows\SysWOW64\drivers\truecrypt.sys [191264 2006-07-03] (TrueCrypt Foundation) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-07 22:24 - 2015-07-07 22:25 - 00023481 _____ C:\Users\Scotty\Desktop\FRST.txt
2015-07-07 22:24 - 2015-07-07 22:25 - 00000000 ____D C:\FRST
2015-07-07 22:24 - 2015-07-07 22:24 - 00000474 _____ C:\Users\Scotty\Desktop\defogger_disable.log
2015-07-07 22:24 - 2015-07-07 22:24 - 00000000 _____ C:\Users\Scotty\defogger_reenable
2015-07-07 20:26 - 2015-07-07 22:21 - 00000022 _____ C:\Windows\S.dirmngr
2015-07-07 20:25 - 2015-07-07 22:21 - 00001578 _____ C:\Windows\PFRO.log
2015-07-07 13:19 - 2015-07-07 13:19 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-07 13:19 - 2015-07-07 13:19 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-07 12:33 - 2015-07-07 12:33 - 00380416 _____ C:\Users\Scotty\Desktop\Gmer-19357.exe
2015-07-07 12:30 - 2015-07-07 12:30 - 02112512 _____ (Farbar) C:\Users\Scotty\Desktop\FRST64.exe
2015-07-07 12:29 - 2015-07-07 12:29 - 00050477 _____ C:\Users\Scotty\Desktop\Defogger.exe
2015-07-07 12:28 - 2015-07-07 12:28 - 00602112 _____ (OldTimer Tools) C:\Users\Scotty\Desktop\OTL.exe
2015-07-07 11:17 - 2015-07-07 22:21 - 00000840 _____ C:\Windows\setupact.log
2015-07-07 11:17 - 2015-07-07 11:17 - 746910759 _____ C:\Windows\MEMORY.DMP
2015-07-07 11:17 - 2015-07-07 11:17 - 00315280 _____ C:\Windows\Minidump\070715-13821-01.dmp
2015-07-07 11:17 - 2015-07-07 11:17 - 00000000 _____ C:\Windows\setuperr.log
2015-07-07 11:07 - 2015-07-07 11:07 - 00005387 _____ C:\Users\Scotty\AppData\Local\Temp8.html
2015-07-07 11:05 - 2015-07-07 11:05 - 00001667 _____ C:\Users\Scotty\AppData\Local\Temp1.html
2015-07-06 20:58 - 2015-07-06 20:58 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-06 20:58 - 2015-07-06 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-06 20:58 - 2015-07-06 20:58 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-06 20:03 - 2015-07-06 20:03 - 02884055 ____H C:\Users\Scotty\Desktop\~WRL0132.tmp
2015-07-05 21:36 - 2015-07-05 21:41 - 00011349 _____ C:\Users\Scotty\Desktop\Kosten.xlsx
2015-06-28 14:51 - 2015-06-28 14:51 - 00000000 ____D C:\Users\Scotty\Documents\Thief
2015-06-26 13:07 - 2015-06-26 13:07 - 00000000 ____D C:\Program Files (x86)\Photodex Presenter
2015-06-26 13:07 - 2015-06-26 13:07 - 00000000 ____D C:\Program Files (x86)\Photodex
2015-06-26 13:01 - 2015-06-26 13:01 - 00003114 _____ C:\Windows\System32\Tasks\{425D08CC-E5E1-475C-94DB-7668F900B965}
2015-06-23 23:42 - 2015-06-23 23:42 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\Netscape
2015-06-23 23:41 - 2015-06-23 23:41 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\Photodex
2015-06-23 23:41 - 2015-06-23 23:41 - 00000000 ____D C:\ProgramData\Photodex
2015-06-23 23:35 - 2015-06-23 23:38 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\Ashampoo Slideshow Studio HD 3
2015-06-23 23:34 - 2015-06-23 23:34 - 00000000 ____D C:\Users\Scotty\AppData\Local\ashampoo
2015-06-23 23:34 - 2015-06-23 23:34 - 00000000 ____D C:\ProgramData\Ashampoo
2015-06-23 20:30 - 2015-06-23 20:30 - 00000761 _____ C:\Users\Scotty\Desktop\Slideshow.lnk
2015-06-23 20:08 - 2015-06-23 20:08 - 00000000 ____D C:\Users\Scotty\Documents\MAGIX_MusicEditor
2015-06-23 20:08 - 2015-06-23 20:08 - 00000000 ____D C:\Users\Scotty\AppData\Local\Magix
2015-06-23 20:07 - 2015-06-23 22:55 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\MAGIX
2015-06-23 20:07 - 2015-06-23 20:07 - 00000000 ____D C:\Users\Scotty\AppData\Local\Xara
2015-06-23 20:06 - 2015-06-29 12:04 - 00000000 ___RD C:\Users\Scotty\Documents\MAGIX
2015-06-23 20:06 - 2015-06-29 12:04 - 00000000 ____D C:\ProgramData\MAGIX
2015-06-20 22:20 - 2015-06-20 22:20 - 00000000 ____D C:\Users\Scotty\AppData\Local\ESN
2015-06-12 16:37 - 2015-06-12 16:37 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-10 10:39 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 10:39 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 10:39 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 10:39 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 10:39 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 10:39 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 10:39 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 10:39 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 10:39 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 10:39 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 10:39 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 10:39 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 10:39 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 10:39 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 10:39 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 10:39 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 10:39 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 10:39 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 10:39 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 10:39 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 10:39 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 10:39 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 10:39 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 10:39 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 10:39 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 10:39 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 10:39 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 10:39 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 10:39 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 10:39 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 10:38 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 10:38 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 10:38 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 10:38 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 10:38 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 10:38 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 10:38 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 10:38 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 10:38 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 10:38 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 10:38 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 10:38 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 10:38 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 10:38 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 10:38 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 10:38 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 10:38 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 10:38 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 10:38 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 10:38 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 10:38 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 10:38 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 10:38 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 10:38 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 10:38 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 10:38 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 10:38 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 10:38 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 10:38 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 10:38 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 10:38 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 10:38 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 10:38 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 10:38 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 10:38 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 10:38 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 10:38 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 10:38 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 10:38 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 10:38 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 10:38 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 10:38 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 10:38 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 10:38 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 10:38 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 10:38 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 10:38 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 10:38 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 10:38 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 10:38 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 10:38 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 10:38 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 10:38 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 10:38 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 10:38 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 10:38 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 10:38 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 10:38 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 10:38 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 10:38 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 10:38 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 10:38 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 10:38 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 10:38 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 10:38 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 10:38 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 10:38 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 10:38 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 10:38 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 10:38 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 10:38 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 10:38 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 10:38 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 10:38 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 10:38 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 10:38 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 10:38 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 10:38 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 10:38 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 10:38 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 10:38 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 10:38 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 10:38 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 10:38 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 10:38 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 10:38 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 10:38 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 10:38 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 10:38 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 10:38 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 10:38 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-07 21:38 - 2015-07-07 22:24 - 01784647 _____ C:\Windows\WindowsUpdate.log
2015-06-07 21:08 - 2015-06-07 21:35 - 00000000 ____D C:\AdwCleaner
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-07 22:24 - 2013-08-18 15:22 - 00000000 ____D C:\Users\Scotty
2015-07-07 22:22 - 2013-08-18 17:21 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-07 22:21 - 2013-08-18 16:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-07 22:21 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-07 21:35 - 2013-08-18 17:21 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-07 20:41 - 2009-07-14 06:50 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-07 20:41 - 2009-07-14 06:50 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-07 20:32 - 2011-04-12 10:14 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-07-07 20:32 - 2011-04-12 10:14 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-07-07 20:32 - 2009-07-14 07:12 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-07 20:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache
2015-07-07 13:19 - 2014-10-23 11:41 - 00000000 ____D C:\Users\Scotty\AppData\Local\Adobe
2015-07-07 12:20 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-07-07 11:56 - 2015-06-06 23:36 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-07 11:17 - 2015-01-04 23:08 - 00000000 ____D C:\Windows\Minidump
2015-07-07 11:13 - 2013-08-26 17:35 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\Azureus
2015-07-07 11:00 - 2015-05-20 14:00 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2015-07-06 20:59 - 2013-10-01 12:55 - 00000000 ____D C:\ProgramData\Oracle
2015-07-06 15:44 - 2013-08-18 16:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-06 13:46 - 2015-03-20 00:28 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-06 13:38 - 2013-08-29 13:00 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-06 13:32 - 2013-08-28 21:34 - 00000000 ____D C:\ProgramData\Origin
2015-07-02 17:59 - 2013-08-18 17:41 - 00004140 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-30 23:08 - 2013-08-19 15:29 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\vlc
2015-06-24 11:34 - 2009-07-14 06:50 - 00456392 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-23 23:42 - 2013-08-18 16:49 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\Mozilla
2015-06-23 20:13 - 2013-08-18 16:47 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-23 20:13 - 2013-08-18 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-23 20:10 - 2013-08-18 16:04 - 00136720 _____ C:\Users\Scotty\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-23 20:06 - 2015-05-09 03:00 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-06-23 20:05 - 2013-09-30 20:46 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-23 13:30 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-22 23:37 - 2013-08-18 17:45 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-22 00:41 - 2013-08-29 14:33 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-06-21 11:51 - 2013-08-29 14:29 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-06-20 22:22 - 2014-06-28 13:32 - 00076152 _____ C:\Windows\system32\PnkBstrA.exe
2015-06-20 22:10 - 2014-01-24 17:14 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-06-18 08:41 - 2015-06-06 23:35 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-18 08:41 - 2015-06-06 23:35 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-18 08:41 - 2015-06-06 23:35 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-16 23:04 - 2013-12-30 03:24 - 00000000 ____D C:\Users\Scotty\Documents\My Games
2015-06-16 23:04 - 2013-08-29 14:33 - 00000000 ____D C:\Users\Scotty\AppData\Local\PunkBuster
2015-06-16 23:02 - 2014-01-17 02:25 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-12 16:37 - 2013-08-18 16:13 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-11 10:50 - 2013-10-16 02:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 10:48 - 2014-12-01 22:12 - 00000000 __SHD C:\Users\Scotty\AppData\Local\EmieBrowserModeList
2015-06-11 10:48 - 2014-07-21 13:57 - 00000000 __SHD C:\Users\Scotty\AppData\Local\EmieUserList
2015-06-11 10:48 - 2014-07-21 13:57 - 00000000 __SHD C:\Users\Scotty\AppData\Local\EmieSiteList
2015-06-10 19:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-10 18:27 - 2014-09-19 12:36 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-10 18:15 - 2014-12-10 20:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-10 18:15 - 2014-05-06 11:28 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 11:55 - 2013-08-18 16:56 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 11:51 - 2013-08-18 16:56 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 11:51 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-06-08 11:07 - 2013-10-18 11:20 - 00000537 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-06-07 21:37 - 2013-08-20 12:41 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\DAEMON Tools Lite
==================== Files in the root of some directories =======
2014-02-21 17:57 - 2014-02-21 17:57 - 0000000 ___SH () C:\Users\Scotty\AppData\Local\LumaEmu
2014-02-27 19:54 - 2014-02-27 19:54 - 0001488 _____ () C:\Users\Scotty\AppData\Local\recently-used.xbel
2015-07-07 11:05 - 2015-07-07 11:05 - 0001667 _____ () C:\Users\Scotty\AppData\Local\Temp1.html
2015-07-07 11:07 - 2015-07-07 11:07 - 0005387 _____ () C:\Users\Scotty\AppData\Local\Temp8.html
2015-05-20 14:40 - 2015-05-20 14:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-25 16:02 - 2015-03-25 16:02 - 0001534 _____ () C:\ProgramData\ss.ini
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-03 10:05
==================== End of log ============================
|
|
07.07.2015, 22:10
| #2 |
| | PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. Logs die zweite
__________________FRST Additions Logfile: [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Scotty at 2015-07-07 22:25:26
Running from C:\Users\Scotty\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4268881813-2952948070-2875398935-500 - Administrator - Disabled)
Gast (S-1-5-21-4268881813-2952948070-2875398935-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4268881813-2952948070-2875398935-1183 - Limited - Enabled)
Scotty (S-1-5-21-4268881813-2952948070-2875398935-1000 - Administrator - Enabled) => C:\Users\Scotty
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
0 A.D. (HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\0 A.D.) (Version: r15148P-alpha - Wildfire Games)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
ANNO 1404 - Venice (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.0.5008.0 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtMoney SE v7.43 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.43 - System SoftLab)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version: - Ubisoft Montreal)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Banished version 1.0.3 (HKLM-x32\...\Banished_is1) (Version: 1.0.3 - theprodukkt)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Blue Coat K9 Web Protection (HKLM\...\Blue Coat K9 Web Protection) (Version: 4.4.276 - Blue Coat Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Burnout™ Paradise: The Ultimate Box (HKLM-x32\...\{1CDC8E7D-CDFC-4C2B-A080-23D943354625}) (Version: 1.1.0.0 - Electronic Arts)
Burnout™ Paradise: The Ultimate Box (HKLM-x32\...\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 1.1.0.0 - Electronic Arts)
Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities Skylines Deluxe Edition 1.0.6b (HKLM-x32\...\Cities Skylines Deluxe Edition 1.0.6b) (Version: - )
Command & Conquer™ Alarmstufe Rot 3 Der Aufstand (HKLM-x32\...\{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}) (Version: 1.0.1.0 - Electronic Arts)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Die Gilde 2 Complete Edition 1.00 (HKLM-x32\...\Die Gilde 2 Complete Edition 1.00) (Version: 1.00 - specy123)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.5 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.20140326 - Landesfinanzdirektion Thüringen)
Empire Earth - The Art of Conquest (HKLM-x32\...\{B49C924C-A651-4378-94F6-5D9BF44A959F}) (Version: - )
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version: - )
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version: - The Creative Assembly)
Europa Universalis IV Version 1.9.2 (HKLM-x32\...\Europa Universalis IV_is1) (Version: 1.9.2 - Paradox Interactive)
f.lux (HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\Flux) (Version: - )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Free M4a to MP3 Converter 8.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
FreeRIP MP3 Converter 4.5.4 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.5.4 - GreenTree Applications SRL)
Game of Thrones (HKLM-x32\...\Game of Thrones_is1) (Version: - )
Google Chrome (HKLM-x32\...\{6B50D4E7-A873-3102-A1F9-CD5B17976208}) (Version: 65.119.95 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
Grand Ages: Rome (HKLM-x32\...\Steam App 23450) (Version: - Haemimont Games)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto)
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
How to Survive (HKLM-x32\...\Steam App 250400) (Version: - )
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Imperium Romanum: Gold Edition (HKLM-x32\...\Steam App 23400) (Version: - Haemimont Games)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 Uncut Edition 2.1.3.4 (HKLM-x32\...\Left 4 Dead 2 Uncut Edition 2.1.3.4) (Version: - )
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Markstrat Team (HKLM-x32\...\{AF8FEA18-45B9-4DE0-8CA1-A98125423A93}) (Version: 5.1.0.7 - StratX)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version: - The Creative Assembly)
Medieval II: Total War Kingdoms (HKLM-x32\...\Steam App 4780) (Version: - The Creative Assembly)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version: - The Creative Assembly)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Omerta - City of Gangsters (HKLM-x32\...\Steam App 208520) (Version: - Haemimont Games)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Patrician IV: Steam Special Edition (HKLM-x32\...\Steam App 57620) (Version: - Gaming Minds Studios)
Patrizier 4 (HKLM-x32\...\{25B473C3-2C62-482B-858F-94ED76880F79}) (Version: 1.0.0 - Kalypso Media)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.211.0 - Tracker Software Products Ltd)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
PeerGuardian 2.0 (HKLM-x32\...\PeerGuardian_is1) (Version: 2.0.6.4 - Methlabs Productions)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Port Royale 3 (HKLM-x32\...\{68DED384-1F74-4AEE-8B8E-95AF15572FE3}) (Version: 1.3.3.0 - Gaming Minds Studios GmbH)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.86.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0150 - REALTEK Semiconductor Corp.)
Risen (HKLM-x32\...\Steam App 40300) (Version: - Piranha – Bytes)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
Sacred 2 Gold (HKLM-x32\...\Steam App 225640) (Version: - Ascaron)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SleepTimer Ultimate 1.2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version: - Christian Handorf)
SlimDrivers (HKLM-x32\...\{5AD12E7A-D739-4451-9BD1-3610EC56D8F5}) (Version: 2.2.45206 - SlimWare Utilities, Inc.)
State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
Total War Attila German Edition Incl. Update 2 and DLCs 1.2.0 (HKLM-x32\...\Total War Attila German Edition Incl. Update 2 and DLCs 1.2.0) (Version: - )
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version: - The Creative Assembly)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity (HKLM-x32\...\Unity) (Version: 4.5.0f6 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Viking: Battle for Asgard (HKLM-x32\...\Steam App 211160) (Version: - Creative Assembly, PC Port - Hardlight)
VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.4.0.0 - Azureus Software, Inc.)
WhoCrashed 3.01 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4268881813-2952948070-2875398935-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Scotty\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
==================== Restore Points =========================
24-06-2015 12:36:43 Windows Update
30-06-2015 11:53:34 Windows Update
06-07-2015 20:57:03 Removed Java 7 Update 67
07-07-2015 10:50:45 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-06-23 20:14 - 00000877 ____A C:\Windows\system32\Drivers\etc\hosts
- 127.0.0.1 www.magix.com
- 127.0.0.1 195.214.216.16
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {58AF0CD8-BF83-4323-8E07-D93E5628373A} - System32\Tasks\{425D08CC-E5E1-475C-94DB-7668F900B965} => pcalua.exe -a "D:\Videobearbeitung\Photodex ProShow Producer\remove.exe"
Task: {7B567AFF-7873-4876-B9CB-CF4390D9FACA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-18] (Google Inc.)
Task: {8C1CEB2F-BCB8-4C60-8436-D164E88E4682} - System32\Tasks\{0288D029-7E5E-4616-8E31-A26128487127} => Firefox.exe hxxp://ui.skype.com/ui/0/6.7.60.102/de/go/help.faq.installer?LastError=1618
Task: {8DFE7567-9C65-4E6F-B930-16998ABE4C35} - System32\Tasks\ASUS\i-Setup161428 => C:\Windows\Chipset\AsusSetup.exe
Task: {9E59521A-F3ED-4B1B-84FC-D998C79E4F0A} - System32\Tasks\avast! Emergency Update => D:\Avast Antivir\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {9F2E46AD-AEA8-4129-A5AF-956AFD4F3341} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-18] (Google Inc.)
