| |
| |||||||
Alles rund um Windows: CPU-Auslastung permanent über 55%, auch wenn ich nichts tueWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
06.10.2015, 17:20
| #1 |
 |  Problem: CPU-Auslastung permanent über 55%, auch wenn ich nichts tue Hallo, und vielen Dank, dass ihr bereit seid, mir zu helfen! Mir geht es jetzt mit meinem Laptop langsam echt zu weit - beginnend damit, dass Elemente in Windows 10 gar nicht erst laden (wenn ich z.B. auf die Suche-Lupe unten links gehe, öffnet sich oft einfach gar nichts oder es dauert eben ziemlich lange), wie auch das Info-Center oder der Bereich Internetzugriff (alles Inhalte unten auf der Anzeigeleiste), da diese oft nur sehr langsam sich öffnen. Das Problem könnte darauf zurückzuführen sein, dass meine CPU, mein Arbeitsspeicher und auch mein physischer Arbeitsspeicher (was auch immer das ist), permanent ziemlich ausgelastet ist. Angehängt findet ihr Screenshots, von meinem Taskmanager, wenn z.B. gar nichts im Hintergrund läuft. FRST-Files habe ich hier schonmal frisch erstellt: FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015 durchgeführt von Niclas (Administrator) auf NICLAS (06-10-2015 18:11:31) Gestartet von C:\Users\Niclas\Downloads Geladene Profile: Niclas (Verfügbare Profile: Niclas & DefaultAppPool) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\cleanmgr.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-08-17] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-17] (Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-09-16] (ELAN Microelectronics Corp.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-25] (AVAST Software) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3861039383-3584637288-95791406-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd) HKU\S-1-5-21-3861039383-3584637288-95791406-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-3861039383-3584637288-95791406-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> none ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-09] (AVAST Software) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{0f5ef7aa-5c5d-46e1-b532-2a95a6bf767c}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-3861039383-3584637288-95791406-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3861039383-3584637288-95791406-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-3861039383-3584637288-95791406-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://youtube.com/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-09] (AVAST Software) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-19] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-09] (AVAST Software) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-19] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-3861039383-3584637288-95791406-1000 -> hxxp://google.de/ FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [Keine Datei] FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-19] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-08-12] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-08-12] (Microsoft Corporation) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-08] Chrome: ======= CHR StartupUrls: Profile 2 -> "hxxps://www.youtube.com/channel/UCaBb86TBc65xZ8rnwUR2ShA" CHR Profile: C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-24] CHR Extension: (Google Docs) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-24] CHR Extension: (Google Drive) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-24] CHR Extension: (YouTube) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-24] CHR Extension: (Google-Suche) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-24] CHR Extension: (Google Tabellen) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-24] CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-27] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-24] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-24] CHR Extension: (Google Mail) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-24] CHR Extension: (convert2mp3.net Online Video Converter) - C:\Users\Niclas\Documents\convert2mp3_chrome_addon-2.4\convert2mp3_video_converter_2.4 [2015-05-24] CHR Profile: C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Heartbeat) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aailiojlhjbichheofhdpcongebcgcgm [2015-05-29] CHR Extension: (Google Drive) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-29] CHR Extension: (YouTube) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-29] CHR Extension: (Google-Suche) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-29] CHR Extension: (Avast SafePrice) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-06-03] CHR Extension: (Bookmark Manager) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-29] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-29] CHR Extension: (Google Wallet) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-29] CHR Extension: (Click&Clean App) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-05-29] CHR Extension: (Google Mail) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-29] CHR Extension: (convert2mp3.net Online Video Converter) - C:\Users\Niclas\Documents\convert2mp3_chrome_addon-2.4\convert2mp3_video_converter_2.4 [2015-05-24] CHR Profile: C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 2 CHR Extension: (Google Drive) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-04] CHR Extension: (YouTube) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-04] CHR Extension: (Adblock Plus) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-18] CHR Extension: (Google-Suche) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-04] CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-04] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-04] CHR Extension: (Click&Clean App) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-06-13] CHR Extension: (Google Mail) - C:\Users\Niclas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-04] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-08] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated) R4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.) S4 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [92800 2011-12-01] (ASUS) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-09] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-08-09] (AVAST Software) R4 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-09-16] (ELAN Microelectronics Corp.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-30] (Microsoft Corporation) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-30] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-30] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-09] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-09] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-08-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-09] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-13] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-09] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-09] (AVAST Software) S3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [595456 2015-07-30] (C-MEDIA) S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [52456 2014-11-13] (UB658) R1 epp64; C:\EEK\bin\epp64.sys [136456 2015-09-27] (Emsisoft GmbH) S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-06] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-08-19] (Intel Corporation) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-30] (Microsoft Corporation) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2015-05-19] (Anchorfree Inc.) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) U3 idsvc; kein ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-06 18:11 - 2015-10-06 18:12 - 00020899 _____ C:\Users\Niclas\Downloads\FRST.txt 2015-10-06 18:11 - 2015-10-06 18:11 - 00000000 ____D C:\FRST 2015-10-06 18:10 - 2015-10-06 18:11 - 02193920 _____ (Farbar) C:\Users\Niclas\Downloads\FRST64.exe 2015-10-06 17:57 - 2015-10-06 17:57 - 01125626 _____ C:\Users\Niclas\Downloads\ProcessExplorer_16.5.zip 2015-10-06 17:56 - 2015-10-06 17:56 - 01457952 _____ C:\Users\Niclas\Downloads\Process Explorer - CHIP-Installer.exe 2015-10-06 17:54 - 2015-10-06 17:54 - 00005195 _____ C:\Users\Niclas\Downloads\7318.DrainNGenQueue.wsf 2015-10-06 17:43 - 2015-10-06 17:43 - 00001637 _____ C:\Users\Niclas\Desktop\Malwarebytes.lnk 2015-10-06 17:36 - 2015-10-06 17:36 - 00016148 _____ C:\WINDOWS\system32\NICLAS_Niclas_HistoryPrediction.bin 2015-10-05 21:17 - 2015-10-05 21:17 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-10-05 21:17 - 2015-10-05 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-10-05 19:29 - 2015-10-05 19:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-10-05 19:16 - 2015-10-05 19:16 - 00001472 _____ C:\Users\Niclas\Desktop\Defraggler.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00002756 _____ C:\Users\Niclas\Desktop\Excel 2013.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00002750 _____ C:\Users\Niclas\Desktop\Word 2013.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00002704 _____ C:\Users\Niclas\Desktop\PowerPoint 2013.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00002642 _____ C:\Users\Niclas\Desktop\Skype.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00002259 _____ C:\Users\Niclas\Desktop\Google Chrome.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00002054 _____ C:\Users\Niclas\Desktop\Avast.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00001829 _____ C:\Users\Niclas\Desktop\iTunes.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00001761 _____ C:\Users\Niclas\Desktop\YaTQA.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00001277 _____ C:\Users\Niclas\Desktop\Horizon.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00001273 _____ C:\Users\Niclas\Desktop\Adobe Photoshop CC.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00001229 _____ C:\Users\Niclas\Desktop\Wise Registry Cleaner.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00001214 _____ C:\Users\Niclas\Desktop\Game Capture HD.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00001037 _____ C:\Users\Niclas\Desktop\Minecraft.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00001015 _____ C:\Users\Niclas\Desktop\TeamSpeak 3 Client.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00001009 _____ C:\Users\Niclas\Desktop\Audacity.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00001000 _____ C:\Users\Niclas\Desktop\Vegas Pro 13.0 (64-bit).lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00000965 _____ C:\Users\Niclas\Desktop\Steam.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00000824 _____ C:\Users\Niclas\Desktop\CCleaner.lnk 2015-10-05 12:44 - 2015-10-05 12:44 - 00000219 _____ C:\Users\Niclas\Desktop\CS - Global Offensive.url 2015-10-05 11:48 - 2015-10-05 11:48 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2015-10-05 11:48 - 2015-10-05 11:48 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2015-10-04 16:44 - 2014-05-25 02:36 - 00015360 _____ C:\WINDOWS\system32\SppExtComObjHook.dll 2015-10-04 16:44 - 2014-05-25 02:36 - 00004608 _____ C:\WINDOWS\system32\SppExtComObjPatcher.exe 2015-10-04 16:43 - 2015-10-04 16:43 - 00000456 _____ C:\WINDOWS\setupact.log 2015-10-04 16:43 - 2015-10-04 16:43 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-10-04 16:42 - 2015-10-04 16:45 - 00000000 ____D C:\Users\Niclas\AppData\Local\MSfree Inc 2015-10-04 16:38 - 2015-10-04 16:38 - 00000000 ____D C:\ProgramData\Microsoft Toolkit 2015-10-04 15:46 - 2015-10-04 15:46 - 00005310 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for NICLAS-Niclas Niclas 2015-10-04 15:32 - 2015-10-05 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-10-04 15:31 - 2015-10-04 15:31 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2015-10-04 15:30 - 2015-10-04 15:30 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2015-10-04 15:29 - 2015-10-04 15:30 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2015-10-04 15:29 - 2015-10-04 15:29 - 00000000 ____D C:\WINDOWS\PCHEALTH 2015-10-04 15:27 - 2015-10-05 20:06 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-10-04 15:27 - 2015-10-04 15:29 - 00000000 ____D C:\Program Files\Microsoft Office 2015-10-04 15:27 - 2015-10-04 15:27 - 00000000 ____D C:\Users\Niclas\AppData\Local\Microsoft Help 2015-10-04 15:27 - 2015-10-04 15:27 - 00000000 ____D C:\Program Files\Microsoft Analysis Services 2015-10-04 15:27 - 2015-10-04 15:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-10-04 15:27 - 2015-10-04 15:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2015-10-04 15:26 - 2015-10-04 15:26 - 00000000 __RHD C:\MSOCache 2015-10-04 14:45 - 2015-10-04 15:17 - 820998144 _____ C:\Users\Niclas\Downloads\OfficeProfessionalPlus_x64_de-de.img 2015-09-30 21:39 - 2015-09-30 21:39 - 00002186 _____ C:\WINDOWS\PFRO.log 2015-09-27 13:04 - 2015-10-06 17:39 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-09-27 13:03 - 2015-09-27 13:03 - 00221920 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-27 12:31 - 2015-09-27 12:52 - 00000000 ____D C:\EEK 2015-09-27 12:13 - 2015-09-27 12:19 - 00000000 ____D C:\ProgramData\SecTaskMan 2015-09-24 18:46 - 2015-09-24 18:46 - 00038190 _____ C:\Users\Niclas\Documents\BackUpTS3 2015-09-24 16:40 - 2015-09-24 18:51 - 00000000 ____D C:\Users\Niclas\AppData\Roaming\YaTQA 2015-09-24 16:40 - 2015-09-24 16:40 - 00001069 _____ C:\Users\Niclas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YaTQA.lnk 2015-09-24 16:40 - 2015-09-24 16:40 - 00000000 ____D C:\Program Files (x86)\YaTQA 2015-09-23 17:37 - 2015-09-23 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-09-23 17:36 - 2015-09-23 17:37 - 00000000 ____D C:\Program Files\iTunes 2015-09-23 17:36 - 2015-09-23 17:36 - 00000000 ____D C:\Program Files\iPod 2015-09-23 17:36 - 2015-09-23 17:36 - 00000000 ____D C:\Program Files (x86)\iTunes 2015-09-23 17:35 - 2015-09-23 17:35 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2015-09-23 17:34 - 2015-09-23 17:34 - 00000000 ____D C:\Program Files\Bonjour 2015-09-23 17:34 - 2015-09-23 17:34 - 00000000 ____D C:\Program Files (x86)\Bonjour 2015-09-23 14:39 - 2015-09-23 14:39 - 01560576 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrWia09b.dll 2015-09-23 14:39 - 2015-09-23 14:39 - 00050176 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrUsi09a.dll 2015-09-23 14:39 - 2015-09-23 14:39 - 00000425 _____ C:\WINDOWS\BRWMARK.INI 2015-09-23 14:39 - 2015-09-23 14:39 - 00000027 _____ C:\WINDOWS\BRPP2KA.INI 2015-09-20 21:07 - 2015-10-05 21:18 - 00000000 ____D C:\Users\Niclas\AppData\Roaming\Skype 2015-09-20 11:05 - 2015-09-20 11:15 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2015-09-19 12:56 - 2015-09-19 12:56 - 00000000 ____D C:\Users\Niclas\AppData\Roaming\Publish Providers 2015-09-13 10:22 - 2015-10-05 16:41 - 00000000 ____D C:\Users\Niclas\AppData\Roaming\.minecraft 2015-09-13 10:16 - 2015-09-16 15:39 - 00000000 ____D C:\Program Files (x86)\Minecraft 2015-09-13 10:16 - 2015-09-13 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-09-09 16:54 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-09-09 16:54 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-09-09 16:54 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-09-09 16:54 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-09-09 16:54 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-09-09 16:54 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-09-09 16:54 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-09-09 16:54 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-09-09 16:54 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-09-09 16:54 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-09-09 16:54 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-09-09 16:54 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-09 16:54 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-09-09 16:54 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-09-09 16:54 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-09-09 16:54 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-09-09 16:54 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-09-09 16:54 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-09-09 16:54 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll 2015-09-09 16:54 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2015-09-09 16:54 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-09-09 16:54 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-09-09 16:54 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-09-09 16:54 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-09-09 16:54 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-09-09 16:54 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-09-09 16:54 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-09-09 16:54 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-09-09 16:54 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2015-09-09 16:54 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2015-09-09 16:54 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-09-09 16:54 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-06 18:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-10-06 17:56 - 2015-08-10 21:40 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-06 17:56 - 2015-07-31 09:47 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D74B2A01-9B8B-403D-96CE-BA44A6ECD378} 2015-10-06 17:54 - 2015-06-08 15:23 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-10-06 17:38 - 2015-08-10 21:40 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-06 17:37 - 2015-06-03 22:08 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-10-05 21:18 - 2015-05-24 19:38 - 00000000 ____D C:\ProgramData\Skype 2015-10-05 20:58 - 2015-07-29 23:28 - 02077126 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-10-05 20:58 - 2015-07-10 18:34 - 00884928 _____ C:\WINDOWS\system32\perfh007.dat 2015-10-05 20:58 - 2015-07-10 18:34 - 00196026 _____ C:\WINDOWS\system32\perfc007.dat 2015-10-05 20:54 - 2015-05-25 15:09 - 00000000 ____D C:\Users\Niclas\AppData\Roaming\Audacity 2015-10-05 19:23 - 2015-05-27 14:18 - 00000000 ____D C:\Users\Niclas\AppData\Roaming\TS3Client 2015-10-05 15:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-10-05 12:14 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-10-05 11:36 - 2015-05-24 11:21 - 00000000 ____D C:\Users\Niclas\AppData\Local\Adobe 2015-10-04 16:38 - 2015-06-07 17:34 - 00000000 ____D C:\Users\Niclas\AppData\Local\CrashDumps 2015-10-04 15:27 - 2015-07-10 18:46 - 00000000 ____D C:\WINDOWS\ShellNew 2015-10-02 18:09 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-10-01 20:57 - 2015-08-21 22:53 - 00000434 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2015-10-01 20:56 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-10-01 20:55 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-10-01 20:54 - 2015-07-29 23:30 - 00000000 ____D C:\Users\Niclas 2015-10-01 13:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore 2015-09-27 15:00 - 2015-06-08 16:21 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2015-09-27 12:58 - 2015-08-12 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant 2015-09-27 12:57 - 2015-08-12 12:45 - 00000000 ____D C:\temp 2015-09-27 12:51 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-09-27 12:20 - 2015-05-24 11:21 - 00000000 ____D C:\Users\Niclas\Desktop\YouTube C 2015-09-27 11:01 - 2015-07-29 23:53 - 00000000 ____D C:\Users\Niclas\AppData\Local\Packages 2015-09-24 13:09 - 2015-09-04 16:04 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2015-09-23 17:36 - 2015-05-24 20:05 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-09-23 17:35 - 2015-05-24 20:06 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2015-09-20 21:56 - 2015-05-24 19:34 - 00000000 ____D C:\Program Files (x86)\Steam 2015-09-20 11:22 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries 2015-09-20 10:34 - 2015-07-30 07:34 - 00002401 _____ C:\Users\Niclas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-09-20 10:34 - 2015-07-30 07:34 - 00000000 ___RD C:\Users\Niclas\OneDrive 2015-09-17 13:31 - 2015-07-30 00:03 - 00000000 ____D C:\Program Files\Elantech 2015-09-16 21:53 - 2015-07-30 08:39 - 00000000 ___RD C:\Users\Niclas\3D Objects 2015-09-16 13:55 - 2015-07-30 00:03 - 00525000 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys 2015-09-16 13:55 - 2015-07-30 00:03 - 00056008 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll 2015-09-16 13:50 - 2015-08-10 21:40 - 00004190 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-09-16 13:50 - 2015-08-10 21:40 - 00003958 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-09-13 13:33 - 2015-05-24 11:21 - 00000000 ____D C:\Users\Niclas\Desktop\Photoshop 2015-09-13 10:11 - 2015-05-24 11:02 - 00000000 ____D C:\Users\Niclas\AppData\Local\VirtualStore 2015-09-10 15:34 - 2015-05-24 11:14 - 00000000 ____D C:\Users\Niclas\AppData\Local\Google 2015-09-09 17:45 - 2015-07-10 18:46 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-09 17:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-09-09 17:31 - 2015-06-11 16:03 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-09-09 15:31 - 2015-09-03 15:53 - 00000000 ____D C:\WINDOWS\Minidump 2015-09-08 15:03 - 2015-08-11 08:16 - 00000000 ___RD C:\Users\Niclas\Creative Cloud Files 2015-09-08 15:03 - 2015-06-26 18:42 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-09-06 11:56 - 2015-05-24 11:13 - 00000000 ____D C:\Users\Niclas\AppData\Roaming\Adobe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-06-19 12:44 - 2015-08-04 23:29 - 0000132 _____ () C:\Users\Niclas\AppData\Roaming\Adobe PNG Format CS6 Prefs 2015-08-12 12:55 - 2015-08-12 12:55 - 0000054 _____ () C:\Users\Niclas\AppData\Roaming\updater.cfg 2015-05-25 20:34 - 2015-08-09 16:29 - 0001456 _____ () C:\Users\Niclas\AppData\Local\Adobe Save for Web 13.0 Prefs 2015-08-07 09:21 - 2015-08-07 09:21 - 0007597 _____ () C:\Users\Niclas\AppData\Local\Resmon.ResmonCfg 2011-10-19 06:26 - 2010-10-06 18:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe 2015-05-24 19:38 - 2015-05-24 19:38 - 0000949 _____ () C:\ProgramData\Turn Off Monitor.ini 2015-05-24 21:47 - 2015-05-24 21:47 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2015-05-24 21:46 - 2015-05-24 21:47 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2015-05-24 21:45 - 2015-05-24 21:46 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log Einige Dateien in TEMP: ==================== C:\Users\Niclas\AppData\Local\Temp\ose00000.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-10-04 15:39 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von Niclas (2015-10-06 18:13:13)
Gestartet von C:\Users\Niclas\Downloads
Windows 10 Home (X64) (2015-07-29 21:53:39)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3861039383-3584637288-95791406-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3861039383-3584637288-95791406-503 - Limited - Disabled)
Gast (S-1-5-21-3861039383-3584637288-95791406-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3861039383-3584637288-95791406-1002 - Limited - Enabled)
Niclas (S-1-5-21-3861039383-3584637288-95791406-1000 - Administrator - Enabled) => C:\Users\Niclas
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.2.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.19 - ASUS)
ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.24 - asus)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0056 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0014 - ASUS)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Premier (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
ELAN Touchpad 11.15.0.16_X64 (HKLM\...\Elantech) (Version: 11.15.0.16 - ELAN Microelectronic Corp.)
Elgato Game Capture HD (HKLM-x32\...\{D0DDCAA5-08E5-49B5-B026-2E4CF6384A83}) (Version: 2.11.42.961 - Elgato Systems GmbH)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version: - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Capture HD v2.3.3.38 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.38 - Elgato Systems)
Game Capture HD60 v2.1.1.3 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.3 - Elgato Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Horizon v2.7.9.0 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.9.0 - Daring Development Inc.)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.8 - ASUS)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2559 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.1.0 - Red Giant Software) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.3 - ASUS)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.25 - ASUS)
Wise Registry Cleaner 8.67 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.67 - WiseCleaner.com, Inc.)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3861039383-3584637288-95791406-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-2F461DE2D0B5}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3861039383-3584637288-95791406-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Wiederherstellungspunkte =========================
01-10-2015 13:26:18 Geplanter Prüfpunkt
04-10-2015 15:25:26 Installed Microsoft Office Professional Plus 2013
04-10-2015 15:26:15 PROPLUSR
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-07-23 20:02 - 00000002 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01C995FF-D178-4E7B-AC4A-9E950006A207} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0837D897-84CB-4E30-A8DD-807937A81DFC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {0C1E6194-D9C8-47BD-99CC-6ADBEA435137} - System32\Tasks\Microsoft Office 15 Sync Maintenance for NICLAS-Niclas Niclas => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-08-12] (Microsoft Corporation)
Task: {0F1FC558-90E6-41AA-8D37-4FBE69053762} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {148318FC-5974-4508-A415-B3AFD16E5DDB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {24C56E85-965B-4A43-9AA0-04D45437C1A5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {26242125-CE27-4B9C-A515-A63B664A2786} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-10] (Google Inc.)
Task: {29308477-8F7E-4D4F-92D5-F1534E61B6F5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {2C88BAC6-03D2-4D13-AE90-899A6886B843} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {30EBEF6E-F778-4403-8CDF-79D8BE6F0FB1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {3C9616B2-742C-4820-AFAE-F3D2459E9677} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3D966D87-5FE5-4FBC-8E90-DB0F48E454DB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {3E3E65EA-6693-4ACC-947D-206853F50D65} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {42145BE5-4059-431F-919A-1A381C5966DE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {42A84231-A8B3-498A-A655-81F834F62F1F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-09] (AVAST Software)
Task: {439B8B0A-8838-46C7-BB38-F6F8CAC2D7EB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {493D0781-579D-424A-8E47-14B062E0BCAE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4B623A66-5696-42F0-917B-690C6526240F} - System32\Tasks\AdobeAAMUpdater-1.0-Computer-Niclas => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-22] (Adobe Systems Incorporated)
Task: {579BBC5C-2158-4DA8-B36C-9B2484491CF3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {655CF3B4-5D23-4BAA-A211-D45F4E317AB8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {684FA1D9-0175-4709-8F0A-8DAD20BE7623} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-25] (Adobe Systems Incorporated)
Task: {6F59F320-2E95-42FC-A706-08D7E021C112} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6FECF9BE-AED8-4627-80ED-91FF5361960F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {725A337C-3825-4EA3-B85F-FC84FF688DA8} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3861039383-3584637288-95791406-1000
Task: {773492A6-4F08-4DAF-9C1B-778BC17ACAED} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {78588675-6CF3-4E50-B5B1-1EC34EAA2F6B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {7AFA896A-BFF3-45A6-B757-162415B7101E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {7DDF9673-8D0B-4652-B795-1BEAD1206B65} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {7FCAB1A0-3238-40BE-A8F0-67ADB8123A43} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {85439A31-0567-4339-92C8-930F811A246D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-10] (Google Inc.)