Task: {D0FB459D-8C27-4277-A079-8F804B6137C4} - System32\Tasks\ASUS\i-Setup161342 => C:\Windows\Chipset\AsusSetup.exe
Task: {EF65DFE3-FE59-41A2-AC15-CB7C4D2603CA} - System32\Tasks\CCleanerSkipUAC => D:\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {FBE02011-8329-4FA6-AD46-BAD6D8FB031F} - System32\Tasks\{AED7B909-A030-4DF6-8789-799F3751DC60} => pcalua.exe -a D:\Downloads\pg2-050918-nt(1).exe -d D:\Downloads
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-08-18 16:06 - 2015-05-12 05:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2013-10-07 16:54 - 2013-10-07 16:54 - 00218112 _____ () D:\GnuPG\dirmngr.exe
2014-06-28 13:32 - 2015-06-20 22:22 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-06-26 13:07 - 2015-06-26 13:07 - 00186760 _____ () C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
2000-01-01 02:00 - 2015-07-07 11:57 - 02029056 _____ () D:\Tor\Browser\TorBrowser\Tor\tor.exe
2015-07-07 12:29 - 2015-07-07 12:29 - 00050477 _____ () C:\Users\Scotty\Desktop\Defogger.exe
2015-03-19 01:03 - 2015-03-19 01:03 - 00104400 _____ () D:\Avast Antivir\log.dll
2015-03-19 01:03 - 2015-03-19 01:03 - 00081728 _____ () D:\Avast Antivir\JsonRpcServer.dll
2015-07-07 20:24 - 2015-07-07 20:24 - 02956288 _____ () D:\Avast Antivir\defs\15070701\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00221184 _____ () D:\GnuPG\libksba-8.dll
2013-10-07 16:47 - 2013-10-07 16:47 - 00037888 _____ () D:\GnuPG\libgpg-error-0.dll
2013-10-07 16:44 - 2013-10-07 16:44 - 00050176 _____ () D:\GnuPG\libw32pth-0.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00069632 _____ () D:\GnuPG\libassuan-0.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00628224 _____ () D:\GnuPG\libgcrypt-11.dll
2014-01-30 12:52 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll
2015-05-20 14:26 - 2015-05-01 18:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-19 01:03 - 2015-03-19 01:03 - 40540672 _____ () D:\Avast Antivir\libcef.dll
2015-03-19 01:03 - 2015-03-19 01:03 - 01359872 _____ () D:\Avast Antivir\libglesv2.dll
2015-03-19 01:03 - 2015-03-19 01:03 - 00212992 _____ () D:\Avast Antivir\libegl.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00092087 _____ () D:\Tor\Browser\libssp-0.dll
2000-01-01 02:00 - 2015-07-07 11:57 - 05066766 _____ () D:\Tor\Browser\mozjs.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00714452 _____ () D:\Tor\Browser\TorBrowser\Tor\libevent-2-0-5.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00092087 _____ () D:\Tor\Browser\TorBrowser\Tor\libssp-0.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00517814 _____ () D:\Tor\Browser\TorBrowser\Tor\libgcc_s_sjlj-1.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00110592 _____ () D:\Tor\Browser\TorBrowser\Tor\zlib1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Scotty\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: ApplePhotoStreams => D:\iCloud\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "D:\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: com.apple.dav.bookmarks.daemon => D:\iCloud\BookmarkDAV_client.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: iCloudServices => D:\iCloud\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "D:\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{FFA69B1D-AB91-41AF-A497-F3B3D9A576DF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AB4244AD-F701-4511-9C86-8F0C24E3B433}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{4D79D8EA-A4C6-4963-B8D7-80D7D59BC7C8}G:\call of duty black ops-skidrow\blackops.exe] => (Allow) G:\call of duty black ops-skidrow\blackops.exe
FirewallRules: [UDP Query User{AC0663FA-8A7D-4F4B-82AE-D16BB74689C2}G:\call of duty black ops-skidrow\blackops.exe] => (Allow) G:\call of duty black ops-skidrow\blackops.exe
FirewallRules: [{F0290F1A-FA08-48B6-828D-9976FDE76F8E}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{5F72131A-DDC1-4D96-A39C-8C8EE78C6194}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{712A819F-8CCA-4A69-8AD0-DDC57CF5AAF7}] => (Allow) G:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{6DE70122-09D4-46A6-A922-94AC7DF220DB}] => (Allow) G:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [TCP Query User{7F8E11CE-072B-43B2-A1DA-E70C8131AB4C}G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6mp.exe] => (Block) G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6mp.exe
FirewallRules: [UDP Query User{295255F7-6CA8-45B1-B262-634118598C00}G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6mp.exe] => (Block) G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6mp.exe
FirewallRules: [TCP Query User{DEADC0D7-D123-4664-A6FA-DC7EC1F80ADE}G:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe] => (Allow) G:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe
FirewallRules: [UDP Query User{76CE7EF4-78FC-406F-81FF-1B2D20A1FA7F}G:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe] => (Allow) G:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe
FirewallRules: [TCP Query User{C8068A49-F557-4D21-868C-3CC9B1534D5A}G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6sp.exe] => (Allow) G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6sp.exe
FirewallRules: [UDP Query User{20098A8B-C5F2-458F-A932-DC5865635772}G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6sp.exe] => (Allow) G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6sp.exe
FirewallRules: [{EE7C22FE-45DE-451D-9E91-EAC322120AAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4EC5ADC1-316C-4136-9C49-08778B68CC68}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{97FDB33B-CEE6-46B3-B64B-CCDC38A61028}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{56A800AE-28E1-4411-BC09-2D38AE0D29EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{49642E5E-3974-42F6-8301-B2EDBFAABA39}] => (Allow) G:\Program Files (x86)\Origin Games\Burnout Paradise\BurnoutParadise.exe
FirewallRules: [{C41AA543-092F-4150-AA38-B10976810B29}] => (Allow) G:\Program Files (x86)\Origin Games\Burnout Paradise\BurnoutParadise.exe
FirewallRules: [{B71FD072-875A-4ED4-B756-771EF873698E}] => (Allow) D:\Office 2010\Office14\ONENOTE.EXE
FirewallRules: [{779EAC18-5136-47C4-BE43-40A2AB9AABFA}] => (Allow) D:\Office 2010\Office14\ONENOTE.EXE
FirewallRules: [{29AA05AB-4B22-489D-8AAF-134FC28F66C9}] => (Allow) D:\Office 2010\Office14\outlook.exe
FirewallRules: [{4301F59C-32C0-4F15-B920-CB6FAEE75EF0}] => (Allow) D:\Office 2010\Office14\GROOVE.EXE
FirewallRules: [{ED97FF70-9523-43A6-9268-400FBA54DF53}] => (Allow) D:\Office 2010\Office14\GROOVE.EXE
FirewallRules: [{AA8F1735-8886-4525-A63E-32E31691CBE7}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\Anno4.exe
FirewallRules: [{6EF0FD82-C269-4D55-98EB-F188C8A0D7E9}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\Anno4.exe
FirewallRules: [{BB86B4E8-27C3-48CB-A04A-1AD2D12180C5}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\tools\Anno4Web.exe
FirewallRules: [{5284E14D-5312-4FEF-8E9A-F981C9DA15F8}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\tools\Anno4Web.exe
FirewallRules: [{518F6F99-5071-45FF-A251-01374E17F8EE}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\Addon.exe
FirewallRules: [{A3DEF35E-71F4-4303-A3BF-FAEFB963320D}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\Addon.exe
FirewallRules: [{4662FE09-1A25-4B4E-BF63-6C69EEB8870D}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\tools\AddonWeb.exe
FirewallRules: [{7903B522-AAFD-4BA5-BD64-01C37A7F1158}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\tools\AddonWeb.exe
FirewallRules: [{67849F89-1798-4B35-B6D2-DA8D325873B1}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{97608F49-B0CB-4B7F-B81A-7AE2C725BC41}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{B85B17FB-0AE9-4D89-B1A6-635FFBFBA044}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{59E98CA6-D295-418C-B6B3-B9D715A916FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FA926770-646B-4024-887D-5F9B3C478F7F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{34D04A73-91FF-4829-9BD4-C194DE5D89AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9EACC2C3-DFD4-4B51-8C6D-3672FDEC1176}] => (Allow) G:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{0264A735-7EA2-4C0E-86E1-0FE607CA486A}] => (Allow) G:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{ABE7DB9C-3B6B-429F-9D89-176136B9D487}] => (Allow) G:\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{0C733E4D-621E-4D35-9C3E-66810D0EED5F}] => (Allow) G:\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{5E0FC3B4-8070-49C1-BED0-FBF6D5371AAE}] => (Allow) G:\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{D1149AF0-66ED-490F-A5F4-5E58580D140F}] => (Allow) G:\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{7F5B4CDD-6A28-45FB-8D79-D61E1490891A}] => (Allow) G:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{16FED7AD-DD44-4C5D-BF6B-36555FA3C892}] => (Allow) G:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{A7506ABE-ED66-40D1-9027-083BC88E2069}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B0682A05-87C1-4DE6-B8CD-FCF176EC9A5B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{02CF6BB5-D8AA-4970-9EE3-E52728B183AF}] => (Allow) G:\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{CF10DF55-5A45-45C2-A307-1D785A777FA5}] => (Allow) G:\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [TCP Query User{A789040A-778E-4AC8-AC1F-0659777B52BC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{87F96826-8FFD-4F12-AFDD-4F8078FF5D0A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{94203678-DEDD-4A1E-8DB3-77DBBC68828E}G:\steam\steam.exe] => (Allow) G:\steam\steam.exe
FirewallRules: [UDP Query User{3A495DE5-DD0C-4F7E-88D3-30A241DD7CC8}G:\steam\steam.exe] => (Allow) G:\steam\steam.exe
FirewallRules: [TCP Query User{AD0A5D0C-ABD3-49D7-8E49-260C452D9E8D}I:\stronghold 2\stronghold2.exe] => (Allow) I:\stronghold 2\stronghold2.exe
FirewallRules: [UDP Query User{0C729C2F-7E4B-4629-AFCD-DCFA0C4E53D4}I:\stronghold 2\stronghold2.exe] => (Allow) I:\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{744F4B7C-D235-435F-AB66-997123FB4390}I:\modern warfare 2\iw4mp.exe] => (Block) I:\modern warfare 2\iw4mp.exe
FirewallRules: [UDP Query User{B07A2882-FB29-4C96-B6CF-4A44BC3FE07D}I:\modern warfare 2\iw4mp.exe] => (Block) I:\modern warfare 2\iw4mp.exe
FirewallRules: [TCP Query User{43F64302-D87A-426B-8208-4E211FA39D94}I:\call of duty 5 - world at war\codwaw.exe] => (Block) I:\call of duty 5 - world at war\codwaw.exe
FirewallRules: [UDP Query User{D126FDB1-E277-441A-BA1A-129FE3E3DFC3}I:\call of duty 5 - world at war\codwaw.exe] => (Block) I:\call of duty 5 - world at war\codwaw.exe
FirewallRules: [TCP Query User{8401408D-84B0-430F-B2FD-404A6DAAD72D}I:\call of duty 5 - world at war\codwawmp.exe] => (Block) I:\call of duty 5 - world at war\codwawmp.exe
FirewallRules: [UDP Query User{E2EFF4E9-3334-4CEE-8B6F-603CF53071F2}I:\call of duty 5 - world at war\codwawmp.exe] => (Block) I:\call of duty 5 - world at war\codwawmp.exe
FirewallRules: [{1FB92D95-A6E8-44AD-BCC7-47C02D40DEFA}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{E4FB355B-121E-4894-AC9B-E527991C6FE1}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{6880DCC9-393F-4AD8-8658-C1BD9FA42527}] => (Allow) LPort=1542
FirewallRules: [{3BF54AA9-66E2-4827-A776-4788708E1D87}] => (Allow) LPort=1542
FirewallRules: [{ABCBD741-C888-487D-AB1C-ACE3201B6D7D}] => (Allow) LPort=53
FirewallRules: [TCP Query User{E5499EAD-2F7E-4055-BA2C-4B2F37F0D52C}G:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) G:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{2C5A3DE3-A831-4B5C-9E19-12EC3CE79320}G:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) G:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{1E0EE256-F7D7-437A-BF6F-EF24278ED160}G:\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) G:\steam\steamapps\common\planetside 2\planetside2.exe
FirewallRules: [UDP Query User{B053842F-AF80-4A7A-B659-F3BBAED431A4}G:\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) G:\steam\steamapps\common\planetside 2\planetside2.exe
FirewallRules: [TCP Query User{94BDD4FF-4C7B-4E3B-8A8A-D059B0B4E918}G:\dayz\dayz standalone v.0.34.115.106 - p2p-release\dayz_28.exe] => (Allow) G:\dayz\dayz standalone v.0.34.115.106 - p2p-release\dayz_28.exe
FirewallRules: [UDP Query User{D190307E-DE41-4292-93AD-EC0747AA24DF}G:\dayz\dayz standalone v.0.34.115.106 - p2p-release\dayz_28.exe] => (Allow) G:\dayz\dayz standalone v.0.34.115.106 - p2p-release\dayz_28.exe
FirewallRules: [TCP Query User{88E8EF81-B2A2-4D58-B73B-A6B2B5901FF9}G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6zm.exe] => (Allow) G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6zm.exe
FirewallRules: [UDP Query User{14552DF3-454D-4DF5-B5D5-168B745B1712}G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6zm.exe] => (Allow) G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6zm.exe
FirewallRules: [TCP Query User{531D67F4-A288-45CA-B779-E298A64149F5}D:\vuze\azureus.exe] => (Block) D:\vuze\azureus.exe
FirewallRules: [UDP Query User{85DA6337-C37D-4242-84DF-A4827B5FE8AA}D:\vuze\azureus.exe] => (Block) D:\vuze\azureus.exe
FirewallRules: [TCP Query User{BF58F7FD-5970-4F00-8FC0-96DA4A74D9A7}I:\stronghold 2\stronghold2.exe] => (Allow) I:\stronghold 2\stronghold2.exe
FirewallRules: [UDP Query User{37B11F96-AF1E-4F11-A9B2-B37D3A69683A}I:\stronghold 2\stronghold2.exe] => (Allow) I:\stronghold 2\stronghold2.exe
FirewallRules: [{51E45985-FB29-45F0-A435-AB2B013E5AE9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{98D1E901-7371-44B2-8199-B4A962FC7AFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0EF02F5E-53F4-47EB-AB24-50774C010EC5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CE079958-9131-419B-94DF-79314EA0A920}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B5BEC0C4-6C50-4534-A13F-5E23F34E1E02}] => (Allow) D:\iTunes\iTunes.exe
FirewallRules: [{A00F5CE3-FDF1-4A81-832A-DAA08F08DBF1}] => (Allow) G:\Patrizier 4\Patrician4.exe
FirewallRules: [{A4D7F9E5-A668-4B34-884F-87EF760ED4AB}] => (Allow) G:\Patrizier 4\Patrician4.exe
FirewallRules: [TCP Query User{532A08D9-0D55-499A-AA52-DDF9F2B2EB2D}I:\borderlands\gearbox software\borderlands\binaries\borderlands.exe] => (Allow) I:\borderlands\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{078FEE7A-82C9-49B7-A06A-BD4F3E8F582B}I:\borderlands\gearbox software\borderlands\binaries\borderlands.exe] => (Allow) I:\borderlands\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [TCP Query User{15EFBF13-9CF7-45F0-8357-2FABEBAC4E4B}G:\left 4 dead 2\left4dead2.exe] => (Allow) G:\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{A664F030-ED2E-49FA-AFD8-9545BA5D7672}G:\left 4 dead 2\left4dead2.exe] => (Allow) G:\left 4 dead 2\left4dead2.exe
FirewallRules: [{26592723-CC72-41DD-9678-1EB7C1372499}] => (Allow) G:\Steam\SteamApps\common\Risen\bin\Risen.exe
FirewallRules: [{CE25EFD6-3E0F-4FCF-9C41-3E4C0FF6A1F6}] => (Allow) G:\Steam\SteamApps\common\Risen\bin\Risen.exe
FirewallRules: [{A02F1879-3501-4D60-B45A-AB9FDE1CBEF0}] => (Allow) G:\Steam\SteamApps\common\Risen 2\system\Risen2.exe
FirewallRules: [{B336EC0D-77DC-4F5D-89FA-952351258A64}] => (Allow) G:\Steam\SteamApps\common\Risen 2\system\Risen2.exe
FirewallRules: [{8A91371E-A338-4A5F-B01D-8D3CAD6A5580}] => (Allow) G:\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{FE10235B-2D9B-4B50-B7CA-418E9F4494C8}] => (Allow) G:\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{594B9B13-7365-40F2-A86C-F5B972978336}] => (Allow) G:\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{B92DA8DD-C600-4CF1-9DDF-BC76C07784A3}] => (Allow) G:\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{BA420E8B-7410-44E7-A13C-4659C7390DA6}] => (Allow) G:\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{5BD39739-93E0-42AC-9EBF-D7D25068300C}] => (Allow) G:\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{A5602BEB-4F09-42A2-82AF-F8F353781002}] => (Allow) G:\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{FDAC2DE1-4567-4FB2-BA86-D4BC4D26CC31}] => (Allow) G:\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{FFD77448-B3E2-4BC6-BD2E-715E9B901967}] => (Allow) G:\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{E2389553-6CF9-4058-A7F8-D8763A623006}] => (Allow) G:\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [TCP Query User{A85D0C15-1061-4EBB-AE06-0714D1E4FE76}G:\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) G:\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [UDP Query User{CC40851D-7234-4407-A326-C053F38EEC3D}G:\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) G:\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{2D2A4BF6-A30B-481A-9043-62E6D1394A22}] => (Allow) G:\Steam\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{8D8B9027-F607-4481-AD01-BFAACC26EE01}] => (Allow) G:\Steam\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{780D4A08-6066-49DF-A5C5-A26F3885358C}] => (Allow) G:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{91138AC3-6F3D-43DD-972A-F5CE13A63CF5}] => (Allow) G:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{D4F730AF-9698-4C83-9CD7-8F27DE747DEA}] => (Allow) G:\Steam\SteamApps\common\Viking Battle for Asgard\viking.exe
FirewallRules: [{8E0F56D6-8707-46ED-AA44-251B592DD113}] => (Allow) G:\Steam\SteamApps\common\Viking Battle for Asgard\viking.exe
FirewallRules: [{9C076CA0-6153-42F1-AC18-ED08C1E13AB6}] => (Allow) G:\Steam\SteamApps\common\Viking Battle for Asgard\ConfigTool.exe
FirewallRules: [{E7ED83C3-A6CA-4108-9925-8708CC37CCA9}] => (Allow) G:\Steam\SteamApps\common\Viking Battle for Asgard\ConfigTool.exe
FirewallRules: [{896F59FF-35E3-4D46-A882-DEF8F3137AEA}] => (Allow) G:\Steam\SteamApps\common\Medieval II Total War\Launcher.exe
FirewallRules: [{FAF60676-0C6D-46B9-B792-B39F9CE5A858}] => (Allow) G:\Steam\SteamApps\common\Medieval II Total War\Launcher.exe
FirewallRules: [TCP Query User{CBD29EEA-B7C7-4D80-B763-F305D46B72E0}D:\unity 3d\editor\unity.exe] => (Allow) D:\unity 3d\editor\unity.exe
FirewallRules: [UDP Query User{12F9F402-C522-4C99-8B83-DBF6B00BD7FC}D:\unity 3d\editor\unity.exe] => (Allow) D:\unity 3d\editor\unity.exe
FirewallRules: [TCP Query User{7FFF35AE-FDFE-409F-822A-2D4F389980A5}D:\unity 3d\under the sea.exe] => (Allow) D:\unity 3d\under the sea.exe
FirewallRules: [UDP Query User{C8CFE31C-C4C2-4C1B-B12A-A822DFF8B2AA}D:\unity 3d\under the sea.exe] => (Allow) D:\unity 3d\under the sea.exe
FirewallRules: [{28654D46-7B47-4020-961D-5B44051A8656}] => (Allow) G:\Steam\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{DE059310-4642-47F5-9FB8-62D48B78AF30}] => (Allow) G:\Steam\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{44191E4F-B036-45F1-A55E-C92B4AE6418D}] => (Allow) G:\Port Royale 3\PortRoyale3.exe
FirewallRules: [{9ABAC60A-267A-4177-B3EB-61AE9380D40C}] => (Allow) G:\Steam\SteamApps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{2A689BD6-ABFC-468F-8FD3-33EA715C55F4}] => (Allow) G:\Steam\SteamApps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{48B2D8F7-AAE6-4FDD-82D1-7A231FCB61A1}] => (Allow) G:\Steam\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{7FA81C54-470F-48D2-B248-BB39FCB10612}] => (Allow) G:\Steam\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{A953EAA2-80C1-49C4-B7F4-A56C44014575}] => (Allow) G:\Steam\SteamApps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{90A2F7D4-7074-47F5-ACDD-5631FFDDE592}] => (Allow) G:\Steam\SteamApps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{CA1E33F9-F6E1-49DB-BB4B-69876569C1B2}] => (Allow) G:\Steam\SteamApps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{206E49AC-CD3C-497A-BB51-39FAB0A0EB70}] => (Allow) G:\Steam\SteamApps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{9CAC2605-95C7-4A3B-AE0B-FE7A320F5305}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{DB66B38B-63ED-4F44-B763-F3228DC1FC5D}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{6B338272-5D6E-4E81-9A13-BFF1A743D78F}G:\empire earth_aoc addon\ee-aoc (2).exe] => (Allow) G:\empire earth_aoc addon\ee-aoc (2).exe
FirewallRules: [UDP Query User{C50E8559-3E5A-40AB-9554-51EABFB8BC58}G:\empire earth_aoc addon\ee-aoc (2).exe] => (Allow) G:\empire earth_aoc addon\ee-aoc (2).exe
FirewallRules: [TCP Query User{DED40E84-7AB1-48DC-B0FD-F9E135E093FF}G:\0 a. d\binaries\system\pyrogenesis.exe] => (Allow) G:\0 a. d\binaries\system\pyrogenesis.exe
FirewallRules: [UDP Query User{88365C49-3CC7-449F-90CE-63BF6F7ED6F5}G:\0 a. d\binaries\system\pyrogenesis.exe] => (Allow) G:\0 a. d\binaries\system\pyrogenesis.exe
FirewallRules: [{BB089873-359E-4D88-B5FF-4D3C92E0A47C}] => (Allow) LPort=20595
FirewallRules: [{0288BAD5-8AF8-4A3D-8731-1663B567C342}] => (Allow) G:\Steam\SteamApps\common\Imperium Romanum\Imperium Romanum.exe
FirewallRules: [{2FC64BC6-32EC-4C9E-A0ED-9F011E2D4FF2}] => (Allow) G:\Steam\SteamApps\common\Imperium Romanum\Imperium Romanum.exe
FirewallRules: [{BCE3A93E-E953-4AA8-B35D-F5A2E04662EF}] => (Allow) G:\Steam\SteamApps\common\Omerta\OmertaSteam.exe
FirewallRules: [{2C8F6372-0275-4D23-8563-6D41C0598F1B}] => (Allow) G:\Steam\SteamApps\common\Omerta\OmertaSteam.exe
FirewallRules: [{2DD5D23B-F417-42C3-B859-6C5DC30AE623}] => (Allow) G:\Steam\SteamApps\common\Grand Ages Rome\Rome.exe
FirewallRules: [{CF05FF74-376E-4508-A396-AD9670E86839}] => (Allow) G:\Steam\SteamApps\common\Grand Ages Rome\Rome.exe
FirewallRules: [{4BF73FC7-F076-4A7A-B0B5-4FDBFACAA536}] => (Allow) G:\Steam\SteamApps\common\Patrician IV\Patrician4.exe
FirewallRules: [{C5AEF18B-B51D-41C1-8A79-9B798DEFC476}] => (Allow) G:\Steam\SteamApps\common\Patrician IV\Patrician4.exe
FirewallRules: [TCP Query User{FE574337-A967-4D64-8E35-5B149E4375B7}G:\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) G:\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [UDP Query User{D09B2B92-B410-48E3-8600-E1BF48712DF5}G:\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) G:\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [{541426ED-D598-4E7F-BFE7-A2BD951CFEB9}] => (Allow) D:\Skype\Phone\Skype.exe
FirewallRules: [{4DEC54AF-AEE2-4619-8C7D-F719CC98196F}] => (Allow) D:\Vuze\Azureus.exe
FirewallRules: [{B71C91E3-E0B3-4DD8-8F93-3451660F091F}] => (Allow) D:\Vuze\Azureus.exe
FirewallRules: [{DC46806A-28AE-49BA-B3A2-3DD6CD0BF8D2}] => (Allow) LPort=41780
FirewallRules: [TCP Query User{0B79457C-322E-4264-9110-FFF5ECE7E2A9}G:\landmark beta\landmark64.exe] => (Allow) G:\landmark beta\landmark64.exe
FirewallRules: [UDP Query User{14C72136-1D79-425F-A260-98056539F7B2}G:\landmark beta\landmark64.exe] => (Allow) G:\landmark beta\landmark64.exe
FirewallRules: [{4F061697-9B80-426D-8919-17223E0A8E02}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9A2FEE1C-A42B-457F-8E82-B2830B7C1889}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F1548A68-B5F7-4799-A22C-68238CBE1140}] => (Allow) G:\Battle.net\Battle.net.exe
FirewallRules: [{225914CC-F764-45A0-803E-D15F4BA1D2EB}] => (Allow) G:\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{904AEFF6-8152-41F9-8A5C-A0A2AC03C5D6}G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{893A2AC5-4E7F-47E6-B686-29A9356A9FF1}G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{10B9F722-865F-41B8-92AF-8CDACDD66AC6}G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{F0431EA5-6451-476A-99EF-D0BBAAE97887}G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{D303ACA6-69E0-4324-986D-59581E7BCC2E}] => (Allow) G:\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{DEFF7D20-08AB-4916-B584-975AC480E190}] => (Allow) G:\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{A44B88D4-379E-4E09-86F6-4A219A2ACBC6}] => (Allow) G:\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{85AFB7B0-CF50-4219-8BF2-3F7ED9540F7F}] => (Allow) G:\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{B37EDFD3-0B19-4566-9920-F8A2CB727BB3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{97005664-463C-4980-AC69-B29519CFC468}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{3C036CE4-664C-40CD-9DB5-2CAEAD025CDA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{738E15CB-7C31-4190-9015-94D2BFF273C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{40D8C402-32E2-4821-8F50-9CF828D3143B}] => (Allow) D:\Firefox\firefox.exe
FirewallRules: [{E77586DB-C812-4450-B083-22B076FD3F5E}] => (Allow) D:\Firefox\firefox.exe
FirewallRules: [{363059F7-4F2B-4067-928D-2C268217432E}] => (Allow) G:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{9CBF6B6E-5572-42C4-AEA1-9DE8032903EA}] => (Allow) G:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{E67A6002-19E5-47C8-8F3D-99C2861DED45}] => (Allow) G:\Age of Empires 3\AoE3\age3x.exe
FirewallRules: [{2A6F2CFF-0153-4FFA-949B-EFFA24EDFDED}] => (Allow) G:\Age of Empires 3\AoE3\age3x.exe
FirewallRules: [{5994F128-BC4C-468C-92BD-7667742DE787}] => (Allow) G:\Age of Empires 3\AoE3\age3y.exe
FirewallRules: [{E48DC774-1A75-4A1E-83ED-B7FDBD4A3990}] => (Allow) G:\Age of Empires 3\AoE3\age3y.exe
FirewallRules: [TCP Query User{7DE3C639-C14C-468A-9FA2-E2D24B3FB820}G:\steam\steamapps\common\total war attila\attila.exe] => (Allow) G:\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{EE27A8C1-F193-4BBD-858C-26E347420382}G:\steam\steamapps\common\total war attila\attila.exe] => (Allow) G:\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [{E6D82598-A427-40CB-A398-F17DDD62C909}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{0F364C7F-855B-4C2C-8C00-A115F15811D1}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{8EF25516-30AF-4697-9E27-1010E5334A5E}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{404197E2-14BA-4FAB-9075-C4E1059C5E9E}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{F6221388-C064-4FA6-82FD-81F9E3A87F4B}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{E0BD414D-1207-4E70-9FC5-BF3E52272EC5}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{DF1D4E3D-81F6-4971-9EA2-46952CE3D538}] => (Allow) G:\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{A22BB3D8-1991-44B9-835F-6C12E9A966E9}] => (Allow) G:\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{F5B8CBE9-2080-4586-8426-B4D68396CAF1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D088F147-001E-464F-89D6-1A55AE51B480}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{88E469E2-E545-4024-8D93-30AD1B8B44AE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{01516ECA-7E7F-4137-893A-45930B13A318}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{943439FB-7E2C-4751-8DF9-43E294442879}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{87036C02-0DF7-4F1C-8B64-3C3E18D63961}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{AEE1C49F-50D3-42CF-BF66-9BFA4E13AB0F}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{980064BB-E115-4D5E-AB1D-D6475E647383}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{225679CB-C30F-4A87-B5B6-894F4B23D327}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/07/2015 10:21:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2015 08:26:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2015 01:17:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000df585
ID des fehlerhaften Prozesses: 0x60c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Error: (07/07/2015 11:45:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 2.3.55.0, Zeitstempel: 0x557a2a02
Name des fehlerhaften Moduls: mbam.exe, Version: 2.3.55.0, Zeitstempel: 0x557a2a02
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001de590
ID des fehlerhaften Prozesses: 0x1574
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Error: (07/07/2015 11:41:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2015 11:33:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2015 11:17:50 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (3320) WebCacheLocal: Fehler -1811 beim Öffnen von Protokolldatei C:\Users\Scotty\AppData\Local\Microsoft\Windows\WebCache\V01000E0.log.