Task: {9089856D-3446-4133-B6C7-B04FC68FFBB2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {AA921623-B84A-4EC8-A6DA-5D46323FC6D9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {B33F8CFC-88A5-4EA0-BF2B-8AFA35615F0A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {B99C47FB-0FB3-4587-8647-382239BA63C1} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {C778374C-94FE-41B0-B705-5FC952201AC0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {C81CA3BC-E3AD-4732-9B1B-9BC2B52206C9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {C82DEB23-7090-4BE9-92E1-088858AF8E38} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {CE899783-06A2-4664-AC7F-33330AA4E53E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-08-17] (Realtek Semiconductor)
Task: {CF3734F6-42B2-4810-9738-168B9B833B95} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {DD548504-31EE-43FF-A573-1E9BCB56DC76} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {E959E007-A71C-4952-8EA8-22DE146D6227} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {EBB119A5-0CD6-4949-83F6-F771AB70F833} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-08-17] (Realtek Semiconductor)
Task: {EC8CFD44-A308-4CA6-9894-3F49032F7CB2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {F0496437-71B1-4E96-9E9C-3BC2F52CDE46} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FACB8164-0888-403B-B4E6-7F59329EA90F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {FBC8485F-A585-489F-8E2C-C65FEABC1BEF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FBD41273-15C2-4989-B5E0-24BE608F1D5A} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-08-17] (Realtek Semiconductor)
Task: {FBE58694-944C-40C4-865D-A4CB230B9C38} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-22] (ASUS)
Task: {FFEE4F98-789F-4BC5-9EBF-91D4AC658C46} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-30 00:16 - 2015-07-30 00:16 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 21:12 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-15 14:25 - 2015-09-15 14:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-23 16:06 - 2014-01-23 16:06 - 00586920 _____ () C:\Program Files\Microsoft Office\Office15\MSODCW.DLL
2015-08-30 10:49 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-30 10:49 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-22 01:02 - 2015-07-22 01:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-11 21:15 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-19 21:12 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-11 21:15 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-09 12:11 - 2015-08-09 12:11 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-09 12:11 - 2015-08-09 12:11 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-10-01 18:53 - 2015-10-01 18:53 - 02966528 _____ () C:\Program Files\AVAST Software\Avast\defs\15100102\algo.dll
2015-10-04 11:02 - 2015-10-04 11:02 - 02966528 _____ () C:\Program Files\AVAST Software\Avast\defs\15100400\algo.dll
2015-10-06 17:55 - 2015-10-06 17:55 - 02967040 _____ () C:\Program Files\AVAST Software\Avast\defs\15100600\algo.dll
2015-06-08 16:20 - 2015-06-08 16:20 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-09-26 19:56 - 2015-09-24 04:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
2015-09-26 19:56 - 2015-09-24 04:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ASUS.DAT:Win32App
AlternateDataStreams: C:\Program Files\Adobe:Win32App
AlternateDataStreams: C:\Program Files\CCleaner:Win32App
AlternateDataStreams: C:\Program Files\Magic Bullet Looks Vegas:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App
AlternateDataStreams: C:\Program Files\WinRAR:Win32App
AlternateDataStreams: C:\Program Files (x86)\AmIcoSingLun:Win32App
AlternateDataStreams: C:\Program Files (x86)\ASM104xUSB3:Win32App
AlternateDataStreams: C:\Program Files (x86)\Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\Ffmpeg For Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\Lame For Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\ Malwarebytes Anti-Malware :Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App
AlternateDataStreams: C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation:Win32App
AlternateDataStreams: C:\Program Files (x86)\QuickTime:Win32App
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App
AlternateDataStreams: C:\Users\Niclas\MediaFire:mf_x
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3861039383-3584637288-95791406-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Niclas\Desktop\YouTube C\Kanalbilder\Banner.png
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AFBAgent => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: ASLDRService => 2
MSCONFIG\Services: ASUS InstantOn => 2
MSCONFIG\Services: ATKGFNEXSrv => 2
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: ETDService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: Auto LogOff => C:\Program Files (x86)\Turn Off Monitor\AutoLogOff.exe :silent
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SonicMasterTray => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Turn Off Monitor => C:\Program Files (x86)\Turn Off Monitor\TurnOffMon.exe :silent
MSCONFIG\startupreg: Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3861039383-3584637288-95791406-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3861039383-3584637288-95791406-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [TCP Query User{6BD2A2C1-E82B-4D6A-B3FF-BD5BC365DC8C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{88C9670D-FE56-4907-B945-8E7BC723FF1E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8BC101B9-5BA0-4921-A07A-FB2B988A5C93}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{65E13707-7141-4F2A-94DE-2B08CF12AEB2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B5802E3A-AC2E-413D-ACF9-DA8ED09C8C1F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE22BE31-BF3D-42A5-A537-1908E19EDAFF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{7F336640-EFCD-4B9A-98ED-3B1754313A8A}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [UDP Query User{024650BC-6F9F-427B-98FD-19B0D0EB9023}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [TCP Query User{59ED0D9E-96C5-4DAA-B14A-77C3CFF4A08B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{7822D439-D56A-48E8-B81E-607897106498}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{532755D3-7BE4-4C39-97A6-D0F4653EB8B3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{531D80A9-5CC6-40E5-84E3-17EF6594173B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{9A65C9CE-C9EE-4A48-BB46-4A869A96A39E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5ACB8C3A-E572-431C-9DFB-2E16066BF203}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{2E85F1C9-0271-4E45-9A2F-49E61A97B9ED}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7A453FF4-C2A0-4DDC-A1C8-DB5C7A33FD73}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CF680350-EB16-4158-8348-C873485FA9B6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{ACA238B9-BAA6-4152-AF0E-6FD90415708D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/06/2015 05:44:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 10.0.10240.16431 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1160
Startzeit: 01d1004cd61cc9c1
Beendigungszeit: 0
Anwendungspfad: C:\Windows\explorer.exe
Berichts-ID: 01bca9c3-6c41-11e5-9bfc-c86000496b74
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (10/06/2015 05:40:57 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4948) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (10/06/2015 05:40:57 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4948) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (10/06/2015 05:40:46 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4948) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (10/06/2015 05:40:46 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4948) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (10/06/2015 05:40:32 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4948) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (10/06/2015 05:40:32 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4948) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (10/06/2015 05:40:22 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4948) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (10/06/2015 05:40:17 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4948) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (10/06/2015 05:40:06 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4948) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Systemfehler:
=============
Error: (10/05/2015 09:57:31 PM) (Source: DCOM) (EventID: 10010) (User: NICLAS)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (10/05/2015 09:57:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/05/2015 09:57:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/05/2015 09:57:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/05/2015 09:57:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/05/2015 09:57:28 PM) (Source: DCOM) (EventID: 10010) (User: NICLAS)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Error: (10/05/2015 09:41:59 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Xbox Live Authentifizierungs-Manager" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%0
Error: (10/05/2015 09:29:50 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Xbox Live Authentifizierungs-Manager" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%0
Error: (10/05/2015 08:51:52 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Xbox Live Authentifizierungs-Manager" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%0
Error: (10/05/2015 07:38:05 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Installer" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
CodeIntegrity:
===================================
Date: 2015-10-05 20:21:47.057
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-10-05 20:21:46.990
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.
Date: 2015-10-05 20:21:46.879
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.
Date: 2015-10-05 20:21:46.537
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-10-05 20:21:46.239
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.
Date: 2015-10-05 20:21:46.121
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.
Date: 2015-10-05 20:21:43.643
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-10-05 20:21:42.019
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-10-05 20:11:12.123
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.
Date: 2015-10-05 20:11:11.973
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Pentium(R) CPU B940 @ 2.00GHz
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 4000.12 MB
Verfügbarer physikalischer RAM: 1683.15 MB
Summe virtueller Speicher: 8096.12 MB
Verfügbarer virtueller Speicher: 5346.43 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:125.03 GB) (Free:49.59 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Dateien) (Fixed) (Total:148.06 GB) (Free:146.88 GB) NTFS
Drive f: (15.0.4420.1017) (CDROM) (Total:0.76 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E3102A4B)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=125 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
 für die Hilfe!PS: Mein Laptop hat sogar beim Einfügen dieser Texte gelaggt.
__________________ an alle hilfreichen Antworten!Systeminfos: Windows 10 Home 64-bit (von Windows 7 geupgraded) Antivirenprogramm: Avast (Premier) Antimalwareprogramm: MBAM (Premium) |
|
07.10.2015, 15:06
| #2 |
| /// Selecta Jahrusso   |  CPU-Auslastung permanent über 55%, auch wenn ich nichts tue Anleitung / Hilfe Hy.
__________________Bevor ich irgendwas mache: Sind da irgendwelche Cracks auf dem System ? Deinstalliere einmal die alten Java Versionen. Wenn Chrome nicht läuft, tritt das Problem immer noch auf ? Avast einmal Testweise deaktivieren.
__________________ |
|
07.10.2015, 15:57
| #3 |
| | CPU-Auslastung permanent über 55%, auch wenn ich nichts tue Details Zu den Cracks: Nein, keine (bewusst) installiert. Kenne mich in der Hinsicht auch nicht sonderlich aus. Von einigen Sachen habe ich aber die Testversion.
__________________Während ich die alten Java Updates deinstalliert habe, sind mir (aber auch schon länger) andere Windows Dateien von Microsoft Visual C++ (was auch immer das ist), Windows Live Mesh und dann komische Zeichen und auch irgendwelche Programme mit russischen und chinesischen Schriftzeichen, frag mich aber nicht wo die her kommen... Ja, das Problem tritt (zwar nicht so stark) auch auf, wenn Chrome nicht läuft. Danke mal zuerst für deine Antwort. Was mir zusätzlich noch auffällt, ich habe oft einfach so ein richtig hohen Paketverlust, dann bleibt er und geht einfach wieder. Aber auch dabei habe ich nicht sonderbar viel Ahnung...
__________________ |
|
07.10.2015, 18:01
| #4 |
| /// Selecta Jahrusso | Lösung: CPU-Auslastung permanent über 55%, auch wenn ich nichts tue Okay, dann graben wir mal etwas Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier. Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
07.10.2015, 18:28
| #5 |
| | Wie CPU-Auslastung permanent über 55%, auch wenn ich nichts tue Nummer 1: Code:
ATTFilter Farbar Service Scanner Version: 26-07-2015
Ran by Niclas (administrator) on 07-10-2015 at 19:21:07
Running from "C:\Users\Niclas\Downloads"
Microsoft Windows 10 Home (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Policy:
========================
Action Center:
============
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
Code:
ATTFilter 19:23:54.0852 0x1724 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
19:24:00.0879 0x1724 ============================================================
19:24:00.0879 0x1724 Current date / time: 2015/10/07 19:24:00.0879
19:24:00.0879 0x1724 SystemInfo:
19:24:00.0879 0x1724
19:24:00.0879 0x1724 OS Version: 10.0.10240 ServicePack: 0.0
19:24:00.0879 0x1724 Product type: Workstation
19:24:00.0879 0x1724 ComputerName: MeinName
19:24:00.0879 0x1724 UserName: MeinName
19:24:00.0879 0x1724 Windows directory: C:\WINDOWS
19:24:00.0879 0x1724 System windows directory: C:\WINDOWS
19:24:00.0879 0x1724 Running under WOW64
19:24:00.0879 0x1724 Processor architecture: Intel x64
19:24:00.0879 0x1724 Number of processors: 2
19:24:00.0879 0x1724 Page size: 0x1000
19:24:00.0879 0x1724 Boot type: Normal boot
19:24:00.0879 0x1724 ============================================================
19:24:01.0363 0x1724 KLMD registered as C:\WINDOWS\system32\drivers\28955279.sys
19:24:02.0019 0x1724 System UUID: {69FF62BA-24D7-FD3B-E5ED-9BECFC19F07A}
19:24:03.0238 0x1724 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:24:03.0254 0x1724 Drive \Device\Harddisk1\DR1 - Size: 0xF0E00000 ( 3.76 Gb ), SectorSize: 0x200, Cylinders: 0x1EB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:24:03.0254 0x1724 ============================================================
19:24:03.0254 0x1724 \Device\Harddisk0\DR0:
19:24:03.0254 0x1724 MBR partitions:
19:24:03.0254 0x1724 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0xFA0E000
19:24:03.0254 0x1724 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12C0E800, BlocksNum 0x1281F800
19:24:03.0254 0x1724 \Device\Harddisk1\DR1:
19:24:03.0254 0x1724 MBR partitions:
19:24:03.0254 0x1724 ============================================================
19:24:03.0285 0x1724 C: <-> \Device\Harddisk0\DR0\Partition1
19:24:03.0316 0x1724 D: <-> \Device\Harddisk0\DR0\Partition2
19:24:03.0316 0x1724 ============================================================
19:24:03.0316 0x1724 Initialize success
19:24:03.0316 0x1724 ============================================================
19:24:43.0788 0x20a8 ============================================================
19:24:43.0788 0x20a8 Scan started
19:24:43.0788 0x20a8 Mode: Manual; SigCheck; TDLFS;
19:24:43.0788 0x20a8 ============================================================
19:24:43.0788 0x20a8 KSN ping started
19:24:46.0413 0x20a8 KSN ping finished: true
19:24:50.0922 0x20a8 ================ Scan system memory ========================
19:24:50.0922 0x20a8 System memory - ok
19:24:50.0926 0x20a8 ================ Scan services =============================
19:24:51.0180 0x20a8 [ 22CE801AD25C51E2553F41A076BB0CB2, 0520216417F1619FB642734EC937C59D5E79A24306C1E9B793C82FAE077851E6 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
19:24:51.0482 0x20a8 1394ohci - ok
19:24:51.0529 0x20a8 [ 2C49A2441EBB24C6ACFB524C1459115F, 0ABACB6F21C41C0297994E61F1BFABB3905AF6B569D0446FE8E174EB9225B8EF ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
19:24:51.0560 0x20a8 3ware - ok
19:24:51.0631 0x20a8 [ B87D3D07FE6F15328C6860D542F0E2BD, 46CF069EDD7DBFB4DB800BABA3081DAB363DD2CFD724AFF5916D3419F62A3574 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
19:24:51.0683 0x20a8 ACPI - ok
19:24:51.0716 0x20a8 [ 1E3C4EDBB7F3F668B7205E351010BB79, A3CA12F72836C4F77B671264828B370B9EBA9CD71110E2C0514994760B6B12FF ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
19:24:51.0752 0x20a8 acpiex - ok
19:24:51.0772 0x20a8 [ 13B1C26AEDCB40082CDD97506F968129, 883442206B4C60AA493E84CC3037B6C1568441E1F43D2B1FCBFD8D87D135D511 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
19:24:51.0822 0x20a8 acpipagr - ok
19:24:51.0844 0x20a8 [ B3D64FF927D611721DA73A61BF3A18B3, 96B51AFDC3078B5088AAF66F0CF3E07D2FCBBC84A19D309A25DF0A5C6CECB958 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
19:24:51.0938 0x20a8 AcpiPmi - ok
19:24:51.0969 0x20a8 [ 19F793B2203D94AC1F8AEDB08B494E2E, DC98CCF9935E1F1C32FA88575A9A678B74916EFF48E39A64CF1FF92232F64A52 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
19:24:52.0016 0x20a8 acpitime - ok
19:24:52.0120 0x20a8 [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:24:52.0152 0x20a8 AdobeFlashPlayerUpdateSvc - ok
19:24:52.0349 0x20a8 [ 0D19026AB5812D3A7B9DBB386F8334D8, 3FF22476D621ECFC2C80EF63D1A90C45F672CE299DC92A874E049779EF96AB4A ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
19:24:52.0411 0x20a8 AdobeUpdateService - ok
19:24:52.0470 0x20a8 [ 2A24E10C1A1DE0E0035E353EED494A1C, CBBFA86578BE74CAADDCA923D65E3BFFC57BC17B887936ADE5C6952530546A22 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:24:52.0592 0x20a8 ADP80XX - ok
19:24:52.0652 0x20a8 [ 69FD46FAC0D9C4A8ECD522AC6A7481F5, 048FA3F77423D43346A35F142DBD0ACEC190F5E68F79960856C325B3CA7DD6C9 ] AFBAgent C:\Windows\system32\FBAgent.exe
19:24:52.0752 0x20a8 AFBAgent - ok
19:24:52.0788 0x20a8 [ 6C12C7E01A4F64E0AA9C88AF66955CC9, 81A413702909341F8694823EC83FBA0089523D7EC927B80E55E0779BB83AD263 ] AFD C:\WINDOWS\system32\drivers\afd.sys
19:24:52.0840 0x20a8 AFD - ok
19:24:52.0860 0x20a8 [ EF09D07626820F7F89519514C17FE768, C3EC1DC163CD5946270ED876CD414889BBF2C586A8AF5DC7825FA5D77001E827 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
19:24:52.0892 0x20a8 agp440 - ok
19:24:52.0934 0x20a8 AGSService - ok
19:24:52.0970 0x20a8 [ 8A289EF0721F95267BF2404BABEE146D, E263D258F03DF3BB405D49AE7230C37E7EB8F392FDEE48059C7C1E3709520D35 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:24:53.0074 0x20a8 ahcache - ok
19:24:53.0094 0x20a8 [ C301499987AF909258774AE9DC5778BB, 3ED539C999847116AE9DB9C8C5A34AB09703BAE3018E1EAF6DBC779BB6736F32 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
19:24:53.0192 0x20a8 AJRouter - ok
19:24:53.0228 0x20a8 [ DD69535D379F9E40AD0D6002887AAA99, 579DD18CE2B264B4058C6069B8AEE6FD9FE6A882B7DA19E300DFE40B37A4E5BE ] ALG C:\WINDOWS\System32\alg.exe
19:24:53.0308 0x20a8 ALG - ok
19:24:53.0328 0x20a8 [ 6763084E8322A4876D1613854640F914, 89EEEB47517A9964FA799821E5E45BDD6009EBDC628D6DADE6A7F03DE7CDA6CD ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
19:24:53.0409 0x20a8 AmdK8 - ok
19:24:53.0445 0x20a8 [ DE29D8AB57AD67D4940CAB4A48B3E230, 4E92AFCD9107573DAB8E65AC6318E4B8851DCCBE17E135DFF8CF5733210B52E6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
19:24:53.0493 0x20a8 AmdPPM - ok
19:24:53.0493 0x20a8 [ 4C1F9BBAF5CCD76D4642F3B92B97B454, 514CCAA8B586B1019658BE101046386EB727AD48D7913AEF9A168763E91F0DE5 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
19:24:53.0524 0x20a8 amdsata - ok
19:24:53.0562 0x20a8 [ F8195C1A15955180DD663E7FF4C2F6DD, F3C0C6B38FB9478217EE25EBDBDF7A18F01B97655BC38373E70E71171705D5E9 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
19:24:53.0602 0x20a8 amdsbs - ok
19:24:53.0624 0x20a8 [ DD2F5BBCFAC4D8E48DB1A95A7EEBFF08, 619E3106072C6F785144D785C4AFB4C607CAF7ED29AAA4A1411BE262E62B7ADE ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
19:24:53.0652 0x20a8 amdxata - ok
19:24:53.0697 0x20a8 [ E4AFE476D9F758514A8A571DF6A24372, A37055A2CDB577CC8B76D4B020924A6C68D94166C1C9A64F7C0E9E16692709FC ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
19:24:53.0819 0x20a8 AppHostSvc - ok
19:24:53.0834 0x20a8 [ 46AAF119090573A80D603745582229ED, 8D7C4AED66DD32A104965DC23D17C0815CD1BE2E3D52375C1A63863664EE174F ] AppID C:\WINDOWS\system32\drivers\appid.sys
19:24:53.0866 0x20a8 AppID - ok
19:24:53.0897 0x20a8 [ 24315B385F515D6D5476757EAFD62633, CE645397BF43CC54B864A0E4FCB86F76C10B9C2D2482E85DBBE15EF7BF045F17 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
19:24:53.0975 0x20a8 AppIDSvc - ok
19:24:53.0991 0x20a8 [ 2CE396457D5C18F034D243EC7E159010, DDF588A568DF5EAE058DF315535BD746760363E2242EF8C705F8DCBA2D5DA4A7 ] Appinfo C:\WINDOWS\System32\appinfo.dll