Error: (07/07/2015 11:17:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2015 10:56:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2015 10:54:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/07/2015 10:21:33 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.07.2015 um 22:19:54 unerwartet heruntergefahren.
Error: (07/07/2015 11:41:08 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.07.2015 um 11:38:54 unerwartet heruntergefahren.
Error: (07/07/2015 11:35:41 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
Error: (07/07/2015 11:17:40 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff88007fbbd7b, 0xfffff88008c72798, 0xfffff88008c71ff0)C:\Windows\MEMORY.DMP070715-13821-01
Error: (07/07/2015 11:17:38 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.07.2015 um 11:16:14 unerwartet heruntergefahren.
Error: (07/07/2015 10:56:23 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.07.2015 um 10:54:43 unerwartet heruntergefahren.
Error: (07/07/2015 10:53:52 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.07.2015 um 10:51:27 unerwartet heruntergefahren.
Error: (07/07/2015 10:46:36 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 07.07.2015 um 10:43:41 unerwartet heruntergefahren.
Error: (07/06/2015 09:10:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 06.07.2015 um 21:07:58 unerwartet heruntergefahren.
Error: (07/06/2015 08:54:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 06.07.2015 um 20:51:08 unerwartet heruntergefahren.
Microsoft Office:
=========================
Error: (07/07/2015 10:21:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2015 08:26:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2015 01:17:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d6727a7unknown0.0.0.000000000c0000005000df58560c01d0b8a66fea0b3dC:\Windows\SysWOW64\explorer.exeunknownb6d0123e-2499-11e5-bce2-74d02b2709de
Error: (07/07/2015 11:45:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe2.3.55.0557a2a02mbam.exe2.3.55.0557a2a02c0000005001de590157401d0b8997a3abda5D:\Malwarebytes' Anti-Malware\mbam.exeD:\Malwarebytes' Anti-Malware\mbam.exedfd23feb-248c-11e5-bce2-74d02b2709de
Error: (07/07/2015 11:41:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2015 11:33:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2015 11:17:50 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost3320WebCacheLocal: C:\Users\Scotty\AppData\Local\Microsoft\Windows\WebCache\V01000E0.log-1811
Error: (07/07/2015 11:17:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2015 10:56:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/07/2015 10:54:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2015-04-03 21:57:44.766
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-04-03 21:57:44.724
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-18 21:05:53.538
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-18 21:05:53.485
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-28 12:03:50.114
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-28 12:03:50.075
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-28 12:03:31.447
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-28 12:03:31.409
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-28 12:01:56.695
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-28 12:01:56.657
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz
Percentage of memory in use: 13%
Total physical RAM: 16327.51 MB
Available physical RAM: 14139.61 MB
Total Virtual: 32653.23 MB
Available Virtual: 30389.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:30.78 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.45 GB) (Free:810.06 GB) NTFS
Drive e: (Storage) (Fixed) (Total:39.08 GB) (Free:38.94 GB) NTFS
Drive g: (Games) (Fixed) (Total:931.44 GB) (Free:268.61 GB) NTFS
Drive h: (Daten) (Fixed) (Total:129.56 GB) (Free:115.9 GB) NTFS
Drive i: (Spiele) (Fixed) (Total:129.45 GB) (Free:24.91 GB) NTFS
Drive k: (VERBATIM) (Fixed) (Total:931.51 GB) (Free:61.35 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 796F09E5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: E4FC5876)
Partition 1: (Active) - (Size=39.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=129.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=129.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: 627EB82D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of log ============================
--- --- --- Im Anhang findet ihr noch den GMER Log. Dieser war leider zu lang um ihn zu posten und zu groß um ihn ungezipt anzuhängen, Sorry! |
|
08.07.2015, 05:52
| #3 |
| /// the machine /// TB-Ausbilder    | PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
08.07.2015, 09:53
| #4 |
| | PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. Hi, wenn ich "Malwarebytes Anti-Rootkit" starte, kommt eine Fehlermeldung: "Registry Value "AppInit_Dlls" has been found, which may be caused by rootkit activity." Man kann den Wert erstmal ignorieren oder ihn direkt löschen. Ich habe ihn jetzt erstmal ignoriert. Hier der Log von Malwarebyte Anti Rootkit: (kam sauber zurück) Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.07.08.02
rootkit: v2015.07.07.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17843
Scotty :: SCOTTY-PC [administrator]
08.07.2015 10:42:44
mbar-log-2015-07-08 (10-42-44).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 375712
Time elapsed: 5 minute(s), 46 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 10:49:10.0230 0x07f8 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
10:49:30.0279 0x07f8 ============================================================
10:49:30.0279 0x07f8 Current date / time: 2015/07/08 10:49:30.0279
10:49:30.0279 0x07f8 SystemInfo:
10:49:30.0280 0x07f8
10:49:30.0280 0x07f8 OS Version: 6.1.7601 ServicePack: 1.0
10:49:30.0280 0x07f8 Product type: Workstation
10:49:30.0280 0x07f8 ComputerName: SCOTTY-PC
10:49:30.0280 0x07f8 UserName: Scotty
10:49:30.0280 0x07f8 Windows directory: C:\Windows
10:49:30.0280 0x07f8 System windows directory: C:\Windows
10:49:30.0280 0x07f8 Running under WOW64
10:49:30.0280 0x07f8 Processor architecture: Intel x64
10:49:30.0280 0x07f8 Number of processors: 4
10:49:30.0280 0x07f8 Page size: 0x1000
10:49:30.0280 0x07f8 Boot type: Normal boot
10:49:30.0280 0x07f8 ============================================================
10:49:30.0621 0x07f8 KLMD registered as C:\Windows\system32\drivers\92483464.sys
10:49:30.0678 0x07f8 System UUID: {6FC7F923-4DD5-E1D5-DA64-BC184AF8A0AF}
10:49:30.0938 0x07f8 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:49:30.0938 0x07f8 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:49:30.0952 0x07f8 Drive \Device\Harddisk2\DR2 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:49:30.0954 0x07f8 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:49:30.0955 0x07f8 Drive \Device\Harddisk4\DR4 - Size: 0x1E150DE00 ( 7.52 Gb ), SectorSize: 0x200, Cylinders: 0x3D5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:49:30.0957 0x07f8 ============================================================
10:49:30.0957 0x07f8 \Device\Harddisk1\DR1:
10:49:30.0957 0x07f8 GPT partitions:
10:49:30.0957 0x07f8 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {C6CE7D1F-3DC3-46E5-BF1B-DB8A98A3DE80}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
10:49:30.0957 0x07f8 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {38C72D1D-ACB6-4E1B-AF9D-D9D07FB8DBA7}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746E4000
10:49:30.0957 0x07f8 \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3EB24C8A-DBA7-4135-A348-520086F9A7EE}, Name: Basic data partition, StartLBA 0x74724800, BlocksNum 0x746E3800
10:49:30.0957 0x07f8 MBR partitions:
10:49:30.0957 0x07f8 \Device\Harddisk0\DR0:
10:49:30.0957 0x07f8 MBR partitions:
10:49:30.0957 0x07f8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:49:30.0957 0x07f8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
10:49:30.0957 0x07f8 \Device\Harddisk2\DR2:
10:49:30.0958 0x07f8 MBR partitions:
10:49:30.0958 0x07f8 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4E26B6E
10:49:30.0958 0x07f8 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x4E27000, BlocksNum 0x10320800
10:49:30.0958 0x07f8 \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x15147800, BlocksNum 0x102E6800
10:49:30.0958 0x07f8 \Device\Harddisk3\DR3:
10:49:30.0958 0x07f8 MBR partitions:
10:49:30.0958 0x07f8 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
10:49:30.0958 0x07f8 \Device\Harddisk4\DR4:
10:49:30.0958 0x07f8 MBR partitions:
10:49:30.0958 0x07f8 \Device\Harddisk4\DR4\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xF07956
10:49:30.0958 0x07f8 ============================================================
10:49:30.0960 0x07f8 C: <-> \Device\Harddisk0\DR0\Partition2
10:49:30.0999 0x07f8 D: <-> \Device\Harddisk1\DR1\Partition2
10:49:31.0011 0x07f8 E: <-> \Device\Harddisk2\DR2\Partition1
10:49:31.0047 0x07f8 G: <-> \Device\Harddisk1\DR1\Partition3
10:49:31.0075 0x07f8 H: <-> \Device\Harddisk2\DR2\Partition2
10:49:31.0113 0x07f8 I: <-> \Device\Harddisk2\DR2\Partition3
10:49:31.0148 0x07f8 K: <-> \Device\Harddisk3\DR3\Partition1
10:49:31.0148 0x07f8 ============================================================
10:49:31.0149 0x07f8 Initialize success
10:49:31.0149 0x07f8 ============================================================
10:50:09.0094 0x061c ============================================================
10:50:09.0094 0x061c Scan started
10:50:09.0094 0x061c Mode: Manual; SigCheck; TDLFS;
10:50:09.0094 0x061c ============================================================
10:50:09.0094 0x061c KSN ping started
10:50:11.0537 0x061c KSN ping finished: true
10:50:12.0350 0x061c ================ Scan system memory ========================
10:50:12.0350 0x061c System memory - ok
10:50:12.0350 0x061c ================ Scan services =============================
10:50:12.0376 0x061c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:50:12.0416 0x061c 1394ohci - ok
10:50:12.0425 0x061c [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
10:50:12.0438 0x061c acedrv11 - ok
10:50:12.0445 0x061c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:50:12.0457 0x061c ACPI - ok
10:50:12.0460 0x061c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:50:12.0470 0x061c AcpiPmi - ok
10:50:12.0481 0x061c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:50:12.0494 0x061c adp94xx - ok
10:50:12.0503 0x061c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:50:12.0514 0x061c adpahci - ok
10:50:12.0519 0x061c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:50:12.0528 0x061c adpu320 - ok
10:50:12.0532 0x061c [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:50:12.0542 0x061c AeLookupSvc - ok
10:50:12.0552 0x061c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
10:50:12.0568 0x061c AFD - ok
10:50:12.0571 0x061c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:50:12.0579 0x061c agp440 - ok
10:50:12.0582 0x061c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:50:12.0592 0x061c ALG - ok
10:50:12.0594 0x061c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:50:12.0601 0x061c aliide - ok
10:50:12.0604 0x061c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:50:12.0610 0x061c amdide - ok
10:50:12.0613 0x061c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:50:12.0623 0x061c AmdK8 - ok
10:50:12.0626 0x061c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:50:12.0636 0x061c AmdPPM - ok
10:50:12.0640 0x061c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:50:12.0648 0x061c amdsata - ok
10:50:12.0653 0x061c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:50:12.0662 0x061c amdsbs - ok
10:50:12.0665 0x061c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:50:12.0672 0x061c amdxata - ok
10:50:12.0675 0x061c [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
10:50:12.0684 0x061c AppID - ok
10:50:12.0687 0x061c [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:50:12.0695 0x061c AppIDSvc - ok
10:50:12.0699 0x061c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
10:50:12.0708 0x061c Appinfo - ok
10:50:12.0713 0x061c [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:50:12.0720 0x061c Apple Mobile Device - ok
10:50:12.0725 0x061c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
10:50:12.0736 0x061c AppMgmt - ok
10:50:12.0740 0x061c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
10:50:12.0747 0x061c arc - ok
10:50:12.0751 0x061c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:50:12.0758 0x061c arcsas - ok
10:50:12.0772 0x061c [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT C:\Windows\SysWOW64\ASGT.exe
10:50:12.0776 0x061c ASGT - detected UnsignedFile.Multi.Generic ( 1 )
10:50:15.0216 0x061c Detect skipped due to KSN trusted
10:50:15.0216 0x061c ASGT - ok
10:50:15.0228 0x061c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:50:15.0245 0x061c aspnet_state - ok
10:50:15.0250 0x061c [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
10:50:15.0264 0x061c aswHwid - ok
10:50:15.0269 0x061c [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
10:50:15.0276 0x061c aswMonFlt - ok
10:50:15.0280 0x061c [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
10:50:15.0288 0x061c aswRdr - ok
10:50:15.0291 0x061c [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
10:50:15.0298 0x061c aswRvrt - ok
10:50:15.0316 0x061c [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
10:50:15.0339 0x061c aswSnx - ok
10:50:15.0349 0x061c [ A04F190FCD762E7BCC9BFC70563C52DB, 2BF6823F2EADBDA28DF1CCECCAC84D9FF37D3CFB66A7B402575C6B9FCFB45EB3 ] aswSP C:\Windows\system32\drivers\aswSP.sys
10:50:15.0363 0x061c aswSP - ok
10:50:15.0368 0x061c [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm C:\Windows\system32\drivers\aswStm.sys
10:50:15.0376 0x061c aswStm - ok
10:50:15.0383 0x061c [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
10:50:15.0394 0x061c aswVmm - ok
10:50:15.0396 0x061c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:50:15.0419 0x061c AsyncMac - ok
10:50:15.0421 0x061c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:50:15.0429 0x061c atapi - ok
10:50:15.0436 0x061c [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
10:50:15.0447 0x061c atksgt - ok
10:50:15.0460 0x061c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:50:15.0479 0x061c AudioEndpointBuilder - ok
10:50:15.0492 0x061c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:50:15.0509 0x061c AudioSrv - ok
10:50:15.0569 0x061c [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus D:\Avast Antivir\AvastSvc.exe
10:50:15.0586 0x061c avast! Antivirus - ok
10:50:15.0592 0x061c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:50:15.0607 0x061c AxInstSV - ok
10:50:15.0616 0x061c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:50:15.0632 0x061c b06bdrv - ok
10:50:15.0639 0x061c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:50:15.0652 0x061c b57nd60a - ok
10:50:15.0658 0x061c [ C6CD10195F9D303F879147D2CB5CA7AB, 647AE383E27C76539CD88CD21D7C542DE86B73C04E01188597B6877CBA5DCCEE ] bckd C:\Windows\system32\drivers\bckd.sys
10:50:15.0666 0x061c bckd - ok
10:50:15.0710 0x061c [ 49ECC740AED507520C596ECD48C12667, ADFCE39104EA1841828207D5C5E4A8EBADC5C6BA2AE94E4BE5D99EE669BF0EC3 ] bckwfs C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
10:50:15.0754 0x061c bckwfs - ok
10:50:15.0760 0x061c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:50:15.0770 0x061c BDESVC - ok
10:50:15.0772 0x061c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:50:15.0793 0x061c Beep - ok
10:50:15.0806 0x061c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:50:15.0825 0x061c BFE - ok
10:50:15.0842 0x061c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:50:15.0877 0x061c BITS - ok
10:50:15.0880 0x061c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:50:15.0889 0x061c blbdrive - ok
10:50:15.0898 0x061c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:50:15.0910 0x061c Bonjour Service - ok
10:50:15.0914 0x061c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:50:15.0923 0x061c bowser - ok
10:50:15.0926 0x061c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:50:15.0936 0x061c BrFiltLo - ok
10:50:15.0939 0x061c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:50:15.0948 0x061c BrFiltUp - ok
10:50:15.0953 0x061c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:50:15.0963 0x061c Browser - ok
10:50:15.0970 0x061c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:50:15.0982 0x061c Brserid - ok
10:50:15.0985 0x061c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:50:15.0996 0x061c BrSerWdm - ok
10:50:15.0998 0x061c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:50:16.0008 0x061c BrUsbMdm - ok
10:50:16.0010 0x061c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:50:16.0018 0x061c BrUsbSer - ok
10:50:16.0022 0x061c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:50:16.0032 0x061c BTHMODEM - ok
10:50:16.0037 0x061c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:50:16.0059 0x061c bthserv - ok
10:50:16.0063 0x061c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:50:16.0085 0x061c cdfs - ok
10:50:16.0090 0x061c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:50:16.0101 0x061c cdrom - ok
10:50:16.0104 0x061c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:50:16.0126 0x061c CertPropSvc - ok
10:50:16.0129 0x061c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
10:50:16.0140 0x061c circlass - ok
10:50:16.0148 0x061c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
10:50:16.0160 0x061c CLFS - ok
10:50:16.0165 0x061c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:50:16.0172 0x061c clr_optimization_v2.0.50727_32 - ok
10:50:16.0178 0x061c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:50:16.0186 0x061c clr_optimization_v2.0.50727_64 - ok
10:50:16.0192 0x061c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:50:16.0201 0x061c clr_optimization_v4.0.30319_32 - ok
10:50:16.0205 0x061c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:50:16.0214 0x061c clr_optimization_v4.0.30319_64 - ok
10:50:16.0217 0x061c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:50:16.0225 0x061c CmBatt - ok
10:50:16.0228 0x061c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:50:16.0235 0x061c cmdide - ok
10:50:16.0244 0x061c [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
10:50:16.0261 0x061c CNG - ok
10:50:16.0264 0x061c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:50:16.0270 0x061c Compbatt - ok
10:50:16.0273 0x061c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:50:16.0284 0x061c CompositeBus - ok
10:50:16.0286 0x061c COMSysApp - ok
10:50:16.0288 0x061c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:50:16.0295 0x061c crcdisk - ok
10:50:16.0301 0x061c [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:50:16.0313 0x061c CryptSvc - ok
10:50:16.0324 0x061c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
10:50:16.0340 0x061c CSC - ok
10:50:16.0357 0x061c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
10:50:16.0376 0x061c CscService - ok
10:50:16.0387 0x061c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:50:16.0417 0x061c DcomLaunch - ok
10:50:16.0424 0x061c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:50:16.0450 0x061c defragsvc - ok
10:50:16.0454 0x061c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:50:16.0476 0x061c DfsC - ok
10:50:16.0483 0x061c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:50:16.0496 0x061c Dhcp - ok
10:50:16.0519 0x061c [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
10:50:16.0547 0x061c DiagTrack - ok
10:50:16.0574 0x061c [ 05F99DFF3A8D705F9AA6B87224F7BEB1, DDE133A44A330A07A0EB961559C840BBFC9D9E0CCA27DE0B4284C76BCAD31EDE ] DirMngr D:\GnuPG\dirmngr.exe
10:50:16.0580 0x061c DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
10:50:19.0033 0x061c Detect skipped due to KSN trusted
10:50:19.0033 0x061c DirMngr - ok
10:50:19.0037 0x061c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:50:19.0078 0x061c discache - ok
10:50:19.0081 0x061c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
10:50:19.0089 0x061c Disk - ok
10:50:19.0093 0x061c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
10:50:19.0102 0x061c dmvsc - ok
10:50:19.0108 0x061c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:50:19.0119 0x061c Dnscache - ok
10:50:19.0126 0x061c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:50:19.0151 0x061c dot3svc - ok
10:50:19.0156 0x061c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:50:19.0180 0x061c DPS - ok
10:50:19.0182 0x061c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:50:19.0190 0x061c drmkaud - ok
10:50:19.0197 0x061c [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:50:19.0207 0x061c dtsoftbus01 - ok
10:50:19.0225 0x061c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:50:19.0246 0x061c DXGKrnl - ok
10:50:19.0250 0x061c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:50:19.0274 0x061c EapHost - ok
10:50:19.0324 0x061c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:50:19.0382 0x061c ebdrv - ok
10:50:19.0387 0x061c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS C:\Windows\System32\lsass.exe
10:50:19.0396 0x061c EFS - ok
10:50:19.0411 0x061c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:50:19.0430 0x061c ehRecvr - ok
10:50:19.0434 0x061c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:50:19.0444 0x061c ehSched - ok
10:50:19.0455 0x061c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:50:19.0469 0x061c elxstor - ok
10:50:19.0472 0x061c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:50:19.0481 0x061c ErrDev - ok
10:50:19.0491 0x061c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:50:19.0518 0x061c EventSystem - ok
10:50:19.0523 0x061c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:50:19.0548 0x061c exfat - ok
10:50:19.0553 0x061c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:50:19.0578 0x061c fastfat - ok
10:50:19.0591 0x061c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:50:19.0609 0x061c Fax - ok
10:50:19.0612 0x061c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
10:50:19.0621 0x061c fdc - ok
10:50:19.0624 0x061c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:50:19.0646 0x061c fdPHost - ok
10:50:19.0649 0x061c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:50:19.0671 0x061c FDResPub - ok
10:50:19.0674 0x061c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:50:19.0682 0x061c FileInfo - ok
10:50:19.0685 0x061c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:50:19.0707 0x061c Filetrace - ok
10:50:19.0709 0x061c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:50:19.0718 0x061c flpydisk - ok
10:50:19.0724 0x061c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:50:19.0735 0x061c FltMgr - ok
10:50:19.0756 0x061c [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
10:50:19.0782 0x061c FontCache - ok
10:50:19.0786 0x061c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:50:19.0793 0x061c FontCache3.0.0.0 - ok
10:50:19.0796 0x061c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:50:19.0804 0x061c FsDepends - ok
10:50:19.0807 0x061c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:50:19.0814 0x061c Fs_Rec - ok
10:50:19.0819 0x061c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:50:19.0831 0x061c fvevol - ok
10:50:19.0834 0x061c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:50:19.0841 0x061c gagp30kx - ok
10:50:19.0844 0x061c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:50:19.0850 0x061c GEARAspiWDM - ok
10:50:19.0870 0x061c [ C2730FE9713C1C474257A7085386B11E, 7D35D00D2B455841C8C9A87CE92885CD22F4B8B6690CB21443ED1B515117EF95 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
10:50:19.0893 0x061c GfExperienceService - ok
10:50:19.0909 0x061c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:50:19.0941 0x061c gpsvc - ok
10:50:19.0946 0x061c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:50:19.0953 0x061c gupdate - ok
10:50:19.0957 0x061c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:50:19.0963 0x061c gupdatem - ok
10:50:19.0966 0x061c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:50:19.0975 0x061c hcw85cir - ok
10:50:19.0982 0x061c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:50:19.0997 0x061c HdAudAddService - ok
10:50:20.0002 0x061c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:50:20.0013 0x061c HDAudBus - ok
10:50:20.0015 0x061c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:50:20.0024 0x061c HidBatt - ok
10:50:20.0028 0x061c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:50:20.0039 0x061c HidBth - ok
10:50:20.0042 0x061c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
10:50:20.0052 0x061c HidIr - ok
10:50:20.0055 0x061c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:50:20.0077 0x061c hidserv - ok
10:50:20.0080 0x061c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:50:20.0088 0x061c HidUsb - ok
10:50:20.0092 0x061c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:50:20.0115 0x061c hkmsvc - ok
10:50:20.0121 0x061c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:50:20.0133 0x061c HomeGroupListener - ok
10:50:20.0138 0x061c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:50:20.0151 0x061c HomeGroupProvider - ok
10:50:20.0154 0x061c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:50:20.0162 0x061c HpSAMD - ok
10:50:20.0176 0x061c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:50:20.0195 0x061c HTTP - ok
10:50:20.0198 0x061c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:50:20.0205 0x061c hwpolicy - ok
10:50:20.0208 0x061c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:50:20.0218 0x061c i8042prt - ok
10:50:20.0227 0x061c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:50:20.0239 0x061c iaStorV - ok
10:50:20.0243 0x061c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:50:20.0248 0x061c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
10:50:22.0686 0x061c Detect skipped due to KSN trusted
10:50:22.0686 0x061c IDriverT - ok
10:50:22.0714 0x061c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:50:22.0745 0x061c idsvc - ok
10:50:22.0748 0x061c IEEtwCollectorService - ok
10:50:22.0751 0x061c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:50:22.0758 0x061c iirsp - ok
10:50:22.0774 0x061c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:50:22.0796 0x061c IKEEXT - ok
10:50:22.0864 0x061c [ D2B1DA73B6E8769A1BE1A55693B7F1B3, FE26FEAD6A45E4596A7CA9689B66511C4BCB4686A1914505257648DCE048CA26 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:50:22.0933 0x061c IntcAzAudAddService - ok
10:50:22.0939 0x061c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:50:22.0946 0x061c intelide - ok
10:50:22.0949 0x061c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:50:22.0958 0x061c intelppm - ok
10:50:22.0962 0x061c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:50:22.0986 0x061c IPBusEnum - ok
10:50:22.0989 0x061c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:50:23.0011 0x061c IpFilterDriver - ok
10:50:23.0022 0x061c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:50:23.0040 0x061c iphlpsvc - ok
10:50:23.0044 0x061c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:50:23.0053 0x061c IPMIDRV - ok
10:50:23.0057 0x061c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:50:23.0079 0x061c IPNAT - ok
10:50:23.0092 0x061c [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:50:23.0106 0x061c iPod Service - ok
10:50:23.0109 0x061c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:50:23.0121 0x061c IRENUM - ok
10:50:23.0123 0x061c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:50:23.0130 0x061c isapnp - ok
10:50:23.0137 0x061c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:50:23.0147 0x061c iScsiPrt - ok
10:50:23.0150 0x061c [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
10:50:23.0156 0x061c iusb3hcs - ok
10:50:23.0165 0x061c [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
10:50:23.0176 0x061c iusb3hub - ok
10:50:23.0191 0x061c [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
10:50:23.0208 0x061c iusb3xhc - ok
10:50:23.0212 0x061c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:50:23.0219 0x061c kbdclass - ok
10:50:23.0221 0x061c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:50:23.0230 0x061c kbdhid - ok
10:50:23.0233 0x061c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso C:\Windows\system32\lsass.exe
10:50:23.0242 0x061c KeyIso - ok
10:50:23.0245 0x061c [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:50:23.0253 0x061c KSecDD - ok
10:50:23.0258 0x061c [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:50:23.0267 0x061c KSecPkg - ok
10:50:23.0269 0x061c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:50:23.0291 0x061c ksthunk - ok
10:50:23.0298 0x061c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:50:23.0326 0x061c KtmRm - ok
10:50:23.0332 0x061c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:50:23.0359 0x061c LanmanServer - ok
10:50:23.0362 0x061c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:50:23.0387 0x061c LanmanWorkstation - ok
10:50:23.0392 0x061c [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
10:50:23.0398 0x061c lirsgt - ok
10:50:23.0401 0x061c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:50:23.0423 0x061c lltdio - ok
10:50:23.0430 0x061c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:50:23.0456 0x061c lltdsvc - ok
10:50:23.0459 0x061c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:50:23.0482 0x061c lmhosts - ok
10:50:23.0486 0x061c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:50:23.0495 0x061c LSI_FC - ok
10:50:23.0499 0x061c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:50:23.0507 0x061c LSI_SAS - ok
10:50:23.0510 0x061c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:50:23.0518 0x061c LSI_SAS2 - ok
10:50:23.0522 0x061c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:50:23.0530 0x061c LSI_SCSI - ok
10:50:23.0534 0x061c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:50:23.0558 0x061c luafv - ok
10:50:23.0561 0x061c [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:50:23.0568 0x061c MBAMProtector - ok
10:50:23.0639 0x061c [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService D:\Malwarebytes' Anti-Malware\mbamservice.exe
10:50:23.0662 0x061c MBAMService - ok
10:50:23.0666 0x061c [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
10:50:23.0673 0x061c MBAMWebAccessControl - ok
10:50:23.0677 0x061c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:50:23.0688 0x061c Mcx2Svc - ok
10:50:23.0691 0x061c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
10:50:23.0698 0x061c megasas - ok
10:50:23.0705 0x061c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:50:23.0716 0x061c MegaSR - ok
10:50:23.0719 0x061c [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:50:23.0727 0x061c MEIx64 - ok
10:50:23.0781 0x061c Microsoft SharePoint Workspace Audit Service - ok
10:50:23.0786 0x061c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:50:23.0824 0x061c MMCSS - ok
10:50:23.0827 0x061c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:50:23.0849 0x061c Modem - ok
10:50:23.0851 0x061c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:50:23.0862 0x061c monitor - ok
10:50:23.0865 0x061c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:50:23.0872 0x061c mouclass - ok
10:50:23.0875 0x061c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:50:23.0884 0x061c mouhid - ok
10:50:23.0888 0x061c [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:50:23.0896 0x061c mountmgr - ok
10:50:23.0901 0x061c [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:50:23.0909 0x061c MozillaMaintenance - ok
10:50:23.0914 0x061c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:50:23.0923 0x061c mpio - ok
10:50:23.0926 0x061c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:50:23.0948 0x061c mpsdrv - ok
10:50:23.0963 0x061c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:50:23.0998 0x061c MpsSvc - ok
10:50:24.0003 0x061c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:50:24.0013 0x061c MRxDAV - ok
10:50:24.0018 0x061c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:50:24.0028 0x061c mrxsmb - ok
10:50:24.0035 0x061c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:50:24.0048 0x061c mrxsmb10 - ok
10:50:24.0052 0x061c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:50:24.0062 0x061c mrxsmb20 - ok
10:50:24.0065 0x061c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:50:24.0072 0x061c msahci - ok
10:50:24.0076 0x061c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:50:24.0085 0x061c msdsm - ok
10:50:24.0089 0x061c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:50:24.0101 0x061c MSDTC - ok
10:50:24.0105 0x061c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:50:24.0127 0x061c Msfs - ok
10:50:24.0129 0x061c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:50:24.0151 0x061c mshidkmdf - ok
10:50:24.0153 0x061c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:50:24.0160 0x061c msisadrv - ok
10:50:24.0164 0x061c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:50:24.0189 0x061c MSiSCSI - ok
10:50:24.0191 0x061c msiserver - ok
10:50:24.0193 0x061c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:50:24.0215 0x061c MSKSSRV - ok
10:50:24.0217 0x061c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:50:24.0238 0x061c MSPCLOCK - ok
10:50:24.0240 0x061c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:50:24.0262 0x061c MSPQM - ok
10:50:24.0270 0x061c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:50:24.0282 0x061c MsRPC - ok
10:50:24.0286 0x061c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:50:24.0292 0x061c mssmbios - ok
10:50:24.0295 0x061c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:50:24.0316 0x061c MSTEE - ok
10:50:24.0318 0x061c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:50:24.0327 0x061c MTConfig - ok
10:50:24.0330 0x061c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:50:24.0338 0x061c Mup - ok
10:50:24.0347 0x061c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:50:24.0377 0x061c napagent - ok
10:50:24.0384 0x061c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:50:24.0400 0x061c NativeWifiP - ok
10:50:24.0417 0x061c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:50:24.0437 0x061c NDIS - ok
10:50:24.0441 0x061c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:50:24.0463 0x061c NdisCap - ok
10:50:24.0465 0x061c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:50:24.0487 0x061c NdisTapi - ok
10:50:24.0489 0x061c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:50:24.0511 0x061c Ndisuio - ok
10:50:24.0515 0x061c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:50:24.0539 0x061c NdisWan - ok
10:50:24.0542 0x061c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:50:24.0564 0x061c NDProxy - ok
10:50:24.0567 0x061c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:50:24.0589 0x061c NetBIOS - ok
10:50:24.0595 0x061c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:50:24.0619 0x061c NetBT - ok
10:50:24.0622 0x061c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon C:\Windows\system32\lsass.exe
10:50:24.0631 0x061c Netlogon - ok
10:50:24.0638 0x061c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:50:24.0666 0x061c Netman - ok
10:50:24.0671 0x061c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:24.0680 0x061c NetMsmqActivator - ok
10:50:24.0685 0x061c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:24.0695 0x061c NetPipeActivator - ok
10:50:24.0704 0x061c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:50:24.0734 0x061c netprofm - ok
10:50:24.0738 0x061c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:24.0748 0x061c NetTcpActivator - ok
10:50:24.0751 0x061c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:24.0761 0x061c NetTcpPortSharing - ok
10:50:24.0764 0x061c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:50:24.0771 0x061c nfrd960 - ok
10:50:24.0778 0x061c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:50:24.0792 0x061c NlaSvc - ok
10:50:24.0794 0x061c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:50:24.0816 0x061c Npfs - ok
10:50:24.0819 0x061c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:50:24.0843 0x061c nsi - ok
10:50:24.0845 0x061c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:50:24.0867 0x061c nsiproxy - ok
10:50:24.0895 0x061c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:50:24.0927 0x061c Ntfs - ok
10:50:24.0930 0x061c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:50:24.0952 0x061c Null - ok
10:50:24.0957 0x061c [ 624C1453F9109D98F7E2612DAD76BBB1, 4578623BF7EA1AF42038070AA3A1A9AC4A9582132ABBFAD9C3A99F46308DE8C3 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
10:50:24.0966 0x061c NVHDA - ok
10:50:25.0132 0x061c [ 3E188568A3D51195399A790B51F0A7B8, 76BBE2F6CD8B67D184FACE85D638E0861842784F5A087A412F0F05AF27079DC4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:50:25.0302 0x061c nvlddmkm - ok
10:50:25.0342 0x061c [ F9CF3FB8DD81B390783532B3C98D6976, 8C94638136CFAEB3ED6DD7CE2059E98B64B15918DDB0796CC0B88474EE99F5BF ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
10:50:25.0376 0x061c NvNetworkService - ok
10:50:25.0382 0x061c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:50:25.0391 0x061c nvraid - ok
10:50:25.0396 0x061c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:50:25.0405 0x061c nvstor - ok
10:50:25.0408 0x061c [ 3A7B0570D896602E37EAF80EC3D1615A, 1F5A71432F96731115ADA2A50E605923666188D08F9FD748424AB6588D0E1482 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
10:50:25.0414 0x061c NvStreamKms - ok
10:50:25.0416 0x061c NvStreamSvc - ok
10:50:25.0434 0x061c [ D768CA15B379A9611B22719A1364D3C0, 2F2D6143E2B06A3EE7011E559475BFC3DEFC8AB67F1F93404E6B83CDB69185C0 ] nvsvc C:\Windows\system32\nvvsvc.exe
10:50:25.0455 0x061c nvsvc - ok
10:50:25.0458 0x061c [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
10:50:25.0464 0x061c nvvad_WaveExtensible - ok
10:50:25.0468 0x061c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:50:25.0477 0x061c nv_agp - ok
10:50:25.0480 0x061c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:50:25.0490 0x061c ohci1394 - ok
10:50:25.0624 0x061c [ 880CD3C9ACE342F29AB2F90C751B91A4, 7882ED604EE443E182B323D9A38E35B49FD8C28EDC1196B65EDFABB22CBF6161 ] Origin Client Service G:\Origin\OriginClientService.exe
10:50:25.0660 0x061c Origin Client Service - ok
10:50:25.0666 0x061c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:50:25.0674 0x061c ose - ok
10:50:25.0750 0x061c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:50:25.0830 0x061c osppsvc - ok
10:50:25.0843 0x061c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:50:25.0857 0x061c p2pimsvc - ok
10:50:25.0867 0x061c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:50:25.0883 0x061c p2psvc - ok
10:50:25.0887 0x061c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:50:25.0897 0x061c Parport - ok
10:50:25.0900 0x061c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:50:25.0908 0x061c partmgr - ok
10:50:25.0913 0x061c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:50:25.0926 0x061c PcaSvc - ok
10:50:25.0931 0x061c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:50:25.0940 0x061c pci - ok
10:50:25.0942 0x061c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:50:25.0949 0x061c pciide - ok
10:50:25.0955 0x061c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:50:25.0965 0x061c pcmcia - ok
10:50:25.0968 0x061c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:50:25.0975 0x061c pcw - ok
10:50:25.0987 0x061c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:50:26.0006 0x061c PEAUTH - ok
10:50:26.0030 0x061c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:50:26.0060 0x061c PeerDistSvc - ok
10:50:26.0075 0x061c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:50:26.0085 0x061c PerfHost - ok
10:50:26.0112 0x061c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:50:26.0156 0x061c pla - ok
10:50:26.0166 0x061c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:50:26.0182 0x061c PlugPlay - ok
10:50:26.0186 0x061c [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
10:50:26.0195 0x061c PnkBstrA - ok
10:50:26.0197 0x061c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:50:26.0207 0x061c PNRPAutoReg - ok
10:50:26.0214 0x061c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:50:26.0228 0x061c PNRPsvc - ok
10:50:26.0239 0x061c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:50:26.0267 0x061c PolicyAgent - ok
10:50:26.0273 0x061c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:50:26.0299 0x061c Power - ok
10:50:26.0303 0x061c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:50:26.0325 0x061c PptpMiniport - ok
10:50:26.0328 0x061c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
10:50:26.0338 0x061c Processor - ok
10:50:26.0343 0x061c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:50:26.0355 0x061c ProfSvc - ok
10:50:26.0358 0x061c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
10:50:26.0367 0x061c ProtectedStorage - ok
10:50:26.0372 0x061c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:50:26.0394 0x061c Psched - ok
10:50:26.0420 0x061c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:50:26.0449 0x061c ql2300 - ok
10:50:26.0454 0x061c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:50:26.0482 0x061c ql40xx - ok
10:50:26.0488 0x061c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:50:26.0504 0x061c QWAVE - ok
10:50:26.0506 0x061c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:50:26.0518 0x061c QWAVEdrv - ok
10:50:26.0521 0x061c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:50:26.0543 0x061c RasAcd - ok
10:50:26.0546 0x061c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:50:26.0569 0x061c RasAgileVpn - ok
10:50:26.0573 0x061c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:50:26.0598 0x061c RasAuto - ok
10:50:26.0602 0x061c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:50:26.0624 0x061c Rasl2tp - ok
10:50:26.0632 0x061c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:50:26.0659 0x061c RasMan - ok
10:50:26.0663 0x061c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:50:26.0686 0x061c RasPppoe - ok
10:50:26.0689 0x061c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:50:26.0711 0x061c RasSstp - ok
10:50:26.0718 0x061c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:50:26.0743 0x061c rdbss - ok
10:50:26.0746 0x061c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:50:26.0756 0x061c rdpbus - ok
10:50:26.0759 0x061c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:50:26.0781 0x061c RDPCDD - ok
10:50:26.0787 0x061c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:50:26.0797 0x061c RDPDR - ok
10:50:26.0799 0x061c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:50:26.0821 0x061c RDPENCDD - ok
10:50:26.0824 0x061c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:50:26.0846 0x061c RDPREFMP - ok
10:50:26.0850 0x061c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:50:26.0858 0x061c RdpVideoMiniport - ok
10:50:26.0864 0x061c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:50:26.0875 0x061c RDPWD - ok
10:50:26.0881 0x061c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:50:26.0890 0x061c rdyboost - ok
10:50:26.0894 0x061c [ E1A6731867765FBC01B37150AEFC00F3, 4ADB0FE791ACF0BBCF314FB73AE6025D70BAFB8DF925B4A4CFB3B50EA191C94E ] Realtek11nSU C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
10:50:26.0898 0x061c Realtek11nSU - detected UnsignedFile.Multi.Generic ( 1 )
10:50:29.0351 0x061c Detect skipped due to KSN trusted
10:50:29.0351 0x061c Realtek11nSU - ok
10:50:29.0357 0x061c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:50:29.0401 0x061c RemoteAccess - ok
10:50:29.0406 0x061c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:50:29.0432 0x061c RemoteRegistry - ok
10:50:29.0436 0x061c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:50:29.0461 0x061c RpcEptMapper - ok
10:50:29.0464 0x061c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:50:29.0474 0x061c RpcLocator - ok
10:50:29.0483 0x061c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:50:29.0514 0x061c RpcSs - ok
10:50:29.0518 0x061c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:50:29.0541 0x061c rspndr - ok