19:24:54.0053 0x20a8 Appinfo - ok
19:24:54.0147 0x20a8 [ 3E7C6639E424FD28952C29D66B7E5277, B10AD3FA5CB36328C5DF33AF58F76770E2B54CFBCB70BD84934F925B8E19FA1F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:24:54.0178 0x20a8 Apple Mobile Device Service - ok
19:24:54.0225 0x20a8 [ A8AC0B8ED134888731D1A1BCEF930FA1, 917D2C99CB28C5F20BA386148B6A93541AEF900A9A99D310D732B501322945E5 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
19:24:54.0381 0x20a8 AppReadiness - ok
19:24:54.0503 0x20a8 [ 444016D88142B82366EC516C3CF714E0, A98C85BBAC9C3D99B70EA17BF9E26D07FCA790B1BC55DE09C381B6529456BDC7 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
19:24:54.0735 0x20a8 AppXSvc - ok
19:24:54.0777 0x20a8 [ 0756EECAC010BE449D07502DF27E7701, 6A895CA80050D021DB5E130102F626027339A22673B7C15C51A375C0401F03D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
19:24:54.0796 0x20a8 arcsas - ok
19:24:54.0889 0x20a8 [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
19:24:54.0905 0x20a8 ASLDRService - ok
19:24:54.0936 0x20a8 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
19:24:54.0952 0x20a8 ASMMAP64 - ok
19:24:55.0068 0x20a8 [ BD63768F58666341BE007DAA21B3A063, 1D6112E97042E19E4D916AA22F8AEB7FCC2F36CA45F55049D77042DAF3B8847C ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:24:55.0095 0x20a8 aspnet_state - ok
19:24:55.0142 0x20a8 [ 8165C8825C726A7D5EFDF863A2D1C28F, 20168F9B21AA3BB33F8B76802A03D805C245E0B3EA92C4F2255B73345621E5B7 ] ASUS InstantOn C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
19:24:55.0176 0x20a8 ASUS InstantOn - ok
19:24:55.0196 0x20a8 [ 525F5989C095F5757414E1F4B39175B2, 0CA28553AE4BF07C3952A6E2355FAB2B0CB862CFD88DEFD7232FD48ABA99CFCB ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
19:24:55.0228 0x20a8 aswHwid - ok
19:24:55.0249 0x20a8 [ BAAE273BC5F03796D3201E2C91FAF3E0, 83BECDA4D973392D25BFA706E277A67C9E8896ECF14B430B96FFD299D9AA42B8 ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
19:24:55.0277 0x20a8 aswKbd - ok
19:24:55.0306 0x20a8 [ 76D585093398DB973470BB83FCF0CE52, F7135232E7F50270A253C9F04574F22B827A42B2BE42DE6E391CE3A56B2EA51F ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
19:24:55.0334 0x20a8 aswMonFlt - ok
19:24:55.0380 0x20a8 [ 6EBBD0E2CF55056DA75B539F6BA8F70E, 26CCDDD1E968196C14408F395FB6F1C10B5E56B70A61BF91D104F1140A63D1D9 ] aswNdisFlt C:\WINDOWS\system32\DRIVERS\aswNdisFlt.sys
19:24:55.0424 0x20a8 aswNdisFlt - ok
19:24:55.0456 0x20a8 [ 719FF5568B5E71832541636E2A7DFE27, C49ADB31B5DE6FCFB252290D5B831A90E555F86058500538BBD288B10CDCC46F ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
19:24:55.0485 0x20a8 aswRdr - ok
19:24:55.0497 0x20a8 [ 21C13E3C9B801C8AE172FABBD235221E, 0AE02CB0F4A87C6065159B68545DD536C4E98C8C23E954ED3392A7CE5F28868C ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
19:24:55.0510 0x20a8 aswRvrt - ok
19:24:55.0610 0x20a8 [ E0F47617EB31CD205BF68B55CE88862D, EE3ED93E51E310E1D713F8692CF2A61147C0EFCFA465969C04B85DA2E271F3E6 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
19:24:55.0663 0x20a8 aswSnx - ok
19:24:55.0694 0x20a8 [ C43A0929DE32035499D6BB39A7F44439, 6269380D25D6BFFB7C234758114B700A75BD55D654B6D93ED44D50660A86FCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
19:24:55.0725 0x20a8 aswSP - ok
19:24:55.0772 0x20a8 [ 763C27EA21875F54615A0174EEC78FC4, 4EE48D475B183DD2066781137F46A4BEE2E510B3A085B9B1385F8C0043A5BE08 ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
19:24:55.0807 0x20a8 aswStm - ok
19:24:55.0835 0x20a8 [ C85B35201A253B99199C0A9F5B98FC18, 18FF49D52035C79AD70A96FBD4663C41A58830D432DD4B9EDA6E7FCDFD12C18F ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
19:24:55.0866 0x20a8 aswVmm - ok
19:24:55.0882 0x20a8 [ A5792F971EFE86B7F56EE7299ED1082B, 82DCD15E2C9D8A3EA663941C9CE73020FEEF2F91354D0BB51E8A142AA1E30217 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
19:24:55.0929 0x20a8 AsyncMac - ok
19:24:55.0960 0x20a8 [ 8921DF6060DB5C7700AA48CB12E9EA08, 8F18841B454CDE4926C50B23F818D00ECE0AE884DB198E396445CB44CB39B2C4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
19:24:55.0991 0x20a8 atapi - ok
19:24:56.0121 0x20a8 [ A5E770426D18F8EF332A593F3289DA91, 87AC97758618765814B630CB1A189CD690DC6B0EAAE93D80EDE7771FB362C9AF ] athr C:\WINDOWS\System32\drivers\athrx.sys
19:24:56.0479 0x20a8 athr - ok
19:24:56.0490 0x20a8 [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
19:24:56.0522 0x20a8 ATKGFNEXSrv - ok
19:24:56.0568 0x20a8 [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
19:24:56.0584 0x20a8 ATKWMIACPIIO - ok
19:24:56.0662 0x20a8 [ 240FF83DD79546B26F187FAB20F83864, C4DC0159016B4A4630357131E614814C068D07BEA94AAF6393E882A78C9FCA1E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:24:56.0863 0x20a8 AudioEndpointBuilder - ok
19:24:56.0941 0x20a8 [ 7614E6E6B53E8FE6E6B8A6D6D3CC2018, DF3445145E38BB22E08F11638DA6C37C9EDC1109207569F7921CDD525238CA39 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
19:24:57.0082 0x20a8 Audiosrv - ok
19:24:57.0144 0x20a8 [ 4956380A54B1C9E6BFDF3D80DACB9698, 0B0F9807EEF0F3BFE4F862876633D241DBA8F72A1373445976FF388678C4734C ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:24:57.0175 0x20a8 avast! Antivirus - ok
19:24:57.0207 0x20a8 [ AF09E0E7239052DDE959F2662C42D94A, 6E4EC06AAACD15502909CB1021362ED686589EEDB490CD7B9DF15C6001ECB2F0 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
19:24:57.0238 0x20a8 avast! Firewall - ok
19:24:57.0269 0x20a8 [ 2F7F80543129210CA75995D0DCA488E8, 353E598FF26FA363C02A2B44BA8D7D1ED97B8AC8C69F1B5C5D521BD0D5D5AB94 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
19:24:57.0332 0x20a8 AxInstSV - ok
19:24:57.0378 0x20a8 [ 00D64E82900E4EC9062805ED87C2D75A, 577110F9A7C6C2C4CF86FFF4F60E23F61623ED325FC950033900A5102754A677 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
19:24:57.0434 0x20a8 b06bdrv - ok
19:24:57.0463 0x20a8 [ 5164A66EC1565711A7B4CF2F143B4979, DA29F0FB63F3EB2BF92D51FEB4BB7D2B964553D2F634556325953927464CB3A5 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:24:57.0593 0x20a8 BasicDisplay - ok
19:24:57.0613 0x20a8 [ F4C58BBF2972BD84C73F6A14CA35AC4E, B7A226EB861B63ACF4BF9B5A331ACA6FFC9B787DCCAA7697EEFC4F634508A6D5 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
19:24:57.0668 0x20a8 BasicRender - ok
19:24:57.0708 0x20a8 [ 25349D0B334E528667980948ED107D89, 70EF9D3B8DCAC6E9720C6F3EBC77392FADC182A6925F9024FE30A21321E0137F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
19:24:57.0732 0x20a8 bcmfn2 - ok
19:24:57.0772 0x20a8 [ DF78B56EEE6004DEE8CE57763128075E, 5758CAF4B0182F3F2E2508B3BB58B0271F2689808D09675B2753FE373D1D77D2 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
19:24:57.0884 0x20a8 BDESVC - ok
19:24:57.0912 0x20a8 [ 1E8A9267F8886803AAE02982FC1B5BC4, 655DF84E037BD6E582A6BA89737A4388956219171AF7253D126E54A23F16BE59 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:24:57.0990 0x20a8 Beep - ok
19:24:58.0053 0x20a8 [ 7FAFFFC4C59F5010D6E7CEA152076B92, 945FD6C04E109D4E5A4164BAA9A8120EC85AB809555AAD83E61B9F179F976FD7 ] BFE C:\WINDOWS\System32\bfe.dll
19:24:58.0131 0x20a8 BFE - ok
19:24:58.0213 0x20a8 [ BD60F5633F6BD617D9ECCA3FFDC0D37E, 2F0DECAEB7096CD628387263381E123C883F483BD87F7F2BA6DEFBB5A184BAA3 ] BITS C:\WINDOWS\System32\qmgr.dll
19:24:58.0370 0x20a8 BITS - ok
19:24:58.0416 0x20a8 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:24:58.0448 0x20a8 Bonjour Service - ok
19:24:58.0479 0x20a8 [ C9FD65687EF89715999C582D3E568812, 42BA59A78A47C510CB2AFDC6C6080B33F9F611F84FEE5262DFF16D7633C50EB1 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
19:24:58.0557 0x20a8 bowser - ok
19:24:58.0604 0x20a8 [ 3A4A543F135DE9A06ABA9DF982D79DD7, ABA165435C27BE15D7EBD3E7D023E295CB7AE2A099DF9E253C78EC45EADD75EA ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:24:58.0745 0x20a8 BrokerInfrastructure - ok
19:24:58.0776 0x20a8 [ 2AAD720B32904B97EDD8C3211344F79E, 41B1AEA5FAA48033B2581E18D68EFC986C3D65B383847E250C054CE3133A893C ] Browser C:\WINDOWS\System32\browser.dll
19:24:58.0870 0x20a8 Browser - ok
19:24:58.0901 0x20a8 [ F8DD3B0EAC1EF1D087AE47E5819540AC, 866C951B52E3202AC89552AEA72A45123367199335578F03815E2ED55DA2FDAE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:24:58.0995 0x20a8 BthAvrcpTg - ok
19:24:59.0041 0x20a8 [ 647E2A425AD43637EAA01096A58B7089, 8F76D024FEBCBA1AC54363133DE1E0DD5B9D696E5E688EFEBC3B79F7F1B9C568 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
19:24:59.0307 0x20a8 BthHFEnum - ok
19:24:59.0338 0x20a8 [ B95040CAD3434D9EE003065363A0FAFF, D441E0676EA1AE1ABC305732024311CA59715E6763B3D7ADB728DEEFC403E182 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
19:24:59.0385 0x20a8 bthhfhid - ok
19:24:59.0448 0x20a8 [ F334BF7B0737CEB3B6822631EAD55A87, 4E5AEB1F8E109BA01A5D1CDE2E3C677FF07F2AFE8B195CB5F82AA28816D2060E ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
19:24:59.0495 0x20a8 BthHFSrv - ok
19:24:59.0526 0x20a8 [ 29AEE352AED4FCD2191436D263D75347, 3D21262EA26BF423BFA4A9146E53F8B036B2A1157DBE91A11C5603AF7A670B6F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
19:24:59.0588 0x20a8 BTHMODEM - ok
19:24:59.0620 0x20a8 [ 26DD0127A05B333E36316E6EA9A6AAE2, A2DC4483FF5639EE8DD315AB2989865CA6A6992C578FD7F7D31698A015355941 ] bthserv C:\WINDOWS\system32\bthserv.dll
19:24:59.0698 0x20a8 bthserv - ok
19:24:59.0729 0x20a8 [ 854AF190F55E6D70EC65A85798F896E2, 6D39F9131BE93F934502BA1DB109E7AD35D3987B636F7B32F9C34823DF25746B ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
19:24:59.0791 0x20a8 buttonconverter - ok
19:24:59.0823 0x20a8 [ A10A1E05A943B10ECE5D57D131B7404D, 71BB816B6841001A4305DF1814926B639265E91895CA5D06284B0970E40CE386 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
19:24:59.0870 0x20a8 CapImg - ok
19:24:59.0916 0x20a8 [ F2829DC6D292DCAC5029893BB2E9FEE3, AF2A25722D3BE37BABD1F6668786AAF39E9D6CA18CE8E845E63266E218C64526 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:24:59.0963 0x20a8 cdfs - ok
19:25:00.0010 0x20a8 [ F3A9E38AE23AD4015764AF89E4AE3519, 57ED6AC834177E128720FEC5B5793F35C7C36474E2D787F182B6730933222CC9 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
19:25:00.0151 0x20a8 CDPSvc - ok
19:25:00.0182 0x20a8 [ CA160E02F35A61C6F5C681FB4669C519, E6BC66156EE226F16804C4FDC8A60EB15CE6212EAFB9FB841FAC899979E140E2 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
19:25:00.0229 0x20a8 cdrom - ok
19:25:00.0276 0x20a8 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
19:25:00.0323 0x20a8 CertPropSvc - ok
19:25:00.0370 0x20a8 [ 60D7D304DF75DFF6A46CF633F583B592, 4141D8D1C6FE829C02053DA91AC6B0628BDEB3322CAAD4AD958190F9D173340E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
19:25:00.0416 0x20a8 circlass - ok
19:25:00.0479 0x20a8 [ FF9D4BCE19E5D36CB3A845A3286DA6C3, A0E2C38D629359EEC6F8EEC6F92A3E571AEF018BAF259F395DC497ED4827460B ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