10:50:29.0559 0x061c [ D2D055E7ED70A5EE885D17D35DF97E80, 51781E55EEE111140A261822D3F78D76AD288E9DDF8578E236358E0AEB872C2F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:50:29.0579 0x061c RTL8167 - ok
10:50:29.0593 0x061c [ 216BBB8753FE1C9F79716AB8851FB4E1, DF697B864AE92CB863E9DB6980810EAD8EF4CB9C871CE0DB9E83C2F9447A62A8 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
10:50:29.0610 0x061c RTL8192su - ok
10:50:29.0613 0x061c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:50:29.0622 0x061c s3cap - ok
10:50:29.0624 0x061c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs C:\Windows\system32\lsass.exe
10:50:29.0633 0x061c SamSs - ok
10:50:29.0637 0x061c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:50:29.0645 0x061c sbp2port - ok
10:50:29.0650 0x061c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:50:29.0677 0x061c SCardSvr - ok
10:50:29.0679 0x061c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:50:29.0701 0x061c scfilter - ok
10:50:29.0721 0x061c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:50:29.0760 0x061c Schedule - ok
10:50:29.0764 0x061c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:50:29.0787 0x061c SCPolicySvc - ok
10:50:29.0800 0x061c [ 958E956E119EB7B9ABA142AFED1B5FF4, DB76B53124C91C959AF6F6E3FA8BEE4B74C1D7CB4684CD88380270CFF3C4469F ] ScsiAccess C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
10:50:29.0808 0x061c ScsiAccess - ok
10:50:29.0813 0x061c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:50:29.0825 0x061c SDRSVC - ok
10:50:29.0827 0x061c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:50:29.0849 0x061c secdrv - ok
10:50:29.0852 0x061c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:50:29.0875 0x061c seclogon - ok
10:50:29.0878 0x061c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:50:29.0901 0x061c SENS - ok
10:50:29.0904 0x061c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:50:29.0914 0x061c SensrSvc - ok
10:50:29.0917 0x061c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:50:29.0925 0x061c Serenum - ok
10:50:29.0929 0x061c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:50:29.0939 0x061c Serial - ok
10:50:29.0941 0x061c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:50:29.0950 0x061c sermouse - ok
10:50:29.0957 0x061c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:50:29.0980 0x061c SessionEnv - ok
10:50:29.0982 0x061c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:50:29.0992 0x061c sffdisk - ok
10:50:29.0995 0x061c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:50:30.0005 0x061c sffp_mmc - ok
10:50:30.0007 0x061c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:50:30.0017 0x061c sffp_sd - ok
10:50:30.0020 0x061c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:50:30.0028 0x061c sfloppy - ok
10:50:30.0036 0x061c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:50:30.0064 0x061c SharedAccess - ok
10:50:30.0072 0x061c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:50:30.0100 0x061c ShellHWDetection - ok
10:50:30.0103 0x061c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:50:30.0110 0x061c SiSRaid2 - ok
10:50:30.0113 0x061c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:50:30.0121 0x061c SiSRaid4 - ok
10:50:30.0161 0x061c [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate D:\Skype\Updater\Updater.exe
10:50:30.0182 0x061c SkypeUpdate - ok
10:50:30.0187 0x061c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:50:30.0215 0x061c Smb - ok
10:50:30.0219 0x061c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:50:30.0229 0x061c SNMPTRAP - ok
10:50:30.0232 0x061c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:50:30.0239 0x061c spldr - ok
10:50:30.0250 0x061c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:50:30.0268 0x061c Spooler - ok
10:50:30.0324 0x061c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:50:30.0399 0x061c sppsvc - ok
10:50:30.0405 0x061c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:50:30.0429 0x061c sppuinotify - ok
10:50:30.0439 0x061c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:50:30.0454 0x061c srv - ok
10:50:30.0462 0x061c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:50:30.0477 0x061c srv2 - ok
10:50:30.0482 0x061c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:50:30.0492 0x061c srvnet - ok
10:50:30.0497 0x061c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:50:30.0523 0x061c SSDPSRV - ok
10:50:30.0526 0x061c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:50:30.0550 0x061c SstpSvc - ok
10:50:30.0561 0x061c [ 6E1A473DD2A4714EAF7D11E2315DF794, 4460546191072C7DF8B2E5A00577BA8E4FF5A1B2EA399DDF65EBE1AE4A5A5C84 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:50:30.0575 0x061c Steam Client Service - ok
10:50:30.0584 0x061c [ C64C157B167FE562E8670984E72C25FA, 9302C82A75CA65515297B72F3A6230307AAE0B14FD8C9C7FA343F7B62E5ED376 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:50:30.0596 0x061c Stereo Service - ok
10:50:30.0599 0x061c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:50:30.0606 0x061c stexstor - ok
10:50:30.0617 0x061c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:50:30.0640 0x061c stisvc - ok
10:50:30.0643 0x061c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:50:30.0650 0x061c storflt - ok
10:50:30.0653 0x061c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
10:50:30.0663 0x061c StorSvc - ok
10:50:30.0665 0x061c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:50:30.0672 0x061c storvsc - ok
10:50:30.0675 0x061c [ CE2D5CABC80ABC8A605A55C3954FB313, 468FD63049C489515A117906E2D23CE86E3727F4F1613F4BDFC28D0392A35AB6 ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
10:50:30.0682 0x061c SWDUMon - ok
10:50:30.0684 0x061c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:50:30.0691 0x061c swenum - ok
10:50:30.0700 0x061c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:50:30.0731 0x061c swprv - ok
10:50:30.0762 0x061c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:50:30.0800 0x061c SysMain - ok
10:50:30.0805 0x061c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:50:30.0819 0x061c TabletInputService - ok
10:50:30.0826 0x061c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:50:30.0853 0x061c TapiSrv - ok
10:50:30.0857 0x061c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:50:30.0881 0x061c TBS - ok
10:50:30.0911 0x061c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:50:30.0946 0x061c Tcpip - ok
10:50:30.0979 0x061c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:50:31.0014 0x061c TCPIP6 - ok
10:50:31.0024 0x061c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:50:31.0033 0x061c tcpipreg - ok
10:50:31.0036 0x061c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:50:31.0044 0x061c TDPIPE - ok
10:50:31.0047 0x061c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:50:31.0055 0x061c TDTCP - ok
10:50:31.0059 0x061c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:50:31.0069 0x061c tdx - ok
10:50:31.0072 0x061c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:50:31.0079 0x061c TermDD - ok
10:50:31.0093 0x061c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:50:31.0112 0x061c TermService - ok
10:50:31.0115 0x061c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:50:31.0128 0x061c Themes - ok
10:50:31.0132 0x061c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:50:31.0155 0x061c THREADORDER - ok
10:50:31.0159 0x061c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:50:31.0184 0x061c TrkWks - ok
10:50:31.0190 0x061c [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
10:50:31.0200 0x061c truecrypt - ok
10:50:31.0205 0x061c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:50:31.0228 0x061c TrustedInstaller - ok
10:50:31.0232 0x061c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:50:31.0241 0x061c tssecsrv - ok
10:50:31.0245 0x061c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:50:31.0253 0x061c TsUsbFlt - ok
10:50:31.0256 0x061c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:50:31.0264 0x061c TsUsbGD - ok
10:50:31.0269 0x061c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:50:31.0292 0x061c tunnel - ok
10:50:31.0295 0x061c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:50:31.0302 0x061c uagp35 - ok
10:50:31.0309 0x061c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:50:31.0336 0x061c udfs - ok
10:50:31.0340 0x061c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:50:31.0352 0x061c UI0Detect - ok
10:50:31.0355 0x061c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:50:31.0363 0x061c uliagpkx - ok
10:50:31.0365 0x061c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:50:31.0374 0x061c umbus - ok
10:50:31.0377 0x061c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
10:50:31.0386 0x061c UmPass - ok
10:50:31.0391 0x061c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
10:50:31.0404 0x061c UmRdpService - ok
10:50:31.0412 0x061c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:50:31.0440 0x061c upnphost - ok
10:50:31.0443 0x061c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:50:31.0452 0x061c USBAAPL64 - ok
10:50:31.0456 0x061c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:50:31.0466 0x061c usbccgp - ok
10:50:31.0469 0x061c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:50:31.0478 0x061c usbcir - ok
10:50:31.0482 0x061c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:50:31.0490 0x061c usbehci - ok
10:50:31.0498 0x061c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:50:31.0511 0x061c usbhub - ok
10:50:31.0514 0x061c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:50:31.0522 0x061c usbohci - ok
10:50:31.0524 0x061c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
10:50:31.0534 0x061c usbprint - ok
10:50:31.0538 0x061c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:50:31.0547 0x061c USBSTOR - ok
10:50:31.0550 0x061c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:50:31.0558 0x061c usbuhci - ok
10:50:31.0570 0x061c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:50:31.0595 0x061c UxSms - ok
10:50:31.0597 0x061c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc C:\Windows\system32\lsass.exe
10:50:31.0606 0x061c VaultSvc - ok
10:50:31.0609 0x061c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:50:31.0616 0x061c vdrvroot - ok
10:50:31.0627 0x061c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:50:31.0659 0x061c vds - ok
10:50:31.0686 0x061c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:50:31.0731 0x061c vga - ok
10:50:31.0735 0x061c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:50:31.0761 0x061c VgaSave - ok
10:50:31.0767 0x061c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:50:31.0777 0x061c vhdmp - ok
10:50:31.0779 0x061c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:50:31.0786 0x061c viaide - ok
10:50:31.0791 0x061c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:50:31.0801 0x061c vmbus - ok
10:50:31.0803 0x061c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:50:31.0812 0x061c VMBusHID - ok
10:50:31.0815 0x061c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:50:31.0822 0x061c volmgr - ok
10:50:31.0830 0x061c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:50:31.0842 0x061c volmgrx - ok
10:50:31.0849 0x061c [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:50:31.0860 0x061c volsnap - ok
10:50:31.0866 0x061c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:50:31.0875 0x061c vsmraid - ok
10:50:31.0901 0x061c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:50:31.0948 0x061c VSS - ok
10:50:31.0951 0x061c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:50:31.0962 0x061c vwifibus - ok
10:50:31.0965 0x061c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:50:31.0976 0x061c vwififlt - ok
10:50:31.0985 0x061c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:50:32.0013 0x061c W32Time - ok
10:50:32.0017 0x061c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:50:32.0027 0x061c WacomPen - ok
10:50:32.0031 0x061c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:50:32.0053 0x061c WANARP - ok
10:50:32.0056 0x061c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:50:32.0078 0x061c Wanarpv6 - ok
10:50:32.0103 0x061c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:50:32.0135 0x061c wbengine - ok
10:50:32.0142 0x061c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:50:32.0158 0x061c WbioSrvc - ok
10:50:32.0166 0x061c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:50:32.0184 0x061c wcncsvc - ok
10:50:32.0187 0x061c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:50:32.0198 0x061c WcsPlugInService - ok
10:50:32.0200 0x061c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
10:50:32.0207 0x061c Wd - ok
10:50:32.0221 0x061c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:50:32.0240 0x061c Wdf01000 - ok
10:50:32.0244 0x061c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:50:32.0256 0x061c WdiServiceHost - ok
10:50:32.0259 0x061c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:50:32.0270 0x061c WdiSystemHost - ok
10:50:32.0276 0x061c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
10:50:32.0290 0x061c WebClient - ok
10:50:32.0296 0x061c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:50:32.0322 0x061c Wecsvc - ok
10:50:32.0326 0x061c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:50:32.0350 0x061c wercplsupport - ok
10:50:32.0354 0x061c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:50:32.0378 0x061c WerSvc - ok
10:50:32.0380 0x061c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:50:32.0402 0x061c WfpLwf - ok
10:50:32.0404 0x061c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:50:32.0411 0x061c WIMMount - ok
10:50:32.0413 0x061c WinDefend - ok
10:50:32.0417 0x061c WinHttpAutoProxySvc - ok
10:50:32.0425 0x061c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:50:32.0450 0x061c Winmgmt - ok
10:50:32.0484 0x061c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
10:50:32.0524 0x061c WinRM - ok
10:50:32.0531 0x061c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:50:32.0541 0x061c WinUsb - ok
10:50:32.0557 0x061c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:50:32.0584 0x061c Wlansvc - ok
10:50:32.0624 0x061c [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:50:32.0664 0x061c wlidsvc - ok
10:50:32.0675 0x061c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
10:50:32.0684 0x061c WmiAcpi - ok
10:50:32.0690 0x061c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:50:32.0702 0x061c wmiApSrv - ok
10:50:32.0704 0x061c WMPNetworkSvc - ok
10:50:32.0707 0x061c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:50:32.0718 0x061c WPCSvc - ok
10:50:32.0723 0x061c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:50:32.0735 0x061c WPDBusEnum - ok
10:50:32.0738 0x061c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:50:32.0759 0x061c ws2ifsl - ok
10:50:32.0763 0x061c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:50:32.0777 0x061c wscsvc - ok
10:50:32.0779 0x061c WSearch - ok
10:50:32.0827 0x061c [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
10:50:32.0875 0x061c wuauserv - ok
10:50:32.0880 0x061c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:50:32.0890 0x061c WudfPf - ok
10:50:32.0896 0x061c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:50:32.0907 0x061c WUDFRd - ok
10:50:32.0910 0x061c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:50:32.0921 0x061c wudfsvc - ok
10:50:32.0927 0x061c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:50:32.0941 0x061c WwanSvc - ok
10:50:32.0944 0x061c ================ Scan global ===============================
10:50:32.0947 0x061c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:50:32.0952 0x061c [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
10:50:32.0961 0x061c [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
10:50:32.0968 0x061c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:50:32.0976 0x061c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:50:32.0982 0x061c [ Global ] - ok
10:50:32.0982 0x061c ================ Scan MBR ==================================
10:50:32.0983 0x061c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:50:33.0058 0x061c \Device\Harddisk1\DR1 - ok
10:50:33.0061 0x061c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:50:33.0124 0x061c \Device\Harddisk0\DR0 - ok
10:50:33.0141 0x061c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
10:50:33.0260 0x061c \Device\Harddisk2\DR2 - detected TDSS File System ( 1 )
10:50:33.0260 0x061c \Device\Harddisk2\DR2 ( TDSS File System ) - warning
10:50:35.0685 0x061c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
10:50:35.0767 0x061c \Device\Harddisk3\DR3 - ok
10:50:35.0771 0x061c [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk4\DR4
10:50:35.0832 0x061c \Device\Harddisk4\DR4 - ok
10:50:35.0832 0x061c ================ Scan VBR ==================================
10:50:35.0857 0x061c [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
10:50:35.0857 0x061c \Device\Harddisk1\DR1\Partition1 - ok
10:50:35.0878 0x061c [ 9A6817862D87A9770C14D17DBE88B2B1 ] \Device\Harddisk1\DR1\Partition2
10:50:35.0949 0x061c \Device\Harddisk1\DR1\Partition2 - ok
10:50:35.0978 0x061c [ 658216DF9A80071CD89E9DADBA817322 ] \Device\Harddisk1\DR1\Partition3
10:50:36.0036 0x061c \Device\Harddisk1\DR1\Partition3 - ok
10:50:36.0039 0x061c [ 7B435AE345F8F63103F234AE0496FD54 ] \Device\Harddisk0\DR0\Partition1
10:50:36.0041 0x061c \Device\Harddisk0\DR0\Partition1 - ok
10:50:36.0043 0x061c [ 5C55994C42B6ADD9F277CB15657E8878 ] \Device\Harddisk0\DR0\Partition2
10:50:36.0045 0x061c \Device\Harddisk0\DR0\Partition2 - ok
10:50:36.0048 0x061c [ F5702576E9FBB5621D606ECBD6CFCA52 ] \Device\Harddisk2\DR2\Partition1
10:50:36.0050 0x061c \Device\Harddisk2\DR2\Partition1 - ok
10:50:36.0052 0x061c [ 879CD96E61C9DD30DC357048FDD07650 ] \Device\Harddisk2\DR2\Partition2
10:50:36.0054 0x061c \Device\Harddisk2\DR2\Partition2 - ok
10:50:36.0056 0x061c [ DDE6E425C1F6E124366D43FBD74D0DE6 ] \Device\Harddisk2\DR2\Partition3
10:50:36.0083 0x061c \Device\Harddisk2\DR2\Partition3 - ok
10:50:36.0085 0x061c [ F50DAF8BC01CADB98532F6032ED38729 ] \Device\Harddisk3\DR3\Partition1
10:50:36.0128 0x061c \Device\Harddisk3\DR3\Partition1 - ok
10:50:36.0131 0x061c [ BD94A2F4CD989037BA4EBB4C0ADC5041 ] \Device\Harddisk4\DR4\Partition1
10:50:36.0132 0x061c \Device\Harddisk4\DR4\Partition1 - ok
10:50:36.0133 0x061c ================ Scan generic autorun ======================
10:50:36.0133 0x061c Nvtmru - ok
10:50:36.0196 0x061c [ 046DDF9B31BEC14D03CCC97DD728A4D1, D29F49F870B27553E13F9C1486D9B27A27C41FBEC7ACEC77EDFD5552C941E710 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
10:50:36.0242 0x061c NvBackend - ok
10:50:36.0246 0x061c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
10:50:36.0257 0x061c ShadowPlay - ok
10:50:36.0376 0x061c [ 26E56C4065A4AFB61F38CE9F9DB2BBB9, F969A8EB22CB9F8A5F9E47E7DD53F14F5AF813665DE8A465895A5C216DFA927A ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
10:50:36.0493 0x061c RTHDVCPL - ok
10:50:36.0504 0x061c [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
10:50:36.0514 0x061c USB3MON - ok
10:50:36.0557 0x061c [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] D:\Office 2010\Office14\BCSSync.exe
10:50:36.0565 0x061c BCSSync - ok
10:50:36.0712 0x061c [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] D:\Avast Antivir\AvastUI.exe
10:50:36.0822 0x061c AvastUI.exe - ok
10:50:36.0832 0x061c [ 34084D25BE6F48D072AA54DE630438FD, 522C96429FC679C2D07E9254E8D1793FEC018D65CD43D88FE9851CC8CEB61A07 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10:50:36.0843 0x061c SunJavaUpdateSched - ok
10:50:36.0865 0x061c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:50:36.0891 0x061c Sidebar - ok
10:50:36.0895 0x061c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:50:36.0908 0x061c mctadmin - ok
10:50:36.0929 0x061c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:50:36.0956 0x061c Sidebar - ok
10:50:36.0960 0x061c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:50:36.0974 0x061c mctadmin - ok
10:50:36.0992 0x061c [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Scotty\AppData\Local\FluxSoftware\Flux\flux.exe
10:50:37.0013 0x061c f.lux - ok
10:50:37.0014 0x061c Waiting for KSN requests completion. In queue: 302
10:50:38.0015 0x061c Waiting for KSN requests completion. In queue: 302
10:50:39.0015 0x061c Waiting for KSN requests completion. In queue: 302
10:50:40.0059 0x061c AV detected via SS2: avast! Antivirus, D:\Avast Antivir\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
10:50:40.0066 0x061c Win FW state via NFP2: enabled
10:50:42.0433 0x061c ============================================================
10:50:42.0433 0x061c Scan finished
10:50:42.0433 0x061c ============================================================
10:50:42.0442 0x140c Detected object count: 1
10:50:42.0442 0x140c Actual detected object count: 1
10:51:14.0153 0x140c \Device\Harddisk2\DR2 ( TDSS File System ) - skipped by user
10:51:14.0153 0x140c \Device\Harddisk2\DR2 ( TDSS File System ) - User select action: Skip
|
|
08.07.2015, 12:55
| #5 | |
| /// the machine /// TB-Ausbilder | PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig.Zitat:
Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.07.2015, 18:23
| #6 |
| | PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. Hallo, die Option cure steht leider nicht zur Auswahl. Ich kann nur:
Ich hatte gerade einen Blue Screen (was sonst nicht passiert). Whocrashed (das vorher keine Crashdumps gefunden hat) sagt dazu: Code:
ATTFilter On Wed 08.07.2015 17:11:27 GMT your computer crashed
crash dump file: C:\Windows\Minidump\070815-14352-01.dmp
This was probably caused by the following module: bckd.sys (bckd+0x1D7B)
Bugcheck code: 0x1000007E (0xFFFFFFFFC0000005, 0xFFFFF8800B5B7D7B, 0xFFFFF8800B651798, 0xFFFFF8800B650FF0)
Error: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M
file path: C:\Windows\system32\drivers\bckd.sys
product: K9 Web Protection
company: Blue Coat Systems, Inc.
description: K9 Web Protection Driver (WFP)
Bug check description: This indicates that a system thread generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: bckd.sys (K9 Web Protection Driver (WFP), Blue Coat Systems, Inc.).
Google query: bckd.sys Blue Coat Systems, Inc. SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M
Kann es vielleicht daran gelegen haben? Wie gesagt waren die Fehler bisher aber keine BlueScreens. Ich werde weiterhin beobachten. |
|
09.07.2015, 08:31
| #7 |
| /// the machine /// TB-Ausbilder | PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. Dann bitte delete wählen, Log posten. Dann nochmal einen neuen Scan mit TDSSKiller machen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2015, 10:40
| #8 |
| | PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. Habe den Fund gelöscht. Hier der Log von dem Suchlauf: Code:
ATTFilter 11:36:46.0215 0x1370 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
11:36:47.0818 0x1370 ============================================================
11:36:47.0819 0x1370 Current date / time: 2015/07/09 11:36:47.0818
11:36:47.0819 0x1370 SystemInfo:
11:36:47.0819 0x1370
11:36:47.0819 0x1370 OS Version: 6.1.7601 ServicePack: 1.0
11:36:47.0819 0x1370 Product type: Workstation
11:36:47.0819 0x1370 ComputerName: SCOTTY-PC
11:36:47.0819 0x1370 UserName: Scotty
11:36:47.0819 0x1370 Windows directory: C:\Windows
11:36:47.0819 0x1370 System windows directory: C:\Windows
11:36:47.0819 0x1370 Running under WOW64
11:36:47.0819 0x1370 Processor architecture: Intel x64
11:36:47.0819 0x1370 Number of processors: 4
11:36:47.0819 0x1370 Page size: 0x1000
11:36:47.0819 0x1370 Boot type: Normal boot
11:36:47.0819 0x1370 ============================================================
11:36:48.0142 0x1370 KLMD registered as C:\Windows\system32\drivers\71106820.sys
11:36:48.0221 0x1370 System UUID: {6FC7F923-4DD5-E1D5-DA64-BC184AF8A0AF}
11:36:48.0491 0x1370 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:36:48.0492 0x1370 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:36:53.0457 0x1370 Drive \Device\Harddisk2\DR2 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:36:53.0465 0x1370 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:36:53.0467 0x1370 Drive \Device\Harddisk4\DR4 - Size: 0x1E150DE00 ( 7.52 Gb ), SectorSize: 0x200, Cylinders: 0x3D5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:36:53.0468 0x1370 ============================================================
11:36:53.0468 0x1370 \Device\Harddisk1\DR1:
11:36:53.0468 0x1370 GPT partitions:
11:36:53.0468 0x1370 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {C6CE7D1F-3DC3-46E5-BF1B-DB8A98A3DE80}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
11:36:53.0469 0x1370 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {38C72D1D-ACB6-4E1B-AF9D-D9D07FB8DBA7}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746E4000
11:36:53.0469 0x1370 \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3EB24C8A-DBA7-4135-A348-520086F9A7EE}, Name: Basic data partition, StartLBA 0x74724800, BlocksNum 0x746E3800
11:36:53.0469 0x1370 MBR partitions:
11:36:53.0469 0x1370 \Device\Harddisk0\DR0:
11:36:53.0469 0x1370 MBR partitions:
11:36:53.0469 0x1370 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:36:53.0469 0x1370 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
11:36:53.0469 0x1370 \Device\Harddisk2\DR2:
11:36:53.0482 0x1370 MBR partitions:
11:36:53.0482 0x1370 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4E26B6E
11:36:53.0482 0x1370 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x4E27000, BlocksNum 0x10320800
11:36:53.0482 0x1370 \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x15147800, BlocksNum 0x102E6800
11:36:53.0482 0x1370 \Device\Harddisk3\DR3:
11:36:53.0483 0x1370 MBR partitions:
11:36:53.0483 0x1370 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
11:36:53.0483 0x1370 \Device\Harddisk4\DR4:
11:36:53.0483 0x1370 MBR partitions:
11:36:53.0483 0x1370 \Device\Harddisk4\DR4\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xF07956
11:36:53.0483 0x1370 ============================================================
11:36:53.0485 0x1370 C: <-> \Device\Harddisk0\DR0\Partition2
11:36:53.0530 0x1370 D: <-> \Device\Harddisk1\DR1\Partition2
11:36:53.0541 0x1370 E: <-> \Device\Harddisk2\DR2\Partition1
11:36:53.0589 0x1370 G: <-> \Device\Harddisk1\DR1\Partition3
11:36:53.0621 0x1370 H: <-> \Device\Harddisk2\DR2\Partition2
11:36:53.0652 0x1370 I: <-> \Device\Harddisk2\DR2\Partition3
11:36:53.0673 0x1370 K: <-> \Device\Harddisk3\DR3\Partition1
11:36:53.0673 0x1370 ============================================================
11:36:53.0674 0x1370 Initialize success
11:36:53.0674 0x1370 ============================================================
11:37:16.0164 0x155c ============================================================
11:37:16.0164 0x155c Scan started
11:37:16.0164 0x155c Mode: Manual; SigCheck; TDLFS;
11:37:16.0164 0x155c ============================================================
11:37:16.0164 0x155c KSN ping started
11:37:18.0547 0x155c KSN ping finished: true
11:37:19.0046 0x155c ================ Scan system memory ========================
11:37:19.0046 0x155c System memory - ok
11:37:19.0047 0x155c ================ Scan services =============================
11:37:19.0078 0x155c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:37:19.0123 0x155c 1394ohci - ok
11:37:19.0132 0x155c [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
11:37:19.0145 0x155c acedrv11 - ok
11:37:19.0153 0x155c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:37:19.0165 0x155c ACPI - ok
11:37:19.0167 0x155c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:37:19.0177 0x155c AcpiPmi - ok
11:37:19.0188 0x155c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:37:19.0203 0x155c adp94xx - ok
11:37:19.0211 0x155c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:37:19.0223 0x155c adpahci - ok
11:37:19.0229 0x155c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:37:19.0238 0x155c adpu320 - ok
11:37:19.0242 0x155c [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:37:19.0251 0x155c AeLookupSvc - ok
11:37:19.0261 0x155c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
11:37:19.0279 0x155c AFD - ok
11:37:19.0282 0x155c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
11:37:19.0289 0x155c agp440 - ok
11:37:19.0292 0x155c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
11:37:19.0303 0x155c ALG - ok
11:37:19.0305 0x155c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
11:37:19.0311 0x155c aliide - ok
11:37:19.0314 0x155c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
11:37:19.0320 0x155c amdide - ok
11:37:19.0323 0x155c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:37:19.0332 0x155c AmdK8 - ok
11:37:19.0335 0x155c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:37:19.0344 0x155c AmdPPM - ok
11:37:19.0348 0x155c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:37:19.0356 0x155c amdsata - ok
11:37:19.0361 0x155c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:37:19.0371 0x155c amdsbs - ok
11:37:19.0374 0x155c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:37:19.0380 0x155c amdxata - ok
11:37:19.0383 0x155c [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
11:37:19.0392 0x155c AppID - ok
11:37:19.0394 0x155c [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:37:19.0403 0x155c AppIDSvc - ok
11:37:19.0406 0x155c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
11:37:19.0415 0x155c Appinfo - ok
11:37:19.0420 0x155c [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:37:19.0426 0x155c Apple Mobile Device - ok
11:37:19.0432 0x155c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
11:37:19.0443 0x155c AppMgmt - ok
11:37:19.0446 0x155c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
11:37:19.0454 0x155c arc - ok
11:37:19.0457 0x155c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:37:19.0465 0x155c arcsas - ok
11:37:19.0477 0x155c [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT C:\Windows\SysWOW64\ASGT.exe
11:37:19.0481 0x155c ASGT - detected UnsignedFile.Multi.Generic ( 1 )
11:37:21.0829 0x155c Detect skipped due to KSN trusted
11:37:21.0829 0x155c ASGT - ok
11:37:21.0841 0x155c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:37:21.0857 0x155c aspnet_state - ok
11:37:21.0861 0x155c [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
11:37:21.0869 0x155c aswHwid - ok
11:37:21.0873 0x155c [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
11:37:21.0881 0x155c aswMonFlt - ok
11:37:21.0885 0x155c [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
11:37:21.0892 0x155c aswRdr - ok
11:37:21.0896 0x155c [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
11:37:21.0903 0x155c aswRvrt - ok
11:37:21.0921 0x155c [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
11:37:21.0943 0x155c aswSnx - ok
11:37:21.0953 0x155c [ A04F190FCD762E7BCC9BFC70563C52DB, 2BF6823F2EADBDA28DF1CCECCAC84D9FF37D3CFB66A7B402575C6B9FCFB45EB3 ] aswSP C:\Windows\system32\drivers\aswSP.sys
11:37:21.0965 0x155c aswSP - ok
11:37:21.0970 0x155c [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm C:\Windows\system32\drivers\aswStm.sys
11:37:21.0977 0x155c aswStm - ok
11:37:21.0984 0x155c [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
11:37:21.0995 0x155c aswVmm - ok
11:37:21.0997 0x155c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:37:22.0019 0x155c AsyncMac - ok
11:37:22.0021 0x155c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
11:37:22.0027 0x155c atapi - ok
11:37:22.0035 0x155c [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
11:37:22.0044 0x155c atksgt - ok
11:37:22.0058 0x155c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:37:22.0078 0x155c AudioEndpointBuilder - ok
11:37:22.0090 0x155c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:37:22.0108 0x155c AudioSrv - ok
11:37:22.0170 0x155c [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus D:\Avast Antivir\AvastSvc.exe
11:37:22.0189 0x155c avast! Antivirus - ok
11:37:22.0193 0x155c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:37:22.0206 0x155c AxInstSV - ok
11:37:22.0216 0x155c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:37:22.0233 0x155c b06bdrv - ok
11:37:22.0239 0x155c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:37:22.0253 0x155c b57nd60a - ok
11:37:22.0257 0x155c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
11:37:22.0266 0x155c BDESVC - ok
11:37:22.0269 0x155c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
11:37:22.0289 0x155c Beep - ok
11:37:22.0302 0x155c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
11:37:22.0324 0x155c BFE - ok
11:37:22.0340 0x155c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
11:37:22.0377 0x155c BITS - ok
11:37:22.0381 0x155c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:37:22.0389 0x155c blbdrive - ok
11:37:22.0399 0x155c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:37:22.0411 0x155c Bonjour Service - ok
11:37:22.0415 0x155c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:37:22.0424 0x155c bowser - ok
11:37:22.0426 0x155c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:37:22.0436 0x155c BrFiltLo - ok
11:37:22.0438 0x155c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:37:22.0448 0x155c BrFiltUp - ok
11:37:22.0453 0x155c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
11:37:22.0463 0x155c Browser - ok
11:37:22.0470 0x155c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:37:22.0483 0x155c Brserid - ok
11:37:22.0486 0x155c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:37:22.0496 0x155c BrSerWdm - ok
11:37:22.0498 0x155c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:37:22.0507 0x155c BrUsbMdm - ok
11:37:22.0509 0x155c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:37:22.0517 0x155c BrUsbSer - ok
11:37:22.0520 0x155c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:37:22.0530 0x155c BTHMODEM - ok
11:37:22.0534 0x155c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
11:37:22.0557 0x155c bthserv - ok
11:37:22.0560 0x155c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:37:22.0585 0x155c cdfs - ok
11:37:22.0589 0x155c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:37:22.0600 0x155c cdrom - ok
11:37:22.0604 0x155c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
11:37:22.0625 0x155c CertPropSvc - ok
11:37:22.0628 0x155c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
11:37:22.0638 0x155c circlass - ok
11:37:22.0646 0x155c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
11:37:22.0659 0x155c CLFS - ok
11:37:22.0664 0x155c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:37:22.0672 0x155c clr_optimization_v2.0.50727_32 - ok
11:37:22.0678 0x155c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:37:22.0686 0x155c clr_optimization_v2.0.50727_64 - ok
11:37:22.0692 0x155c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:37:22.0702 0x155c clr_optimization_v4.0.30319_32 - ok
11:37:22.0705 0x155c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:37:22.0714 0x155c clr_optimization_v4.0.30319_64 - ok
11:37:22.0717 0x155c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:37:22.0726 0x155c CmBatt - ok
11:37:22.0728 0x155c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:37:22.0735 0x155c cmdide - ok
11:37:22.0744 0x155c [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
11:37:22.0762 0x155c CNG - ok
11:37:22.0765 0x155c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:37:22.0772 0x155c Compbatt - ok
11:37:22.0774 0x155c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:37:22.0784 0x155c CompositeBus - ok
11:37:22.0786 0x155c COMSysApp - ok
11:37:22.0789 0x155c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:37:22.0795 0x155c crcdisk - ok
11:37:22.0801 0x155c [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:37:22.0813 0x155c CryptSvc - ok
11:37:22.0824 0x155c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
11:37:22.0841 0x155c CSC - ok
11:37:22.0855 0x155c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
11:37:22.0875 0x155c CscService - ok
11:37:22.0886 0x155c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:37:22.0918 0x155c DcomLaunch - ok
11:37:22.0925 0x155c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
11:37:22.0952 0x155c defragsvc - ok
11:37:22.0956 0x155c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:37:22.0979 0x155c DfsC - ok
11:37:22.0986 0x155c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:37:23.0001 0x155c Dhcp - ok
11:37:23.0024 0x155c [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
11:37:23.0056 0x155c DiagTrack - ok
11:37:23.0098 0x155c [ 05F99DFF3A8D705F9AA6B87224F7BEB1, DDE133A44A330A07A0EB961559C840BBFC9D9E0CCA27DE0B4284C76BCAD31EDE ] DirMngr D:\GnuPG\dirmngr.exe
11:37:23.0111 0x155c DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
11:37:25.0460 0x155c Detect skipped due to KSN trusted
11:37:25.0460 0x155c DirMngr - ok
11:37:25.0465 0x155c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
11:37:25.0497 0x155c discache - ok
11:37:25.0500 0x155c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
11:37:25.0508 0x155c Disk - ok
11:37:25.0511 0x155c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
11:37:25.0520 0x155c dmvsc - ok
11:37:25.0526 0x155c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:37:25.0539 0x155c Dnscache - ok
11:37:25.0546 0x155c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
11:37:25.0571 0x155c dot3svc - ok
11:37:25.0576 0x155c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
11:37:25.0600 0x155c DPS - ok
11:37:25.0602 0x155c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:37:25.0610 0x155c drmkaud - ok
11:37:25.0616 0x155c [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:37:25.0626 0x155c dtsoftbus01 - ok
11:37:25.0644 0x155c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:37:25.0664 0x155c DXGKrnl - ok
11:37:25.0669 0x155c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
11:37:25.0692 0x155c EapHost - ok
11:37:25.0743 0x155c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:37:25.0811 0x155c ebdrv - ok
11:37:25.0816 0x155c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS C:\Windows\System32\lsass.exe
11:37:25.0825 0x155c EFS - ok
11:37:25.0840 0x155c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:37:25.0861 0x155c ehRecvr - ok
11:37:25.0865 0x155c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
11:37:25.0876 0x155c ehSched - ok
11:37:25.0887 0x155c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:37:25.0903 0x155c elxstor - ok
11:37:25.0905 0x155c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:37:25.0914 0x155c ErrDev - ok
11:37:25.0924 0x155c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
11:37:25.0953 0x155c EventSystem - ok
11:37:25.0958 0x155c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
11:37:25.0982 0x155c exfat - ok
11:37:25.0987 0x155c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:37:26.0011 0x155c fastfat - ok
11:37:26.0024 0x155c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
11:37:26.0044 0x155c Fax - ok
11:37:26.0048 0x155c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
11:37:26.0056 0x155c fdc - ok
11:37:26.0058 0x155c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
11:37:26.0080 0x155c fdPHost - ok
11:37:26.0082 0x155c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
11:37:26.0104 0x155c FDResPub - ok
11:37:26.0107 0x155c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:37:26.0114 0x155c FileInfo - ok
11:37:26.0117 0x155c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:37:26.0138 0x155c Filetrace - ok
11:37:26.0141 0x155c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:37:26.0149 0x155c flpydisk - ok
11:37:26.0156 0x155c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:37:26.0167 0x155c FltMgr - ok
11:37:26.0188 0x155c [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
11:37:26.0218 0x155c FontCache - ok
11:37:26.0221 0x155c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:37:26.0228 0x155c FontCache3.0.0.0 - ok
11:37:26.0231 0x155c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:37:26.0238 0x155c FsDepends - ok
11:37:26.0240 0x155c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:37:26.0246 0x155c Fs_Rec - ok
11:37:26.0252 0x155c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:37:26.0264 0x155c fvevol - ok
11:37:26.0267 0x155c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:37:26.0275 0x155c gagp30kx - ok
11:37:26.0278 0x155c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:37:26.0283 0x155c GEARAspiWDM - ok
11:37:26.0303 0x155c [ 171CCFEB86294AFAA3609DB3899A841E, 0C2162A2D4A276182E922BBEF195CB936ABCBE6729C535CA23CDA9DAD0DDF491 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
11:37:26.0329 0x155c GfExperienceService - ok
11:37:26.0346 0x155c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
11:37:26.0381 0x155c gpsvc - ok
11:37:26.0386 0x155c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:37:26.0392 0x155c gupdate - ok
11:37:26.0396 0x155c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:37:26.0402 0x155c gupdatem - ok
11:37:26.0405 0x155c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:37:26.0413 0x155c hcw85cir - ok
11:37:26.0420 0x155c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:37:26.0436 0x155c HdAudAddService - ok
11:37:26.0440 0x155c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:37:26.0451 0x155c HDAudBus - ok
11:37:26.0454 0x155c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:37:26.0462 0x155c HidBatt - ok
11:37:26.0466 0x155c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:37:26.0477 0x155c HidBth - ok
11:37:26.0480 0x155c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
11:37:26.0489 0x155c HidIr - ok
11:37:26.0492 0x155c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
11:37:26.0514 0x155c hidserv - ok
11:37:26.0517 0x155c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:37:26.0524 0x155c HidUsb - ok
11:37:26.0528 0x155c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:37:26.0550 0x155c hkmsvc - ok
11:37:26.0556 0x155c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:37:26.0568 0x155c HomeGroupListener - ok
11:37:26.0574 0x155c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:37:26.0586 0x155c HomeGroupProvider - ok
11:37:26.0589 0x155c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:37:26.0597 0x155c HpSAMD - ok
11:37:26.0611 0x155c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:37:26.0632 0x155c HTTP - ok
11:37:26.0635 0x155c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:37:26.0641 0x155c hwpolicy - ok
11:37:26.0645 0x155c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:37:26.0654 0x155c i8042prt - ok
11:37:26.0663 0x155c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:37:26.0677 0x155c iaStorV - ok
11:37:26.0681 0x155c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:37:26.0686 0x155c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
11:37:29.0034 0x155c Detect skipped due to KSN trusted
11:37:29.0034 0x155c IDriverT - ok
11:37:29.0062 0x155c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:37:29.0095 0x155c idsvc - ok
11:37:29.0098 0x155c IEEtwCollectorService - ok
11:37:29.0101 0x155c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:37:29.0108 0x155c iirsp - ok
11:37:29.0124 0x155c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
11:37:29.0149 0x155c IKEEXT - ok
11:37:29.0216 0x155c [ D2B1DA73B6E8769A1BE1A55693B7F1B3, FE26FEAD6A45E4596A7CA9689B66511C4BCB4686A1914505257648DCE048CA26 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:37:29.0285 0x155c IntcAzAudAddService - ok
11:37:29.0290 0x155c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
11:37:29.0297 0x155c intelide - ok
11:37:29.0300 0x155c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:37:29.0308 0x155c intelppm - ok
11:37:29.0312 0x155c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:37:29.0335 0x155c IPBusEnum - ok
11:37:29.0339 0x155c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:37:29.0361 0x155c IpFilterDriver - ok
11:37:29.0372 0x155c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:37:29.0390 0x155c iphlpsvc - ok
11:37:29.0394 0x155c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:37:29.0403 0x155c IPMIDRV - ok
11:37:29.0407 0x155c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:37:29.0430 0x155c IPNAT - ok
11:37:29.0443 0x155c [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:37:29.0460 0x155c iPod Service - ok
11:37:29.0462 0x155c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:37:29.0473 0x155c IRENUM - ok
11:37:29.0476 0x155c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:37:29.0482 0x155c isapnp - ok
11:37:29.0489 0x155c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:37:29.0501 0x155c iScsiPrt - ok
11:37:29.0503 0x155c [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
11:37:29.0509 0x155c iusb3hcs - ok
11:37:29.0516 0x155c [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
11:37:29.0526 0x155c iusb3hub - ok
11:37:29.0542 0x155c [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
11:37:29.0558 0x155c iusb3xhc - ok
11:37:29.0562 0x155c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:37:29.0569 0x155c kbdclass - ok
11:37:29.0571 0x155c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:37:29.0580 0x155c kbdhid - ok
11:37:29.0583 0x155c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso C:\Windows\system32\lsass.exe
11:37:29.0591 0x155c KeyIso - ok
11:37:29.0594 0x155c [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:37:29.0602 0x155c KSecDD - ok
11:37:29.0607 0x155c [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:37:29.0616 0x155c KSecPkg - ok
11:37:29.0618 0x155c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:37:29.0639 0x155c ksthunk - ok
11:37:29.0647 0x155c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
11:37:29.0676 0x155c KtmRm - ok
11:37:29.0681 0x155c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:37:29.0708 0x155c LanmanServer - ok
11:37:29.0712 0x155c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:37:29.0736 0x155c LanmanWorkstation - ok
11:37:29.0740 0x155c [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
11:37:29.0746 0x155c lirsgt - ok
11:37:29.0749 0x155c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:37:29.0771 0x155c lltdio - ok
11:37:29.0778 0x155c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:37:29.0805 0x155c lltdsvc - ok
11:37:29.0807 0x155c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:37:29.0830 0x155c lmhosts - ok
11:37:29.0834 0x155c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:37:29.0843 0x155c LSI_FC - ok
11:37:29.0846 0x155c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:37:29.0854 0x155c LSI_SAS - ok
11:37:29.0857 0x155c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:37:29.0864 0x155c LSI_SAS2 - ok
11:37:29.0868 0x155c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:37:29.0876 0x155c LSI_SCSI - ok
11:37:29.0880 0x155c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
11:37:29.0903 0x155c luafv - ok
11:37:29.0906 0x155c [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:37:29.0912 0x155c MBAMProtector - ok
11:37:29.0985 0x155c [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService D:\Malwarebytes' Anti-Malware\mbamservice.exe
11:37:30.0024 0x155c MBAMService - ok
11:37:30.0028 0x155c [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
11:37:30.0035 0x155c MBAMWebAccessControl - ok