19:25:00.0510 0x20a8 CLFS - ok
19:25:00.0573 0x20a8 [ 5C4648673693724C8D4A1A92E1AA06E6, 5D548241715687BFA52E40B867EF73CB45D01B7F9A9B7F00B92BF2B4C97BE1D0 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
19:25:00.0620 0x20a8 ClipSVC - ok
19:25:00.0667 0x20a8 [ 8EBA63416EC166EBA6EF6D34A505D8C8, 5EB0236ABEA2277B71D9F009DA71934C618606B20BBEC07B8595195E40C12A2B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
19:25:00.0745 0x20a8 CmBatt - ok
19:25:00.0807 0x20a8 [ 7A611981173369D40FE340FE47F0ED2B, EF91817119568877C5014F1A79B9EBDF9507DE901A6C265E5D5140D0F590EB9B ] CMUSBDAC C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys
19:25:00.0917 0x20a8 CMUSBDAC - ok
19:25:00.0963 0x20a8 [ 3B64DA873CEA5BEC42570BFF1054A014, 3649B25855CB9BE5BA3B3FEE4221575381FB2D488B8B050B5DD0088386AA0F7B ] CNG C:\WINDOWS\system32\Drivers\cng.sys
19:25:01.0010 0x20a8 CNG - ok
19:25:01.0057 0x20a8 [ 5EEA0856000F81B3D709BC81B3AA1EF2, C04E4E31D3FC38102BA410D312F58AF848920EE37004A5C306D79229C9B6079A ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
19:25:01.0073 0x20a8 cnghwassist - ok
19:25:01.0151 0x20a8 [ 74CD3BF688E2B408227FE012A2F2D8ED, CC01AC79CEB9DC94FA5675D66F048928C9968B8944E34F5482A73C14B70EE8A8 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys
19:25:01.0198 0x20a8 CompositeBus - ok
19:25:01.0213 0x20a8 COMSysApp - ok
19:25:01.0245 0x20a8 [ D38774D1D383A2CDB9A4F64B7206913B, 6CDDC46D1D431342F00CA537FC327B23B8AA4D513CEEEE61F3E19C77975DF9C8 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
19:25:01.0338 0x20a8 condrv - ok
19:25:01.0432 0x20a8 [ 8AFDD74F2DC5BAD9B2215FB19DB65240, A2BDDA4C77C63D3D8E9F1D397D7B41EC1BF093A6399C14D311D4D230B5F1E093 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
19:25:01.0495 0x20a8 CoreMessagingRegistrar - ok
19:25:01.0588 0x20a8 [ B18D590BC5220FDB4A747BC16D78ABC7, D46F8B43BAC22E55DE9AFC19CF371B1C4E8D3707163598B2F9884BB31D730C09 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:25:01.0651 0x20a8 cphs - ok
19:25:01.0682 0x20a8 [ 35DB06AACD8AD5999161DA71FF0E16F0, 22AD27811AAD14666ACEF4115447B0CFAA70D1E73923059FB2A9B4C3CBE500A6 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
19:25:01.0713 0x20a8 CryptSvc - ok
19:25:01.0776 0x20a8 [ F038EAF73AAB72A4A89185A5A7B9FD75, 8213A60B3BEAFC1C554C5D049DFE3C6E44CEFE639EDD6A335AC18A9DAEDA2D4B ] dam C:\WINDOWS\system32\drivers\dam.sys
19:25:01.0807 0x20a8 dam - ok
19:25:01.0870 0x20a8 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:25:01.0948 0x20a8 DcomLaunch - ok
19:25:01.0979 0x20a8 [ 0605AB12BF1856DF21AB708F28EA91CF, 3A6A7F8F84044DC1EA490A007E6DBC52203BA237ECF1B845961D9BB95E9BF8C8 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
19:25:02.0073 0x20a8 DcpSvc - ok
19:25:02.0120 0x20a8 [ BABB7BB5AD3CECFF466E6080F43CFC58, 1B8FF66557EC4C749156ED6DACC4D61D5DC4E25DD58F6DB3713C356214B80FDA ] defragsvc C:\WINDOWS\System32\defragsvc.dll
19:25:02.0198 0x20a8 defragsvc - ok
19:25:02.0245 0x20a8 [ 63C9464B165D31ACC46B6B089AB36B41, DE38DE4E6331D07630B63224F8014C27368C29791EDB58CC5DAE7CBACD37160A ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:25:02.0323 0x20a8 DeviceAssociationService - ok
19:25:02.0354 0x20a8 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
19:25:02.0401 0x20a8 DeviceInstall - ok
19:25:02.0417 0x20a8 [ CF3895DD260ADE05BC91D8FBE0A82907, D7D8A29E873BE5C3832C9264F0165F6CD50D42ED0E04B0FCF07F054793092334 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
19:25:02.0510 0x20a8 DevQueryBroker - ok
19:25:02.0557 0x20a8 [ 25435407D97419627F4B10653433BF2B, 5429B0DB7C5302E9A6AF92C046637183D4147D4A206963ABEA3A611214D6AB04 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
19:25:02.0604 0x20a8 Dfsc - ok
19:25:02.0651 0x20a8 [ E59C209F1F633C1AEAF151B2CA46BBAA, 6A4DA927418B56A228CC8D9DFA3351B2B53A9328F5C56C10F0C7B19974B2ED89 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
19:25:02.0713 0x20a8 Dhcp - ok
19:25:02.0776 0x20a8 [ 95AA7877FD4161BFBC8493F9279B1901, F6B7DF75D763A89901BD12454BEF92D161B392F721B8568505073929D9F419BD ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:25:02.0823 0x20a8 diagnosticshub.standardcollector.service - ok
19:25:02.0917 0x20a8 [ 58395E37ED838B93A56F1D089C2F53CF, 57D167B58DF5B33F7E2A98E1B8B33C8F076D34CA032D22F050AE6F83A48DC8E6 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
19:25:03.0010 0x20a8 DiagTrack - ok
19:25:03.0026 0x20a8 [ FDCD449AE9E75D7690593D16ADAF4DB4, 3366C4BDB031EB525F85850E903C46802A2AC762C0772C6F6E543DDA4AF1E9D5 ] disk C:\WINDOWS\system32\drivers\disk.sys
19:25:03.0057 0x20a8 disk - ok
19:25:03.0104 0x20a8 [ 43A1B8B43CA4E213E0FD920F2FD6BCBA, 839C6047FD6EA951538209C30C9D8AE68F9B47A58DA151D071C03408250B0ECD ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
19:25:03.0229 0x20a8 DmEnrollmentSvc - ok
19:25:03.0260 0x20a8 [ F10A8F6D036CEDD14A5471782C52F041, E0DA3C4F76DBBEAED549375E57819F8825B33A118F7674D417D294054863F648 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
19:25:03.0339 0x20a8 dmvsc - ok
19:25:03.0370 0x20a8 [ 7228733177F673B4D51BD1AA082D47C1, DBE155CDCFAA7C32407A207F637F252FA0CE30F1DE7E7DBEC42DB37FADB5BFA7 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
19:25:03.0432 0x20a8 dmwappushservice - ok
19:25:03.0464 0x20a8 [ 592E41B3C11CA12203D3708AD8FC3D37, 6C69D5D603FBF038C069EDDCE29F7C6A60CAAE58B985AB218E1497F2BA934D42 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:25:03.0510 0x20a8 Dnscache - ok
19:25:03.0542 0x20a8 [ 6184C7A2F12625C108AEFD3A43429967, 689153F319BB1013FF60F71317E8380A6945EEE8141EDBDD6B185A966E23BB93 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
19:25:03.0604 0x20a8 dot3svc - ok
19:25:03.0651 0x20a8 [ A616D8297C1BEA690BBC796736A7A78D, 9365470F4609606410AD79D98E1E77D815DC7C5AA924FB639FCF713EE8EDEA76 ] DPS C:\WINDOWS\system32\dps.dll
19:25:03.0760 0x20a8 DPS - ok
19:25:03.0807 0x20a8 [ 45771610FF181434073B5A0A00F20F8D, 6A17DB09AA6D021F000F7315317235E1FCF41FD58EA7DF81A7C9F5A6DE999984 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:25:03.0839 0x20a8 drmkaud - ok
19:25:03.0870 0x20a8 [ 00D9A948FB7344C62CEBED88E50EE39A, EF33FE7FB34DE571F3956C1F7AC8EFAA25BFD9F3AFA3ECD25DD34C5890873245 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
19:25:03.0964 0x20a8 DsmSvc - ok
19:25:03.0995 0x20a8 [ F2328181D289CE83E9979733EAB6742A, 73B1CDA6ED8C42B36126909F1335B72126A5DDC6FC7CE8BA2CA274A2B92E82FD ] DsSvc C:\WINDOWS\System32\DsSvc.dll
19:25:04.0057 0x20a8 DsSvc - ok
19:25:04.0171 0x20a8 [ 89C9C3745F270EF93988DA57BC6AA62B, 947886F3121919427BDCB123C6FC28E29CA73D427E92025E1BEAA743D27306D3 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:25:04.0265 0x20a8 DXGKrnl - ok
19:25:04.0327 0x20a8 [ 6E36BDBB46DF7F865D0DD30663AE3891, 98967B01EA450AD4D5FE8085F710359C022D783B839A51BD4A266718156B01EB ] Eaphost C:\WINDOWS\System32\eapsvc.dll
19:25:04.0358 0x20a8 Eaphost - ok
19:25:04.0515 0x20a8 [ 3070013B01EDA42C7EB67D731340C396, C083CA05650750876E70CB6AB51D5C047C06098C2ED86B083A74C97830247BFC ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
19:25:04.0722 0x20a8 ebdrv - ok
19:25:04.0769 0x20a8 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] EFS C:\WINDOWS\System32\lsass.exe
19:25:04.0801 0x20a8 EFS - ok
19:25:04.0832 0x20a8 [ 59EE187E333EE9914DD9BEA5F4E0D85D, E34BB8075E38FC6AEC056323C6E3B5B4E7041EE6F4D51699B706DEEA18BDB911 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
19:25:04.0863 0x20a8 EhStorClass - ok
19:25:04.0879 0x20a8 [ 9297F1CC486F24BDFD2874156AC5430F, 1AF8689ADE4E658FC9418F7886B6C19F7D005EAB2AEF9B0E14FC81C61A74CECF ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:25:04.0910 0x20a8 EhStorTcgDrv - ok
19:25:04.0957 0x20a8 [ 31EF3A1DCACBDF3B1CB7D02EED7D1277, 45A2C0FB362D199C3ACCDFFED8FE26417C995D1E94CD5E8269E53A1DEC2EAA05 ] ElgatoGC658Y C:\WINDOWS\System32\Drivers\ElgatoGC658.sys
19:25:04.0972 0x20a8 ElgatoGC658Y - ok
19:25:05.0004 0x20a8 [ 9E8FF6B95FD420FA9E40BE548E5C8D92, 8825B81418335D03CFAADB792C1466023C459BE489ACACBD6686FFB544F22D30 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
19:25:05.0066 0x20a8 embeddedmode - ok
19:25:05.0113 0x20a8 [ DC2F91EAE9A28FA8C6610A9B7701B70D, 480DB509BF944AAC3617594F1245B4603069DE39186BC1FA7EDB8E0536B05E79 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
19:25:05.0222 0x20a8 EntAppSvc - ok
19:25:05.0254 0x20a8 [ 9ED89A533D125C273F93C6A524A1A118, 0CB4282509F455538CF4F9276184CDCC3CF783B0F0D45BB136DB02063983B0C3 ] epp64 C:\EEK\bin\epp64.sys
19:25:05.0285 0x20a8 epp64 - ok
19:25:05.0301 0x20a8 [ F7FCCA6300485EF60CEA6D991D6C8C78, 24080D80CF1FD678DF4C9CAE70F65F8D9232F5F6A6F2B73A77B5E3C91E6505F3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
19:25:05.0363 0x20a8 ErrDev - ok
19:25:05.0426 0x20a8 [ 7C013BF69B3C314930D342DA8C564800, D377376EE62BDF12427BBF1B227C0BF9E6B37ABF18B72818182C78BD99B54924 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
19:25:05.0457 0x20a8 ETD - ok
19:25:05.0551 0x20a8 [ ADE85C1EB3D0393D6EC4A77E12D3E3FF, 3555B3302DBBC5869EEB1D2C5BBCB87FC72B030B67C1D37A273FEB7517A58C73 ] ETDService C:\Program Files\Elantech\ETDService.exe
19:25:05.0566 0x20a8 ETDService - ok
19:25:05.0644 0x20a8 [ 2093F65AA84478E28C8E9D05BC413845, 086D4E0D4B993F4041AA8A9DCBEEDB53BD05B88E2BEFB218837FB10FACDF4233 ] EventSystem C:\WINDOWS\system32\es.dll
19:25:05.0691 0x20a8 EventSystem - ok
19:25:05.0723 0x20a8 [ DCCDC3F35F0618692117DF90800A4284, B636B2A39AE89A9C2CDE17EC52DA669DA8AA9E2B04CA5CA19926DA8009655244 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
19:25:05.0785 0x20a8 exfat - ok
19:25:05.0832 0x20a8 [ 5A1C6AFFF6946C5C21A27AE05084C0D1, 558CB87E596E85182F6976F215EE0E35F57BF901409A2805E6A3C29D8984B048 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
19:25:05.0879 0x20a8 fastfat - ok
19:25:05.0941 0x20a8 [ 046FC9CF53A91E2FBA498CA7B0C3B028, BCFB06DF53065706DD6287E8C47BF5047F8A1E33981E1881E6ED7510337F5BC8 ] Fax C:\WINDOWS\system32\fxssvc.exe
19:25:06.0051 0x20a8 Fax - ok
19:25:06.0082 0x20a8 [ 4E4B7D935DBF522B2F23D3573596181D, 9D0EC9F65920EE0FFFB2D49C58E4D5151C8CEEB7AA82543D226E4B84EEE4B3F0 ] fcvsc C:\WINDOWS\System32\drivers\fcvsc.sys
19:25:06.0129 0x20a8 fcvsc - ok
19:25:06.0160 0x20a8 [ 583EB1C7690E361213BBD0472155128B, 5F5871490A6DAC4A824F4428941AC86FBFA9AA349B99B5D9544E5D62EB459FA8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
19:25:06.0207 0x20a8 fdc - ok
19:25:06.0254 0x20a8 [ 94B1A46EDD335F0C54C7BDAFC43348E6, 58073D58D0BE7389C2A4736AFE108835E5AE9C9950FF630644F585C99B964043 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
19:25:06.0301 0x20a8 fdPHost - ok
19:25:06.0316 0x20a8 [ BC855BB7DFE06F27F78E0EB2A8CCB70D, D16C3DAB99C16B077BA5DA5E9E0646B0B9237B00ABAE867D9F81A2D072D583B1 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