11:37:30.0038 0x155c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:37:30.0049 0x155c Mcx2Svc - ok
11:37:30.0052 0x155c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
11:37:30.0059 0x155c megasas - ok
11:37:30.0065 0x155c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:37:30.0076 0x155c MegaSR - ok
11:37:30.0080 0x155c [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:37:30.0086 0x155c MEIx64 - ok
11:37:30.0134 0x155c Microsoft SharePoint Workspace Audit Service - ok
11:37:30.0138 0x155c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
11:37:30.0174 0x155c MMCSS - ok
11:37:30.0177 0x155c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
11:37:30.0199 0x155c Modem - ok
11:37:30.0202 0x155c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:37:30.0211 0x155c monitor - ok
11:37:30.0214 0x155c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:37:30.0221 0x155c mouclass - ok
11:37:30.0223 0x155c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:37:30.0232 0x155c mouhid - ok
11:37:30.0236 0x155c [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:37:30.0243 0x155c mountmgr - ok
11:37:30.0248 0x155c [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:37:30.0256 0x155c MozillaMaintenance - ok
11:37:30.0261 0x155c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
11:37:30.0270 0x155c mpio - ok
11:37:30.0273 0x155c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:37:30.0295 0x155c mpsdrv - ok
11:37:30.0310 0x155c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:37:30.0347 0x155c MpsSvc - ok
11:37:30.0352 0x155c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:37:30.0362 0x155c MRxDAV - ok
11:37:30.0367 0x155c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:37:30.0377 0x155c mrxsmb - ok
11:37:30.0384 0x155c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:37:30.0397 0x155c mrxsmb10 - ok
11:37:30.0401 0x155c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:37:30.0411 0x155c mrxsmb20 - ok
11:37:30.0413 0x155c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
11:37:30.0420 0x155c msahci - ok
11:37:30.0425 0x155c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:37:30.0433 0x155c msdsm - ok
11:37:30.0438 0x155c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
11:37:30.0450 0x155c MSDTC - ok
11:37:30.0454 0x155c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:37:30.0475 0x155c Msfs - ok
11:37:30.0477 0x155c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:37:30.0498 0x155c mshidkmdf - ok
11:37:30.0501 0x155c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:37:30.0507 0x155c msisadrv - ok
11:37:30.0512 0x155c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:37:30.0536 0x155c MSiSCSI - ok
11:37:30.0538 0x155c msiserver - ok
11:37:30.0541 0x155c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:37:30.0562 0x155c MSKSSRV - ok
11:37:30.0564 0x155c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:37:30.0585 0x155c MSPCLOCK - ok
11:37:30.0587 0x155c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:37:30.0608 0x155c MSPQM - ok
11:37:30.0616 0x155c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:37:30.0629 0x155c MsRPC - ok
11:37:30.0632 0x155c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:37:30.0639 0x155c mssmbios - ok
11:37:30.0641 0x155c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:37:30.0662 0x155c MSTEE - ok
11:37:30.0664 0x155c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:37:30.0672 0x155c MTConfig - ok
11:37:30.0675 0x155c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
11:37:30.0682 0x155c Mup - ok
11:37:30.0691 0x155c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
11:37:30.0722 0x155c napagent - ok
11:37:30.0729 0x155c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:37:30.0745 0x155c NativeWifiP - ok
11:37:30.0763 0x155c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
11:37:30.0787 0x155c NDIS - ok
11:37:30.0790 0x155c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:37:30.0811 0x155c NdisCap - ok
11:37:30.0814 0x155c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:37:30.0836 0x155c NdisTapi - ok
11:37:30.0838 0x155c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:37:30.0859 0x155c Ndisuio - ok
11:37:30.0864 0x155c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:37:30.0887 0x155c NdisWan - ok
11:37:30.0890 0x155c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:37:30.0911 0x155c NDProxy - ok
11:37:30.0914 0x155c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:37:30.0935 0x155c NetBIOS - ok
11:37:30.0941 0x155c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:37:30.0966 0x155c NetBT - ok
11:37:30.0968 0x155c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon C:\Windows\system32\lsass.exe
11:37:30.0976 0x155c Netlogon - ok
11:37:30.0984 0x155c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
11:37:31.0012 0x155c Netman - ok
11:37:31.0017 0x155c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:31.0027 0x155c NetMsmqActivator - ok
11:37:31.0031 0x155c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:31.0040 0x155c NetPipeActivator - ok
11:37:31.0050 0x155c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
11:37:31.0081 0x155c netprofm - ok
11:37:31.0085 0x155c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:31.0094 0x155c NetTcpActivator - ok
11:37:31.0098 0x155c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:31.0107 0x155c NetTcpPortSharing - ok
11:37:31.0110 0x155c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:37:31.0117 0x155c nfrd960 - ok
11:37:31.0124 0x155c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
11:37:31.0138 0x155c NlaSvc - ok
11:37:31.0141 0x155c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:37:31.0162 0x155c Npfs - ok
11:37:31.0165 0x155c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
11:37:31.0188 0x155c nsi - ok
11:37:31.0190 0x155c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:37:31.0211 0x155c nsiproxy - ok
11:37:31.0239 0x155c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:37:31.0276 0x155c Ntfs - ok
11:37:31.0279 0x155c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
11:37:31.0300 0x155c Null - ok
11:37:31.0306 0x155c [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
11:37:31.0315 0x155c NVHDA - ok
11:37:31.0480 0x155c [ BF769EC1CC472FAD4C6EAEEB96ED857E, BBF8BA2B703BF4C36DFC7F69B4D8E477C8162BEC492C6C5D1A7751C19305ABE8 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:37:31.0648 0x155c nvlddmkm - ok
11:37:31.0686 0x155c [ 4B1E6975B565883985FB43C3FD6C88C6, D4CCA860A9AFDF5D729885896B3034A55C4778FE0A333C06B8B71C20BF73A48A ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
11:37:31.0724 0x155c NvNetworkService - ok
11:37:31.0730 0x155c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:37:31.0739 0x155c nvraid - ok
11:37:31.0743 0x155c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:37:31.0753 0x155c nvstor - ok
11:37:31.0755 0x155c [ DD8043B662B1F0CFC037976E38271975, A129975AE17677783A76E8DBEC6D01709BC40202672AAB5BB72A8E19A285C4C9 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
11:37:31.0761 0x155c NvStreamKms - ok
11:37:31.0762 0x155c NvStreamSvc - ok
11:37:31.0786 0x155c [ 039ACFA07F59DB2109BB6A2C0FA2C0D9, E641179FCDB83BBFFADDDECD646F69D667F494BFC41FCE1F035EE78A944C6D5B ] nvsvc C:\Windows\system32\nvvsvc.exe
11:37:31.0809 0x155c nvsvc - ok
11:37:31.0812 0x155c [ 6AC68DDFCAC19A300D738AF3493E46AA, 4E92215B6E3ED263E89489851C6FEAD08D3155C82A74E880DA460DED0021DF42 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
11:37:31.0819 0x155c nvvad_WaveExtensible - ok
11:37:31.0823 0x155c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:37:31.0832 0x155c nv_agp - ok
11:37:31.0835 0x155c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:37:31.0844 0x155c ohci1394 - ok
11:37:31.0976 0x155c [ 880CD3C9ACE342F29AB2F90C751B91A4, 7882ED604EE443E182B323D9A38E35B49FD8C28EDC1196B65EDFABB22CBF6161 ] Origin Client Service G:\Origin\OriginClientService.exe
11:37:32.0040 0x155c Origin Client Service - ok
11:37:32.0046 0x155c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:37:32.0054 0x155c ose - ok
11:37:32.0129 0x155c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:37:32.0231 0x155c osppsvc - ok
11:37:32.0243 0x155c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:37:32.0258 0x155c p2pimsvc - ok
11:37:32.0268 0x155c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
11:37:32.0285 0x155c p2psvc - ok
11:37:32.0289 0x155c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:37:32.0299 0x155c Parport - ok
11:37:32.0302 0x155c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:37:32.0310 0x155c partmgr - ok
11:37:32.0315 0x155c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:37:32.0327 0x155c PcaSvc - ok
11:37:32.0332 0x155c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
11:37:32.0342 0x155c pci - ok
11:37:32.0344 0x155c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
11:37:32.0350 0x155c pciide - ok
11:37:32.0356 0x155c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:37:32.0366 0x155c pcmcia - ok
11:37:32.0368 0x155c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
11:37:32.0376 0x155c pcw - ok
11:37:32.0388 0x155c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:37:32.0408 0x155c PEAUTH - ok
11:37:32.0431 0x155c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:37:32.0465 0x155c PeerDistSvc - ok
11:37:32.0480 0x155c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:37:32.0489 0x155c PerfHost - ok
11:37:32.0516 0x155c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
11:37:32.0563 0x155c pla - ok
11:37:32.0573 0x155c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:37:32.0590 0x155c PlugPlay - ok
11:37:32.0594 0x155c [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
11:37:32.0601 0x155c PnkBstrA - ok
11:37:32.0604 0x155c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:37:32.0613 0x155c PNRPAutoReg - ok
11:37:32.0621 0x155c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:37:32.0634 0x155c PNRPsvc - ok
11:37:32.0644 0x155c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:37:32.0675 0x155c PolicyAgent - ok
11:37:32.0681 0x155c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
11:37:32.0706 0x155c Power - ok
11:37:32.0710 0x155c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:37:32.0732 0x155c PptpMiniport - ok
11:37:32.0735 0x155c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
11:37:32.0744 0x155c Processor - ok
11:37:32.0749 0x155c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
11:37:32.0762 0x155c ProfSvc - ok
11:37:32.0764 0x155c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
11:37:32.0772 0x155c ProtectedStorage - ok
11:37:32.0777 0x155c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:37:32.0799 0x155c Psched - ok
11:37:32.0823 0x155c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:37:32.0859 0x155c ql2300 - ok
11:37:32.0864 0x155c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:37:32.0909 0x155c ql40xx - ok
11:37:32.0919 0x155c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
11:37:32.0938 0x155c QWAVE - ok
11:37:32.0941 0x155c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:37:32.0953 0x155c QWAVEdrv - ok
11:37:32.0955 0x155c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:37:32.0977 0x155c RasAcd - ok
11:37:32.0980 0x155c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:37:33.0001 0x155c RasAgileVpn - ok
11:37:33.0005 0x155c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
11:37:33.0029 0x155c RasAuto - ok
11:37:33.0033 0x155c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:37:33.0056 0x155c Rasl2tp - ok
11:37:33.0063 0x155c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
11:37:33.0092 0x155c RasMan - ok
11:37:33.0096 0x155c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:37:33.0118 0x155c RasPppoe - ok
11:37:33.0122 0x155c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:37:33.0144 0x155c RasSstp - ok
11:37:33.0151 0x155c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:37:33.0177 0x155c rdbss - ok
11:37:33.0179 0x155c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:37:33.0189 0x155c rdpbus - ok
11:37:33.0191 0x155c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:37:33.0212 0x155c RDPCDD - ok
11:37:33.0217 0x155c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:37:33.0228 0x155c RDPDR - ok
11:37:33.0231 0x155c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:37:33.0252 0x155c RDPENCDD - ok
11:37:33.0255 0x155c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:37:33.0276 0x155c RDPREFMP - ok
11:37:33.0279 0x155c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:37:33.0287 0x155c RdpVideoMiniport - ok
11:37:33.0293 0x155c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:37:33.0304 0x155c RDPWD - ok
11:37:33.0310 0x155c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:37:33.0320 0x155c rdyboost - ok
11:37:33.0324 0x155c [ E1A6731867765FBC01B37150AEFC00F3, 4ADB0FE791ACF0BBCF314FB73AE6025D70BAFB8DF925B4A4CFB3B50EA191C94E ] Realtek11nSU C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
11:37:33.0328 0x155c Realtek11nSU - detected UnsignedFile.Multi.Generic ( 1 )
11:37:35.0677 0x155c Detect skipped due to KSN trusted
11:37:35.0678 0x155c Realtek11nSU - ok
11:37:35.0684 0x155c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:37:35.0723 0x155c RemoteAccess - ok
11:37:35.0728 0x155c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:37:35.0754 0x155c RemoteRegistry - ok
11:37:35.0757 0x155c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:37:35.0781 0x155c RpcEptMapper - ok
11:37:35.0783 0x155c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
11:37:35.0792 0x155c RpcLocator - ok
11:37:35.0802 0x155c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
11:37:35.0831 0x155c RpcSs - ok
11:37:35.0834 0x155c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:37:35.0856 0x155c rspndr - ok
11:37:35.0873 0x155c [ D2D055E7ED70A5EE885D17D35DF97E80, 51781E55EEE111140A261822D3F78D76AD288E9DDF8578E236358E0AEB872C2F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:37:35.0892 0x155c RTL8167 - ok
11:37:35.0906 0x155c [ 216BBB8753FE1C9F79716AB8851FB4E1, DF697B864AE92CB863E9DB6980810EAD8EF4CB9C871CE0DB9E83C2F9447A62A8 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
11:37:35.0925 0x155c RTL8192su - ok
11:37:35.0928 0x155c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:37:35.0935 0x155c s3cap - ok
11:37:35.0938 0x155c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs C:\Windows\system32\lsass.exe
11:37:35.0946 0x155c SamSs - ok
11:37:35.0950 0x155c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:37:35.0957 0x155c sbp2port - ok
11:37:35.0963 0x155c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:37:35.0988 0x155c SCardSvr - ok
11:37:35.0991 0x155c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:37:36.0012 0x155c scfilter - ok
11:37:36.0032 0x155c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
11:37:36.0075 0x155c Schedule - ok
11:37:36.0079 0x155c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:37:36.0100 0x155c SCPolicySvc - ok
11:37:36.0106 0x155c [ 958E956E119EB7B9ABA142AFED1B5FF4, DB76B53124C91C959AF6F6E3FA8BEE4B74C1D7CB4684CD88380270CFF3C4469F ] ScsiAccess C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
11:37:36.0114 0x155c ScsiAccess - ok
11:37:36.0119 0x155c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:37:36.0132 0x155c SDRSVC - ok
11:37:36.0134 0x155c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:37:36.0155 0x155c secdrv - ok
11:37:36.0158 0x155c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
11:37:36.0181 0x155c seclogon - ok
11:37:36.0184 0x155c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
11:37:36.0208 0x155c SENS - ok
11:37:36.0210 0x155c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:37:36.0220 0x155c SensrSvc - ok
11:37:36.0222 0x155c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:37:36.0231 0x155c Serenum - ok
11:37:36.0234 0x155c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:37:36.0243 0x155c Serial - ok
11:37:36.0246 0x155c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:37:36.0254 0x155c sermouse - ok
11:37:36.0261 0x155c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
11:37:36.0285 0x155c SessionEnv - ok
11:37:36.0287 0x155c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:37:36.0297 0x155c sffdisk - ok
11:37:36.0299 0x155c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:37:36.0309 0x155c sffp_mmc - ok
11:37:36.0311 0x155c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:37:36.0321 0x155c sffp_sd - ok
11:37:36.0323 0x155c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:37:36.0332 0x155c sfloppy - ok
11:37:36.0340 0x155c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:37:36.0368 0x155c SharedAccess - ok
11:37:36.0376 0x155c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:37:36.0406 0x155c ShellHWDetection - ok
11:37:36.0409 0x155c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:37:36.0416 0x155c SiSRaid2 - ok
11:37:36.0421 0x155c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:37:36.0428 0x155c SiSRaid4 - ok
11:37:36.0468 0x155c [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate D:\Skype\Updater\Updater.exe
11:37:36.0491 0x155c SkypeUpdate - ok
11:37:36.0497 0x155c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:37:36.0520 0x155c Smb - ok
11:37:36.0524 0x155c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:37:36.0534 0x155c SNMPTRAP - ok
11:37:36.0536 0x155c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
11:37:36.0543 0x155c spldr - ok
11:37:36.0554 0x155c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
11:37:36.0573 0x155c Spooler - ok
11:37:36.0628 0x155c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
11:37:36.0714 0x155c sppsvc - ok
11:37:36.0720 0x155c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:37:36.0744 0x155c sppuinotify - ok
11:37:36.0753 0x155c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:37:36.0769 0x155c srv - ok
11:37:36.0778 0x155c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:37:36.0793 0x155c srv2 - ok
11:37:36.0798 0x155c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:37:36.0808 0x155c srvnet - ok
11:37:36.0813 0x155c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:37:36.0839 0x155c SSDPSRV - ok
11:37:36.0842 0x155c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:37:36.0866 0x155c SstpSvc - ok
11:37:36.0876 0x155c [ 6E1A473DD2A4714EAF7D11E2315DF794, 4460546191072C7DF8B2E5A00577BA8E4FF5A1B2EA399DDF65EBE1AE4A5A5C84 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:37:36.0891 0x155c Steam Client Service - ok
11:37:36.0901 0x155c [ D2B4376F9F36C5873A6CF99EF5750724, 2A5C12EE3657D4A6819080549ADFA3288E0DAC975114D9466DCCC3ED922D2539 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:37:36.0913 0x155c Stereo Service - ok
11:37:36.0916 0x155c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:37:36.0923 0x155c stexstor - ok
11:37:36.0934 0x155c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
11:37:36.0957 0x155c stisvc - ok
11:37:36.0960 0x155c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:37:36.0968 0x155c storflt - ok
11:37:36.0970 0x155c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
11:37:36.0979 0x155c StorSvc - ok
11:37:36.0982 0x155c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:37:36.0989 0x155c storvsc - ok
11:37:36.0991 0x155c [ CE2D5CABC80ABC8A605A55C3954FB313, 468FD63049C489515A117906E2D23CE86E3727F4F1613F4BDFC28D0392A35AB6 ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
11:37:36.0998 0x155c SWDUMon - ok
11:37:37.0000 0x155c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:37:37.0006 0x155c swenum - ok
11:37:37.0016 0x155c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
11:37:37.0047 0x155c swprv - ok
11:37:37.0077 0x155c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
11:37:37.0122 0x155c SysMain - ok
11:37:37.0132 0x155c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:37:37.0146 0x155c TabletInputService - ok
11:37:37.0153 0x155c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
11:37:37.0180 0x155c TapiSrv - ok
11:37:37.0184 0x155c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
11:37:37.0207 0x155c TBS - ok
11:37:37.0238 0x155c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:37:37.0280 0x155c Tcpip - ok
11:37:37.0312 0x155c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:37:37.0346 0x155c TCPIP6 - ok
11:37:37.0351 0x155c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:37:37.0359 0x155c tcpipreg - ok
11:37:37.0362 0x155c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:37:37.0370 0x155c TDPIPE - ok
11:37:37.0373 0x155c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:37:37.0380 0x155c TDTCP - ok
11:37:37.0384 0x155c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:37:37.0394 0x155c tdx - ok
11:37:37.0397 0x155c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:37:37.0404 0x155c TermDD - ok
11:37:37.0417 0x155c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
11:37:37.0438 0x155c TermService - ok
11:37:37.0442 0x155c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
11:37:37.0454 0x155c Themes - ok
11:37:37.0458 0x155c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
11:37:37.0480 0x155c THREADORDER - ok
11:37:37.0484 0x155c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
11:37:37.0508 0x155c TrkWks - ok
11:37:37.0515 0x155c [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
11:37:37.0524 0x155c truecrypt - ok
11:37:37.0529 0x155c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:37:37.0551 0x155c TrustedInstaller - ok
11:37:37.0555 0x155c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:37:37.0563 0x155c tssecsrv - ok
11:37:37.0567 0x155c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:37:37.0575 0x155c TsUsbFlt - ok
11:37:37.0578 0x155c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:37:37.0585 0x155c TsUsbGD - ok
11:37:37.0590 0x155c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:37:37.0612 0x155c tunnel - ok
11:37:37.0615 0x155c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:37:37.0623 0x155c uagp35 - ok
11:37:37.0630 0x155c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:37:37.0657 0x155c udfs - ok
11:37:37.0662 0x155c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:37:37.0672 0x155c UI0Detect - ok
11:37:37.0676 0x155c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:37:37.0683 0x155c uliagpkx - ok
11:37:37.0686 0x155c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:37:37.0694 0x155c umbus - ok
11:37:37.0697 0x155c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
11:37:37.0705 0x155c UmPass - ok
11:37:37.0710 0x155c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
11:37:37.0723 0x155c UmRdpService - ok
11:37:37.0731 0x155c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
11:37:37.0759 0x155c upnphost - ok
11:37:37.0763 0x155c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:37:37.0772 0x155c USBAAPL64 - ok
11:37:37.0776 0x155c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:37:37.0785 0x155c usbccgp - ok
11:37:37.0789 0x155c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:37:37.0798 0x155c usbcir - ok
11:37:37.0801 0x155c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:37:37.0809 0x155c usbehci - ok
11:37:37.0817 0x155c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:37:37.0830 0x155c usbhub - ok
11:37:37.0833 0x155c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:37:37.0840 0x155c usbohci - ok
11:37:37.0843 0x155c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:37:37.0853 0x155c usbprint - ok
11:37:37.0856 0x155c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:37:37.0865 0x155c USBSTOR - ok
11:37:37.0868 0x155c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:37:37.0876 0x155c usbuhci - ok
11:37:37.0878 0x155c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
11:37:37.0902 0x155c UxSms - ok
11:37:37.0904 0x155c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc C:\Windows\system32\lsass.exe
11:37:37.0912 0x155c VaultSvc - ok
11:37:37.0915 0x155c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:37:37.0922 0x155c vdrvroot - ok
11:37:37.0933 0x155c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
11:37:37.0964 0x155c vds - ok
11:37:37.0967 0x155c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:37:37.0977 0x155c vga - ok
11:37:37.0979 0x155c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:37:38.0000 0x155c VgaSave - ok
11:37:38.0006 0x155c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:37:38.0017 0x155c vhdmp - ok
11:37:38.0044 0x155c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
11:37:38.0083 0x155c viaide - ok
11:37:38.0092 0x155c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:37:38.0109 0x155c vmbus - ok
11:37:38.0113 0x155c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:37:38.0123 0x155c VMBusHID - ok
11:37:38.0126 0x155c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:37:38.0134 0x155c volmgr - ok
11:37:38.0143 0x155c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:37:38.0155 0x155c volmgrx - ok
11:37:38.0162 0x155c [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:37:38.0174 0x155c volsnap - ok
11:37:38.0179 0x155c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:37:38.0189 0x155c vsmraid - ok
11:37:38.0216 0x155c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
11:37:38.0268 0x155c VSS - ok
11:37:38.0272 0x155c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:37:38.0282 0x155c vwifibus - ok
11:37:38.0285 0x155c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:37:38.0297 0x155c vwififlt - ok
11:37:38.0305 0x155c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
11:37:38.0334 0x155c W32Time - ok
11:37:38.0338 0x155c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:37:38.0346 0x155c WacomPen - ok
11:37:38.0349 0x155c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:37:38.0371 0x155c WANARP - ok
11:37:38.0374 0x155c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:37:38.0396 0x155c Wanarpv6 - ok
11:37:38.0420 0x155c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
11:37:38.0458 0x155c wbengine - ok
11:37:38.0464 0x155c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:37:38.0480 0x155c WbioSrvc - ok
11:37:38.0488 0x155c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:37:38.0508 0x155c wcncsvc - ok
11:37:38.0511 0x155c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:37:38.0522 0x155c WcsPlugInService - ok
11:37:38.0525 0x155c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
11:37:38.0532 0x155c Wd - ok
11:37:38.0547 0x155c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:37:38.0568 0x155c Wdf01000 - ok
11:37:38.0572 0x155c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:37:38.0583 0x155c WdiServiceHost - ok
11:37:38.0586 0x155c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:37:38.0596 0x155c WdiSystemHost - ok
11:37:38.0602 0x155c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
11:37:38.0616 0x155c WebClient - ok
11:37:38.0623 0x155c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:37:38.0650 0x155c Wecsvc - ok
11:37:38.0653 0x155c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:37:38.0680 0x155c wercplsupport - ok
11:37:38.0683 0x155c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
11:37:38.0707 0x155c WerSvc - ok
11:37:38.0710 0x155c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:37:38.0730 0x155c WfpLwf - ok
11:37:38.0733 0x155c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:37:38.0739 0x155c WIMMount - ok
11:37:38.0741 0x155c WinDefend - ok
11:37:38.0745 0x155c WinHttpAutoProxySvc - ok
11:37:38.0752 0x155c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:37:38.0779 0x155c Winmgmt - ok
11:37:38.0843 0x155c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
11:37:38.0890 0x155c WinRM - ok
11:37:38.0897 0x155c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:37:38.0907 0x155c WinUsb - ok
11:37:38.0924 0x155c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:37:38.0954 0x155c Wlansvc - ok
11:37:38.0994 0x155c [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:37:39.0041 0x155c wlidsvc - ok
11:37:39.0045 0x155c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:37:39.0053 0x155c WmiAcpi - ok
11:37:39.0059 0x155c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:37:39.0071 0x155c wmiApSrv - ok
11:37:39.0073 0x155c WMPNetworkSvc - ok
11:37:39.0076 0x155c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:37:39.0085 0x155c WPCSvc - ok
11:37:39.0090 0x155c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:37:39.0102 0x155c WPDBusEnum - ok
11:37:39.0105 0x155c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:37:39.0126 0x155c ws2ifsl - ok
11:37:39.0130 0x155c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
11:37:39.0144 0x155c wscsvc - ok
11:37:39.0146 0x155c WSearch - ok
11:37:39.0188 0x155c [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
11:37:39.0245 0x155c wuauserv - ok
11:37:39.0251 0x155c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:37:39.0259 0x155c WudfPf - ok
11:37:39.0265 0x155c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:37:39.0276 0x155c WUDFRd - ok
11:37:39.0280 0x155c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:37:39.0291 0x155c wudfsvc - ok
11:37:39.0297 0x155c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
11:37:39.0310 0x155c WwanSvc - ok
11:37:39.0314 0x155c ================ Scan global ===============================
11:37:39.0321 0x155c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
11:37:39.0331 0x155c [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
11:37:39.0341 0x155c [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
11:37:39.0348 0x155c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:37:39.0357 0x155c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:37:39.0364 0x155c [ Global ] - ok
11:37:39.0364 0x155c ================ Scan MBR ==================================
11:37:39.0365 0x155c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
11:37:39.0435 0x155c \Device\Harddisk1\DR1 - ok
11:37:39.0438 0x155c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:37:39.0497 0x155c \Device\Harddisk0\DR0 - ok
11:37:39.0513 0x155c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
11:37:39.0640 0x155c \Device\Harddisk2\DR2 - detected TDSS File System ( 1 )
11:37:39.0640 0x155c \Device\Harddisk2\DR2 ( TDSS File System ) - warning
11:37:42.0072 0x155c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
11:37:42.0158 0x155c \Device\Harddisk3\DR3 - ok
11:37:42.0162 0x155c [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk4\DR4
11:37:42.0223 0x155c \Device\Harddisk4\DR4 - ok
11:37:42.0224 0x155c ================ Scan VBR ==================================
11:37:42.0226 0x155c [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
11:37:42.0226 0x155c \Device\Harddisk1\DR1\Partition1 - ok
11:37:42.0229 0x155c [ 9A6817862D87A9770C14D17DBE88B2B1 ] \Device\Harddisk1\DR1\Partition2
11:37:42.0292 0x155c \Device\Harddisk1\DR1\Partition2 - ok
11:37:42.0295 0x155c [ 658216DF9A80071CD89E9DADBA817322 ] \Device\Harddisk1\DR1\Partition3
11:37:42.0358 0x155c \Device\Harddisk1\DR1\Partition3 - ok
11:37:42.0361 0x155c [ 7B435AE345F8F63103F234AE0496FD54 ] \Device\Harddisk0\DR0\Partition1
11:37:42.0362 0x155c \Device\Harddisk0\DR0\Partition1 - ok
11:37:42.0365 0x155c [ 5C55994C42B6ADD9F277CB15657E8878 ] \Device\Harddisk0\DR0\Partition2
11:37:42.0367 0x155c \Device\Harddisk0\DR0\Partition2 - ok
11:37:42.0369 0x155c [ F5702576E9FBB5621D606ECBD6CFCA52 ] \Device\Harddisk2\DR2\Partition1
11:37:42.0371 0x155c \Device\Harddisk2\DR2\Partition1 - ok
11:37:42.0373 0x155c [ 879CD96E61C9DD30DC357048FDD07650 ] \Device\Harddisk2\DR2\Partition2
11:37:42.0375 0x155c \Device\Harddisk2\DR2\Partition2 - ok
11:37:42.0377 0x155c [ DDE6E425C1F6E124366D43FBD74D0DE6 ] \Device\Harddisk2\DR2\Partition3
11:37:42.0404 0x155c \Device\Harddisk2\DR2\Partition3 - ok
11:37:42.0406 0x155c [ F50DAF8BC01CADB98532F6032ED38729 ] \Device\Harddisk3\DR3\Partition1
11:37:42.0452 0x155c \Device\Harddisk3\DR3\Partition1 - ok
11:37:42.0455 0x155c [ BD94A2F4CD989037BA4EBB4C0ADC5041 ] \Device\Harddisk4\DR4\Partition1
11:37:42.0456 0x155c \Device\Harddisk4\DR4\Partition1 - ok
11:37:42.0457 0x155c ================ Scan generic autorun ======================
11:37:42.0457 0x155c Nvtmru - ok
11:37:42.0516 0x155c [ 2DC2C370F785AD5B2717A205238B03E2, 50D002FF269741855986179D4B9D5A820C04E881B624AFEF0B76E80A68930F3D ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
11:37:42.0560 0x155c NvBackend - ok
11:37:42.0565 0x155c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
11:37:42.0575 0x155c ShadowPlay - ok
11:37:42.0693 0x155c [ 26E56C4065A4AFB61F38CE9F9DB2BBB9, F969A8EB22CB9F8A5F9E47E7DD53F14F5AF813665DE8A465895A5C216DFA927A ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
11:37:42.0810 0x155c RTHDVCPL - ok
11:37:42.0820 0x155c [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
11:37:42.0830 0x155c USB3MON - ok
11:37:42.0868 0x155c [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] D:\Office 2010\Office14\BCSSync.exe
11:37:42.0882 0x155c BCSSync - ok
11:37:43.0026 0x155c [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] D:\Avast Antivir\AvastUI.exe
11:37:43.0171 0x155c AvastUI.exe - ok
11:37:43.0186 0x155c [ 34084D25BE6F48D072AA54DE630438FD, 522C96429FC679C2D07E9254E8D1793FEC018D65CD43D88FE9851CC8CEB61A07 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:37:43.0196 0x155c SunJavaUpdateSched - ok
11:37:43.0217 0x155c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:37:43.0246 0x155c Sidebar - ok
11:37:43.0250 0x155c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:37:43.0263 0x155c mctadmin - ok
11:37:43.0283 0x155c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:37:43.0307 0x155c Sidebar - ok
11:37:43.0311 0x155c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:37:43.0323 0x155c mctadmin - ok
11:37:43.0343 0x155c [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Scotty\AppData\Local\FluxSoftware\Flux\flux.exe
11:37:43.0362 0x155c f.lux - ok
11:37:43.0363 0x155c Waiting for KSN requests completion. In queue: 51
11:37:44.0364 0x155c Waiting for KSN requests completion. In queue: 51
11:37:45.0364 0x155c Waiting for KSN requests completion. In queue: 51
11:37:46.0402 0x155c AV detected via SS2: avast! Antivirus, D:\Avast Antivir\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
11:37:46.0408 0x155c Win FW state via NFP2: enabled
11:37:48.0773 0x155c ============================================================
11:37:48.0773 0x155c Scan finished
11:37:48.0773 0x155c ============================================================
11:37:48.0780 0x08bc Detected object count: 1
11:37:48.0780 0x08bc Actual detected object count: 1
11:38:04.0513 0x08bc \Device\Harddisk2\DR2\TDLFS\config.ini - copied to quarantine
11:38:04.0517 0x08bc \Device\Harddisk2\DR2\TDLFS\tdl - copied to quarantine
11:38:04.0518 0x08bc \Device\Harddisk2\DR2\TDLFS\rsrc.dat - copied to quarantine
11:38:04.0519 0x08bc \Device\Harddisk2\DR2\TDLFS\bckfg.tmp - copied to quarantine
11:38:04.0521 0x08bc \Device\Harddisk2\DR2\TDLFS\tdlcmd.dll - copied to quarantine
11:38:04.0522 0x08bc \Device\Harddisk2\DR2\TDLFS - deleted
11:38:04.0522 0x08bc \Device\Harddisk2\DR2 ( TDSS File System ) - User select action: Delete
|
|
09.07.2015, 13:22
| #9 |
| /// the machine /// TB-Ausbilder | PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. perfekt  Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2015, 17:02
| #10 |
| | PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. Hallo, anbei die Log-Datei. Bevor das Programm den PC neu starten konnte, kam die folgende Fehlermeldung: "Unable to create backup of current registry file C:\windows\system32\config\security! continue with restoration of this file?" Habe dann ja geklickt. Danach kamen noch ca. 10 weitere, ähnliche Fehlermeldungen, deren genauen Wortlaut ich mir allerdings nicht aufgeschrieben habe -.- Code:
ATTFilter ComboFix 15-07-08.01 - Scotty 09.07.2015 17:40:46.1.4 - x64
Microsoft Windows 7 Professional N 6.1.7601.1.1252.49.1031.18.16328.11347 [GMT 2:00]
ausgeführt von:: c:\users\Scotty\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Scotty\AppData\Roaming\0ad
c:\users\Scotty\AppData\Roaming\0ad\config\user.cfg
D:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-06-09 bis 2015-07-09 ))))))))))))))))))))))))))))))
.
.
2015-07-09 15:44 . 2015-07-09 15:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-09 09:38 . 2015-07-09 09:38 -------- d-----w- C:\TDSSKiller_Quarantine
2015-07-08 18:44 . 2015-06-17 06:03 571024 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-07-08 18:27 . 2015-05-19 03:29 46768 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2015-07-08 18:27 . 2015-05-19 03:14 57520 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2015-07-08 08:42 . 2015-07-08 08:48 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-07-07 20:33 . 2015-07-07 20:33 -------- d-----w- c:\program files\avast software
2015-07-07 20:32 . 2015-07-07 20:32 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-07-07 20:32 . 2015-07-07 20:32 43112 ----a-w- c:\windows\avastSS.scr
2015-07-07 20:24 . 2015-07-07 20:25 -------- d-----w- C:\FRST
2015-07-07 11:19 . 2015-07-07 11:19 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-07 11:19 . 2015-07-07 11:19 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-07 08:50 . 2015-06-12 07:50 12221144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{65886CE1-2BAF-412A-83E2-A0EFE9089A45}\mpengine.dll
2015-07-06 18:58 . 2015-07-06 18:58 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-07-06 18:58 . 2015-07-06 18:58 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-07-06 18:58 . 2015-07-06 18:58 -------- d-----w- c:\program files (x86)\Java
2015-06-26 11:07 . 2015-06-26 11:07 -------- d-----w- c:\program files (x86)\Photodex Presenter
2015-06-26 11:07 . 2015-06-26 11:07 -------- d-----w- c:\program files (x86)\Photodex
2015-06-23 21:42 . 2015-06-23 21:42 -------- d-----w- c:\users\Scotty\AppData\Roaming\Netscape
2015-06-23 21:41 . 2015-06-23 21:41 -------- d-----w- c:\users\Scotty\AppData\Roaming\Photodex
2015-06-23 21:41 . 2015-06-23 21:41 -------- d-----w- c:\programdata\Photodex
2015-06-23 21:35 . 2015-06-23 21:38 -------- d-----w- c:\users\Scotty\AppData\Roaming\Ashampoo Slideshow Studio HD 3
2015-06-23 21:34 . 2015-06-23 21:34 -------- d-----w- c:\users\Scotty\AppData\Local\ashampoo
2015-06-23 21:34 . 2015-06-23 21:34 -------- d-----w- c:\programdata\Ashampoo
2015-06-23 18:08 . 2015-06-23 18:08 -------- d-----w- c:\users\Scotty\AppData\Local\Magix
2015-06-23 18:07 . 2015-06-23 18:07 -------- d-----w- c:\users\Scotty\AppData\Local\Xara
2015-06-23 18:07 . 2015-06-23 20:55 -------- d-----w- c:\users\Scotty\AppData\Roaming\MAGIX
2015-06-23 18:07 . 2015-06-23 18:07 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Shared
2015-06-23 18:06 . 2015-06-29 10:04 -------- d-----w- c:\programdata\MAGIX
2015-06-23 18:06 . 2015-06-29 10:04 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Services
2015-06-20 20:20 . 2015-06-20 20:20 -------- d-----w- c:\users\Scotty\AppData\Local\ESN
2015-06-10 08:38 . 2015-05-25 18:00 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-08 17:14 . 2015-05-20 12:00 16056 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2015-07-08 08:42 . 2015-06-06 21:36 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-08 08:41 . 2015-06-06 21:35 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-07 20:33 . 2013-08-18 15:41 442264 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-07-07 20:32 . 2014-05-18 13:45 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-07-07 20:32 . 2014-01-03 19:37 137288 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-07-07 20:32 . 2013-08-18 15:41 89944 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-07-07 20:32 . 2013-08-18 15:41 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-07-07 20:32 . 2013-08-18 15:41 272248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-07-07 20:32 . 2013-08-18 15:41 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-07-07 20:32 . 2013-08-18 15:41 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-07-06 11:46 . 2015-03-19 22:28 226168 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-07-06 11:38 . 2013-08-29 11:00 226168 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2015-06-24 11:36 . 2013-12-11 18:47 1320120 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-06-24 11:36 . 2014-11-15 01:27 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-06-24 11:36 . 2013-12-11 18:47 1571696 ----a-w- c:\windows\system32\nvspcap64.dll
2015-06-24 11:36 . 2014-11-15 01:27 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-06-23 11:30 . 2010-11-21 03:27 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-06-21 22:41 . 2013-08-29 12:33 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2015-06-20 20:22 . 2014-06-28 11:32 76152 ----a-w- c:\windows\system32\PnkBstrA.exe
2015-06-18 06:41 . 2015-06-06 21:35 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-06-18 06:41 . 2015-06-06 21:35 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-06-17 09:10 . 2015-05-20 12:16 1567576 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-06-17 09:10 . 2015-05-20 12:16 12855416 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-06-17 09:10 . 2014-03-20 21:03 15224784 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-06-17 09:10 . 2013-08-18 14:06 112784 ----a-w- c:\windows\system32\OpenCL.dll
2015-06-17 09:10 . 2013-08-18 14:06 105288 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-06-17 09:10 . 2013-08-18 14:05 3395648 ----a-w- c:\windows\system32\nvapi64.dll
2015-06-17 09:10 . 2013-08-18 14:05 2997544 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-06-17 06:48 . 2013-08-18 14:06 937616 ----a-w- c:\windows\system32\nvvsvc.exe
2015-06-17 06:48 . 2013-08-18 14:06 62792 ----a-w- c:\windows\system32\nvshext.dll
2015-06-17 06:48 . 2013-08-18 14:06 385168 ----a-w- c:\windows\system32\nvmctray.dll
2015-06-17 06:48 . 2013-08-18 14:06 2558792 ----a-w- c:\windows\system32\nvsvcr.dll
2015-06-17 06:48 . 2013-08-18 14:06 6873232 ----a-w- c:\windows\system32\nvcpl.dll
2015-06-17 06:48 . 2013-08-18 14:06 3492168 ----a-w- c:\windows\system32\nvsvc64.dll
2015-06-16 21:02 . 2014-01-17 00:25 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2015-06-10 09:51 . 2013-08-18 14:56 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-06-02 14:11 . 2013-08-18 14:06 4421614 ----a-w- c:\windows\system32\nvcoproc.bin
2015-05-25 18:01 . 2015-06-10 08:38 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-19 03:14 . 2014-11-15 01:23 61616 ----a-w- c:\windows\system32\nvaudcap64v.dll
2015-05-12 06:27 . 2015-05-20 12:16 1898312 ----a-w- c:\windows\system32\nvdispco6435286.dll
2015-05-12 06:27 . 2015-05-20 12:16 1557648 ----a-w- c:\windows\system32\nvdispgenco6435286.dll
2015-05-01 13:17 . 2015-05-14 01:03 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-14 01:03 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-20 03:17 . 2015-05-13 09:58 1179136 ----a-w- c:\windows\system32\FntCache.dll
2015-04-20 03:17 . 2015-05-13 09:58 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-04-20 02:56 . 2015-05-13 09:58 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-04-18 03:10 . 2015-05-13 09:59 460800 ----a-w- c:\windows\system32\certcli.dll
2015-04-18 02:56 . 2015-05-13 09:59 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-04-14 01:38 . 2015-04-14 01:38 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-04-13 03:28 . 2015-05-13 09:59 328704 ----a-w- c:\windows\system32\services.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"f.lux"="c:\users\Scotty\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"BCSSync"="d:\office 2010\Office14\BCSSync.exe" [2012-11-05 89184]
"AvastUI.exe"="d:\avast antivir\AvastUI.exe" [2015-07-07 5515496]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=d:\sophos\SOPHOS~1\sophos_detoured.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;d:\malwarebytes' anti-malware\mbamservice.exe;d:\malwarebytes' anti-malware\mbamservice.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Origin Client Service;Origin Client Service;g:\origin\OriginClientService.exe;g:\origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 ASGT;ASGT;c:\windows\SysWOW64\ASGT.exe;c:\windows\SysWOW64\ASGT.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DirMngr;DirMngr;d:\gnupg\dirmngr.exe;d:\gnupg\dirmngr.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Realtek11nSU;Realtek11nSU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [x]
S2 SkypeUpdate;Skype Updater;d:\skype\Updater\Updater.exe;d:\skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-08 08:35 991048 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.132\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-18 15:21]
.
2015-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-18 15:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-07-07 20:32 722400 ----a-w- d:\avast antivir\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-06-24 2754704]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-06-24 1571696]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2000-01-01 7660760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=d:\sophos\SOPHOS~1\sophos_detoured_x64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - d:\office~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - d:\office~1\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\
FF - prefs.js: browser.startup.homepage - facebook.com | http://www.trojaner-board.de/168529-...rt-noetig.html
FF - prefs.js: keyword.URL - hxxps://www.google.com/search
FF - prefs.js: network.proxy.ftp - 131.109.42.105
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.http - 131.109.42.105
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - 131.109.42.105
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 131.109.42.105
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-PeerGuardian_is1 - d:\vuze\PeerGuardian2\unins000.exe
AddRemove-Free FLV Converter - c:\program files (x86)\Free FLV Converter\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4268881813-2952948070-2875398935-1000\Software\SecuROM\License information*]
"datasecu"=hex:83,f7,e2,49,f5,9e,31,c4,38,bf,0b,0a,3e,e2,d0,b7,59,08,bf,cf,38,
cc,ea,ec,15,f5,35,41,53,3e,fa,cb,ba,6f,b4,94,f8,1a,ba,89,68,01,ca,29,b3,d3,\
"rkeysecu"=hex:d3,97,64,9d,41,db,2e,c1,94,e9,2f,7f,54,fa,49,86
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
d:\avast antivir\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
c:\program files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-09 17:54:26 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-07-09 15:54
.
Vor Suchlauf: 12 Verzeichnis(se), 31.455.490.048 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 31.324.209.152 Bytes frei
.
- - End Of File - - BE462AD1A60267D5E765CFA65F31BA71
A36C5E4F47E84449FF07ED3517B43A31
|
|
10.07.2015, 08:09
| #11 |
| /// the machine /// TB-Ausbilder | PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.07.2015, 08:45
| #12 |
| | PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. Ich bin bis Sonntag Abend nicht zu Hause. Dann werde ich die Logs aber direkt erstellen. Vielen Dank schon mal, für die bisherige Hilfe |
|
10.07.2015, 15:31
| #13 |
| /// the machine /// TB-Ausbilder | PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. ok
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.07.2015, 11:34
| #14 |
| | PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. soo, anbei die 3 logs der 3 Scans: MBAM: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 13.07.2015 Suchlaufzeit: 12:11 Protokolldatei: Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.07.13.01 Rootkit-Datenbank: v2015.07.10.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Scotty Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 378115 Abgelaufene Zeit: 5 Min., 15 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) AdwCleaner: Code:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 13/07/2015 um 12:22:17
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-11.1 [Server]
# Betriebssystem : Windows 7 Professional N Service Pack 1 (x64)
# Benutzername : Scotty - SCOTTY-PC
# Gestarted von : C:\Users\Scotty\Desktop\AdwCleaner_4.208.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : swdumon
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Scotty\AppData\Local\slimware utilities inc
Datei Gelöscht : C:\Windows\System32\drivers\swdumon.sys
Datei Gelöscht : C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\foxydeal.sqlite
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Mozilla Firefox v39.0 (x86 de)
-\\ Google Chrome v43.0.2357.132
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [2004 Bytes] - [07/06/2015 21:08:37]
AdwCleaner[R1].txt - [1238 Bytes] - [13/07/2015 12:19:57]
AdwCleaner[S0].txt - [2013 Bytes] - [07/06/2015 21:35:03]
AdwCleaner[S1].txt - [1162 Bytes] - [13/07/2015 12:22:17]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1221 Bytes] ##########
Und der Log vom Junkware Removal TOol: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.4.6 (07.12.2015:2)
OS: Windows 7 Professional N x64
Ran by Scotty on 13.07.2015 at 12:28:02,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\users\public\documents\downloaded installers
Successfully deleted: [Folder] C:\Windows\syswow64\ai_recyclebin
~~~ FireFox
Successfully deleted: [File] C:\Users\Scotty\AppData\Roaming\mozilla\firefox\profiles\85szks6p.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
Emptied folder: C:\Users\Scotty\AppData\Roaming\mozilla\firefox\profiles\85szks6p.default\minidumps [117 files]
~~~ Chrome
[C:\Users\Scotty\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Scotty\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Scotty\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Scotty\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.07.2015 at 12:30:48,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scotty |
|
14.07.2015, 07:02
| #15 |
| /// the machine /// TB-Ausbilder | PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig.ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. |
| antivir, antivirus, bonjour, browser, fehler, firefox, flash player, ftp, google, helper, homepage, maus, mozilla, mp3, newtab, problem, realtek, registry, rundll, scan, security, software, starten, svchost.exe, torbrowser, tracker, usb, windows |
WARNUNG an die MITLESER: 
Linear-Darstellung