19:25:06.0379 0x20a8 FDResPub - ok
19:25:06.0410 0x20a8 [ F1125F20D56F28DDCD1A6F3E81EB4F5F, A6620ECCB15FAA70E4A43ADA4CE82CF97D708B6FA07F3FAED276359E7F92FD0F ] fhsvc C:\WINDOWS\system32\fhsvc.dll
19:25:06.0473 0x20a8 fhsvc - ok
19:25:06.0504 0x20a8 [ CDFD81CACE0E11596A3BB61EC4CF6467, 569FA86A215B054131AA9AFEECFEE7FD7143DCFFE275B84196004AEA538B2476 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
19:25:06.0551 0x20a8 FileCrypt - ok
19:25:06.0582 0x20a8 [ 3F02FEDAE894CBF4BAADDF8C8E1D53A8, DA32ABB1CDA867B8456C46F8581FA7F3A8D8B89D9F6E7422F51941D5FFA15B13 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
19:25:06.0613 0x20a8 FileInfo - ok
19:25:06.0629 0x20a8 [ 2824933386E30DE5BA089DF539CE19A3, 7B33E514576C68B444AE99CBA1360EBFAE8A46EEE5C01F4EE4CF471A712AB148 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
19:25:06.0676 0x20a8 Filetrace - ok
19:25:06.0692 0x20a8 [ 6A598249640F8BEDD79EC73917E1664F, A675238EA19E6632CDEB4EEFF7CF509EAAEF76AD8DFD247664E5607555D9CEE1 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
19:25:06.0723 0x20a8 flpydisk - ok
19:25:06.0738 0x20a8 [ 44B6A6832134DF651E887E941478CA35, FCF4EB726D00F5A17DD66C81CFDA49427281C94CF9CA2008397D591AEA61AE05 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:25:06.0785 0x20a8 FltMgr - ok
19:25:06.0910 0x20a8 [ C197284A9D565A38497733AF2BDFA111, C6615AF0D366C2DD6D431B073901EED02D49AA3F252230735DBB52A90BCFA833 ] FontCache C:\WINDOWS\system32\FntCache.dll
19:25:07.0160 0x20a8 FontCache - ok
19:25:07.0254 0x20a8 [ 109AACC7FB0170535F71491F673AFD38, 212B6761ABBAC29993DA0A47C3DDE8074EA9E5A8FFA8FF6EAB95AC69D8FDD5A0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:25:07.0285 0x20a8 FontCache3.0.0.0 - ok
19:25:07.0317 0x20a8 [ 3F3B9E8CECD5604BC7746EF3A852EB67, 51AF62A9563379266C0C873E82F55427900032DFD7AC3EBDCDF77F8F8DE91A5D ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
19:25:07.0348 0x20a8 FsDepends - ok
19:25:07.0363 0x20a8 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC, 7022722FA38E81F6F4D0EF9F0FBEDD27C09A238B5246A3C36AEAAC11FF76FE07 ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr.sys
19:25:07.0395 0x20a8 fssfltr - ok
19:25:07.0535 0x20a8 [ 40CDFAD174B3D5E80F95DDA003C0B97F, 2DA149CE42B87681ECDCC8905D0957443F430A9C7002FF78F22A95F9112A7C4C ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:25:07.0598 0x20a8 fsssvc - ok
19:25:07.0629 0x20a8 [ A60583221C7BB7CEC35C63285A297BE1, 3C842FBEAD1FA2BD8D37B2B0E8EDF77F4F50508C56FB25DFA81DE9679090D51D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:25:07.0660 0x20a8 Fs_Rec - ok
19:25:07.0707 0x20a8 [ 58013A50225174EEF1410E37795D7908, F8E557CA4110ABB203192DEAF59D91A5FEF2A5EA394637276DAB7F4D2E7BFA39 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:25:07.0754 0x20a8 fvevol - ok
19:25:07.0770 0x20a8 [ 0DAAE3EFCE00133AB3E383A36C47CDAF, 9145665F4F0575F951803AAFAA1A7DC0FAA35430CAE7D90E902074D60D6F4C62 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
19:25:07.0801 0x20a8 gagp30kx - ok
19:25:07.0848 0x20a8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:25:07.0879 0x20a8 GEARAspiWDM - ok
19:25:07.0910 0x20a8 [ F59155B95D01C08F9ED774B626B504A1, EF0FCF35AD9CD5E5D695F0C064244D2B327E7FB10FD7CBB0586253EC75562918 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
19:25:07.0973 0x20a8 gencounter - ok
19:25:08.0020 0x20a8 [ AE24452F55C6F1784CBD7489D0CDDB02, 4E13C51CBF30A8662B1180AC74E968CFC428B6EA7931F09357E7D120063D4823 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
19:25:08.0098 0x20a8 genericusbfn - ok
19:25:08.0129 0x20a8 [ 96F0D3A583A91B634EE2AC2507356EDC, 43D2575F33D28F61C13D2DCF358BFA9DCEAE276C83152DBE7AE2020A66929CD9 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:25:08.0160 0x20a8 GPIOClx0101 - ok
19:25:08.0238 0x20a8 [ E50CE978F571B900D9A7E2F1C5BCC070, EA14873A5F1B700D7CDBE55B9D214DC457262866A90D80B3E8325A8EB7932CE7 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
19:25:08.0332 0x20a8 gpsvc - ok
19:25:08.0379 0x20a8 [ BA2455D93BD57989A04FE4094AA6F941, B579FB367C063EA30C034381148410D49D38E183A5A4D51D2334A81DAEE95CEC ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
19:25:08.0457 0x20a8 GpuEnergyDrv - ok
19:25:08.0535 0x20a8 [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:25:08.0567 0x20a8 gupdate - ok
19:25:08.0582 0x20a8 [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:25:08.0598 0x20a8 gupdatem - ok
19:25:08.0629 0x20a8 [ FE85E924C86D6D313D61C28A451EA4DE, 22422CECDAB8EBAED6120E6CFDD57BAFC61EA12B1E3563E8605B9700DFE71EBC ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys
19:25:08.0692 0x20a8 HdAudAddService - ok
19:25:08.0723 0x20a8 [ C277A49F8A8295840DEBC9240B75A282, 8B2BA0E6A8300323765D95ECD843105B0FC4B80B85EE2220E677C4E9A760C9D8 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
19:25:08.0770 0x20a8 HDAudBus - ok
19:25:08.0801 0x20a8 [ D5A57EF4822A0388352FFF9F5CD53495, 509F365386859157E9078821FAA56D2A3C0BA296CA129E0D42453428A14687A5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
19:25:08.0848 0x20a8 HidBatt - ok
19:25:08.0879 0x20a8 [ 39575B53EB80C77FF2A3F1449D00B7F5, 37E66B38BACE00AFEF7093F990A234399D8451A9D2C2C8CBECAB69C664E63EA6 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
19:25:08.0989 0x20a8 HidBth - ok
19:25:09.0004 0x20a8 [ 35C3B602664116E737FF729F9A7156AD, 7A3C5CAD716E819CC53405971F3ACD135BCF023EC2228C1095E2116BCC384E62 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
19:25:09.0067 0x20a8 hidi2c - ok
19:25:09.0082 0x20a8 [ C4ABE526BBF2A18E8AF70177FBAD9C6E, 4DA06B563A08AC15D949F4599F73F172B3BFCB5D23B34240D1E2114438A11929 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
19:25:09.0114 0x20a8 hidinterrupt - ok
19:25:09.0129 0x20a8 [ 348416C7D7EB05BC3099FE2F2B27985C, F30E8682E9DD731A1AD7328FB8A48A2BB7D6E52780AE1FDE839D26E84B4FA7B5 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
19:25:09.0192 0x20a8 HidIr - ok
19:25:09.0223 0x20a8 [ 5576DF399CF2D3B63608F7F282151249, 04939E79B8B8035547CE6FFE9001252CA810BAD46D8DB75FF5C13EB10EEB5C57 ] hidserv C:\WINDOWS\system32\hidserv.dll
19:25:09.0270 0x20a8 hidserv - ok
19:25:09.0301 0x20a8 [ 01F732724AF6EFE69886DA95A4E51820, E048A480F9396418BDE9659596E7EDA5FF97D3CE029D186048609B47575BEAE1 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
19:25:09.0395 0x20a8 HidUsb - ok
19:25:09.0442 0x20a8 [ 7433A8D28EE11A661C7A45AF28BA7987, 8A73DB423924E84CD3629BF6C7298CD093D2437B73B3F4520D39330923DDA2D6 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:25:09.0551 0x20a8 HomeGroupListener - ok
19:25:09.0598 0x20a8 [ 3FDBFBE5AE639996EB8D482C16BA7EA9, 7E48304818AABB4C5B0CB7FD32D96D6F90F4180AB0F668A2FE653A7097A40673 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:25:09.0676 0x20a8 HomeGroupProvider - ok
19:25:09.0723 0x20a8 [ 3844CE7DD23530CAD59D8CABA57CCB05, A44BB60686A0E98FF370D9DED5B32C3F34F0352ACFA3B3052BA4023922B53DB7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
19:25:09.0754 0x20a8 HpSAMD - ok
19:25:09.0817 0x20a8 [ CA6EADBB8731CA27BDA4037BF290AC14, 31EC9397D55D4EEC416AD722134E2D6B5D14E46D2150CB94889C4BFDAACBF421 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
19:25:09.0879 0x20a8 HTTP - ok
19:25:09.0910 0x20a8 [ 8841D927EB1F7FFC8B1805BC0CF190ED, B063E686380EEF582CF736E33751812F0041C593C7F30EE97D13DEDC9B246AB5 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
19:25:09.0942 0x20a8 hwpolicy - ok
19:25:09.0957 0x20a8 [ 53436C3835E80F4421652A67F44D6313, 8731091945A839713348DF3060A4C96033874E2B3DC7E099BEEC8C65B07F98CF ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
19:25:10.0004 0x20a8 hyperkbd - ok
19:25:10.0035 0x20a8 [ B2DC6C2F313EBB967B556B4E73A75451, B1816A0AE15705F0325F167EA76166779607D6086EC36A4A960E3BA47B4EBC4B ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
19:25:10.0082 0x20a8 HyperVideo - ok
19:25:10.0114 0x20a8 [ D4CDEE4A62BDFFF6E8558A9552148EA7, 55306786CB45082AE374937EBA256FF9CD640BB2E8C19DC6C704489D4743F5CC ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
19:25:10.0192 0x20a8 i8042prt - ok
19:25:10.0207 0x20a8 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:25:10.0239 0x20a8 iaLPSSi_GPIO - ok
19:25:10.0270 0x20a8 [ F1DF87463AC308047B089E9F0456B4C8, DFFF3C63D3124C2B879B888104042406FE326D4E7C8C1881A269BD4287B9CD33 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:25:10.0285 0x20a8 iaLPSSi_I2C - ok
19:25:10.0332 0x20a8 [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
19:25:10.0379 0x20a8 iaStor - ok
19:25:10.0426 0x20a8 [ 9FDD4763A115D04F565C38183DE4646F, A8B0653E7C5F5B3CB2A1B642F502269FB1BB1E35DBB1CBABDBDADF92C9815727 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
19:25:10.0489 0x20a8 iaStorAV - ok
19:25:10.0535 0x20a8 [ 4E69EE8F8E5DA036535D433C544AF9E2, 2ADE9B97CE1C19FF984D8BB99CF31415872C2D9628864BD78C0E44D21CC94EE3 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
19:25:10.0567 0x20a8 iaStorV - ok
19:25:10.0629 0x20a8 [ 15C59DF20F74A0C2C764B991FED7F4A5, 6E9804775E815F32A4D73C346E627D64A3096525E78FAE3B6E43CFECAE270428 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
19:25:10.0660 0x20a8 ibbus - ok
19:25:10.0707 0x20a8 [ 88E6A429944544346EC3AE1FD7D24BCC, B6B8D51E5491C91D2FCDC77C1D82A5168B0C860252208E1B4612D8D5C19401AD ] icssvc C:\WINDOWS\System32\tetheringservice.dll
19:25:10.0817 0x20a8 icssvc - ok
19:25:10.0832 0x20a8 IEEtwCollectorService - ok
19:25:11.0067 0x20a8 [ 79AE3CC82CA1563A4B392207997ACE7C, A1E4A1DA95CA2FA197EF5975657822F0F813F6C33DA38E1FA5A840194034D071 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:25:11.0364 0x20a8 igfx - ok
19:25:11.0489 0x20a8 [ 6F9C31435DD3E3D3BC247212EA144EBF, 05C4A0BD4BABD27783CEFEE6108C1A05911A212189233F09AF1A56BDC60F60F8 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
19:25:11.0582 0x20a8 IKEEXT - ok
19:25:11.0817 0x20a8 [ C91471B47D9E0FAFAD222CF77B45271D, 6D09614407E295CC52A80190A7DEF340E1A0B8A4D8F956C64BF575E9B7DC9DDD ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:25:12.0036 0x20a8 IntcAzAudAddService - ok
19:25:12.0067 0x20a8 [ 498759139F71142888CF7EFA1ABE18C8, 9CD0CD748B143F947B4DEDE39344A8C284717CC8AC97E25827EB73CF10831419 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
19:25:12.0098 0x20a8 intelide - ok
19:25:12.0114 0x20a8 [ DC270DDCDDC2EF65D484A65CC5166222, A88BEAD819ABEFE28B6F9A10586ADCB0EE2A5ED9273F176E9313750609C7892F ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
19:25:12.0145 0x20a8 intelpep - ok
19:25:12.0176 0x20a8 [ B4D9C777762B1F7356958B9C0AA93BEB, F11B07FE939A107AB4EED4857854DF269C2D86A80C8507C8B1E95F7805975EDB ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
19:25:12.0223 0x20a8 intelppm - ok
19:25:12.0254 0x20a8 [ 22BD83268B80A8C89AAC0BDF46E4EB5D, E7DC0C2E4104B51EA545BA8D0CFF11FD6A15BFD8EE16E546E8FC220853402CB3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
19:25:12.0364 0x20a8 IoQos - ok
19:25:12.0395 0x20a8 [ A49E47A6E1429123F46A7CA9C05AEFC1, FFD68CA46DFAA4954FD76145808E2C74BDC34FFD6979BB3FB6A3EE4DC33CDC78 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:25:12.0457 0x20a8 IpFilterDriver - ok
19:25:12.0536 0x20a8 [ 8FBA61B7CB44F136226BE3B346FC6D19, 2190A523AC948B18C2C7B6DC96ABB654DAB471AD5E5E13F79899416E91777AED ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
19:25:12.0614 0x20a8 iphlpsvc - ok
19:25:12.0629 0x20a8 [ E0C276985AF968CE295B8E09C121321F, 07B54165E80D4254C29A6CF00CC634E70F190EF0EB8EEF73EC14F38B841087A5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:25:12.0708 0x20a8 IPMIDRV - ok
19:25:12.0739 0x20a8 [ 5D3744E6FDEC1A6FB3FA9B1DD4AF0694, 209BE9FC25C8BF8CE058B7E993B6A902B881380DADC69F5208733077DA7F4382 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
19:25:12.0801 0x20a8 IPNAT - ok
19:25:12.0864 0x20a8 [ 7C109F2155E962A5700165D9AD6868FD, 85F595EFADBA4604C70FB9DBD24D872EB91F7D384D26EA82CFC8754559453026 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:25:12.0895 0x20a8 iPod Service - ok
19:25:12.0926 0x20a8 [ B18202D72C0EF4B53CEC6F59E3E1B955, 6DA244E6485372C16CF0B38838DC90B48079A85F5D22B0F2F197C8DA37F0A293 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
19:25:12.0989 0x20a8 IRENUM - ok
19:25:13.0036 0x20a8 [ CD04CBCCCB4C0E4BB06B98E0F45C888A, 106B3E823C188BD14328F2BEA28559D2F637C270064B2FD214522FAC4E616F4C ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
19:25:13.0051 0x20a8 isapnp - ok
19:25:13.0083 0x20a8 [ 5D90E942C94B20E0F321015C0ABF3EEA, 4110551B172D4A5524DD857D7CB65FAF2594310BE7883D5641BC0DF5EF49C82C ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
19:25:13.0129 0x20a8 iScsiPrt - ok
19:25:13.0145 0x20a8 [ 4192DFE6CA143C0AD8AF42C51A82BECA, 31FB3A261D0D5241CC87EF7DFF8BFC1A1EACE8CEC42138918EC5958DAEE100CD ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
19:25:13.0176 0x20a8 kbdclass - ok
19:25:13.0208 0x20a8 [ B63C0DB341DCB46CF7AA259333A737DD, F1B43BA68707F3F99CD31AB2035F5E86CD967AE4E5393928C69861785E960872 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
19:25:13.0254 0x20a8 kbdhid - ok
19:25:13.0286 0x20a8 [ 53C79A7FABDAAFD11EAB31963FB2CED7, 357418645DDCEFA5546AE78EDCAE86D50928710CA7A3F65F01CF721AADA36623 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
19:25:13.0395 0x20a8 kdnic - ok
19:25:13.0411 0x20a8 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] KeyIso C:\WINDOWS\system32\lsass.exe
19:25:13.0442 0x20a8 KeyIso - ok
19:25:13.0473 0x20a8 [ 1E99B26BDB9B9C9BC775ED4543558560, 890870A6737B4910735D1B23F714AA73FCCD1C131D135FACBA6909F06D31B3FF ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
19:25:13.0504 0x20a8 KSecDD - ok
19:25:13.0520 0x20a8 [ 6198A79011C67497B324798B3D4272CE, C587F7D86837550D07918F6AACF26BF65EBAF7FF57475DC9196B4D011E83AE47 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:25:13.0551 0x20a8 KSecPkg - ok
19:25:13.0583 0x20a8 [ 503597D9B72DBD9998F722F12A51ACFC, 9B3585282191163AA70243BAD921ED8725A98454E0D3879E0F671E0E4F56AB4F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
19:25:13.0629 0x20a8 ksthunk - ok
19:25:13.0676 0x20a8 [ ED5AE20C27F27F293C6C61AEC9881054, 4D5BE394D129BD559B0A9D237F3F59CB3D24C15ABDD97AE2E64931D6B9D14FF1 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
19:25:13.0786 0x20a8 KtmRm - ok
19:25:13.0833 0x20a8 [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C C:\WINDOWS\System32\drivers\L1C63x64.sys
19:25:13.0864 0x20a8 L1C - ok
19:25:13.0911 0x20a8 [ C529DA0AD5A21878E318801B024AF8E7, A14E8ADCA33C37B1D256CB4926A19F56D2D19B94EDF314A4ED34A8B5AB62CA5A ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
19:25:13.0973 0x20a8 LanmanServer - ok
19:25:14.0020 0x20a8 [ D6D9F4CAFD3F1A7E30AD02E508552CD2, F0D225E5951CFE1D8349F634CC91BDD5B3F9DCF6233CCB965E99BFEAFE642265 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:25:14.0083 0x20a8 LanmanWorkstation - ok
19:25:14.0129 0x20a8 [ 24881F16D2829764681F5FAE7B86D7D3, 290348CFAF3165847E4B53965D22E9D417EE20FFD23293B5C1855C57E6328599 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
19:25:14.0223 0x20a8 lfsvc - ok
19:25:14.0223 0x20a8 [ 6ED675774BDC3735AB6DA12D29F825CF, 4317C7CF491F4E806975E7A973CFF11CFEE9E94730DDABCC67C3D693691DDDE5 ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
19:25:14.0317 0x20a8 LicenseManager - ok
19:25:14.0348 0x20a8 [ DB789F57CE94C827FBFF709CA5ABD29E, 4CA4DD079A63649C36F76A31C4081F11F5CF6574AC573B63EF930DB19B1D1C95 ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
19:25:14.0395 0x20a8 lltdio - ok
19:25:14.0442 0x20a8 [ FECBC6C4981772E5D0F517B34A5496EE, 15DB097BFB221B91E580E5CD1DD6B34A9A2C78A1A6FCE4162A855BB4AFE673E9 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
19:25:14.0520 0x20a8 lltdsvc - ok
19:25:14.0551 0x20a8 [ 24C87BDC66AB192FEB273BEE5FD5AA38, BFAAE1F2450DEBD1A14877C046C6EBA91014DB0B5D0FB95EC14CB714B773B3C0 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
19:25:14.0614 0x20a8 lmhosts - ok
19:25:14.0723 0x20a8 [ 7F32D4C47A50E7223491E8FB9359907D, 6D3F59A8D006BED3234697933D09C8EE8F7A9F4A4196CFA878F8E8A929B24CE5 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:25:14.0754 0x20a8 LMS - ok
19:25:14.0786 0x20a8 [ 3BB39166E446D456C277C17DFEA3DAC6, 1A08E1D017BBCE91E508D876835FA7AD2DA0859A8CFE8F8F31B4F12B48E2573D ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
19:25:14.0817 0x20a8 LSI_SAS - ok
19:25:14.0848 0x20a8 [ 25CF625E46307A5D6674C8DFA1A289AA, 1D00EB70B6B0157013A7C15EF194F51B8596612066EF31B337D8134D6BD0BBBE ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
19:25:14.0879 0x20a8 LSI_SAS2i - ok
19:25:14.0911 0x20a8 [ 722C52B12EA4C198D56994934C9DDAB6, 5F4AB818251C770821BAF41C19B1C483A31CCC28EB96F2084D4092E33EAF906B ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
19:25:14.0926 0x20a8 LSI_SAS3i - ok
19:25:14.0958 0x20a8 [ 3371FF1D5D745C3306C6A2C4E99C25A9, DD6F0099001501BAEDDF8411FBCD930BD6472662D209199249203CB2FDAA23FB ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
19:25:14.0989 0x20a8 LSI_SSS - ok
19:25:15.0051 0x20a8 [ E2EEF074F5260378F9AAFBCD592319A3, DC56674A08FA03FA7AF7DD8B3CC55D8324D1CB51546092A990A935FF9AB48A3C ] LSM C:\WINDOWS\System32\lsm.dll
19:25:15.0161 0x20a8 LSM - ok
19:25:15.0192 0x20a8 [ C692B9C0352315417CF49FFA664957A3, C2D4F9A936B809889F7C51FE48214A1923175913A6C5D0B72D3BA469214B5174 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
19:25:15.0239 0x20a8 luafv - ok
19:25:15.0286 0x20a8 [ 60DC593BA44E433DF97EBC8940703D08, 253B6892D7FCBD647D6FA645670871A76A38CD379FCC1F66F1181949740C72EA ] ManyCam C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
19:25:15.0301 0x20a8 ManyCam - ok
19:25:15.0348 0x20a8 [ 6A4C75FD28F60062FEA3DF3B15D956C0, 4FC58F3320D33BDACCF759A50C623A3E58E4320749E6691B397DF0C8EAAA8A6F ] MapsBroker C:\WINDOWS\System32\moshost.dll
19:25:15.0583 0x20a8 MapsBroker - ok
19:25:15.0630 0x20a8 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:25:15.0645 0x20a8 MBAMProtector - ok
19:25:15.0786 0x20a8 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
19:25:15.0864 0x20a8 MBAMScheduler - ok
19:25:15.0926 0x20a8 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
19:25:15.0989 0x20a8 MBAMService - ok
19:25:16.0036 0x20a8 [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
19:25:16.0051 0x20a8 MBAMSwissArmy - ok
19:25:16.0114 0x20a8 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:25:16.0130 0x20a8 MBAMWebAccessControl - ok
19:25:16.0176 0x20a8 [ 7382E4A888A7D4333DFF8A30B6850EE9, 3F63680A96438DF841FD46F99DA9670520ED3295176820DEDC9D5C770CA659D0 ] mcaudrv_simple C:\WINDOWS\system32\drivers\mcaudrv_x64.sys
19:25:16.0192 0x20a8 mcaudrv_simple - ok
19:25:16.0223 0x20a8 [ B2ED9A7A5587A128A0EFD0DBE7662E95, 63070AAFD44E3CD2A4B262DF27222B103455A4D8C2E45914502BFA03D84D32C9 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
19:25:16.0255 0x20a8 megasas - ok
19:25:16.0301 0x20a8 [ 083F71488E6780A67290273180256EA5, 5F43CE66F5A48850BABB70F4D219FDD002F9BC2B2F0E58E66FE2C492AA335E50 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
19:25:16.0348 0x20a8 megasr - ok
19:25:16.0380 0x20a8 [ E7C9F74D8CAAB1FF7964C27C070FB16C, 76CCD9109E1031A336B7E275368520FFB60D500E24444B04066F205D1ED5BA2B ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
19:25:16.0411 0x20a8 MEIx64 - ok
19:25:16.0473 0x20a8 [ 5907A10D46747A2B6DBFD6A198254DC2, 6C283E9DC75C7ABFD270D6FABBF4F54628A1786E7CE2F603BF664CBB9E4FE583 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
19:25:16.0520 0x20a8 mlx4_bus - ok
19:25:16.0567 0x20a8 [ 91ED6F0EDF4158D63C52194F17D4F42E, ACF543978E253650C167C6C370699AEA7340EBCECF7CAB904CBDD334D1BD6928 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
19:25:16.0661 0x20a8 MMCSS - ok
19:25:16.0692 0x20a8 [ 2C4CC9F6ADBED5A6D131FDB97A78FF68, 04DC76E3F0959C0A9B00DF2133B075194FB7DCBD76832B9D25B0E37223D300DC ] Modem C:\WINDOWS\system32\drivers\modem.sys
19:25:16.0739 0x20a8 Modem - ok
19:25:16.0786 0x20a8 [ D8DB13529C8AD6FBAF8E2F382024374F, 13025035C479E2EF76EDCB90D83BE65B4ADD9F7000AD31FEAD628D5DDFE69158 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
19:25:16.0864 0x20a8 monitor - ok
19:25:16.0895 0x20a8 [ 2DAAF1EE1C30F2FCF59851A64ADA0422, 08CD801E63E2862DE058CD732C3DB3D87B1A2898732365440E3F8919932E96FC ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
19:25:16.0926 0x20a8 mouclass - ok
19:25:16.0958 0x20a8 [ D30FE074503283829ED194BCAE6239C3, A3A127381ECC798417D01F6B8A1894EED7D71989047BC4D1D74D0E7C8394AD65 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
19:25:17.0036 0x20a8 mouhid - ok
19:25:17.0083 0x20a8 [ D5EC9413527B286CFEEB0294C53ABB95, B094C611F5A7E33D2F8667B2A4D6260E1D57BD135867F984EE5B674C7EE72B95 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
19:25:17.0114 0x20a8 mountmgr - ok
19:25:17.0145 0x20a8 [ 989A1BBD9C49B107B4A47D06E6827A69, 62D90B22AE13AC84324DFD5FEBA595813AD07469B7FEC41380CE223D93020CCA ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
19:25:17.0176 0x20a8 mpsdrv - ok
19:25:17.0239 0x20a8 [ A0DBB9386BEA8DA1A159C2A2E07081A3, 9D3F26005A76A72F9512F040D45C16124D17F8C8DA45C51FFAF74F066357D0A4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
19:25:17.0317 0x20a8 MpsSvc - ok
19:25:17.0364 0x20a8 [ 5B37FDC07159FE9F5F52399F7D78F60B, A0C20EB9A7918395A13A5E21917887DDC9897C475D33091B518354163CAE108A ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
19:25:17.0505 0x20a8 MQAC - ok
19:25:17.0567 0x20a8 [ C1E74DD1D84861D8F12FF8BC0BA11975, 5912A0455C840F5C8AD6383823C9C7DE6FF8B5CAF1B72EA181864999891EAF30 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
19:25:17.0614 0x20a8 MRxDAV - ok
19:25:17.0677 0x20a8 [ 1DF2C5FD2710A13B07E663A12F0E0EEA, 8EBCA9269F52A5CF602F5DE2B0C2AB2BFD82F415465DBB74C73D43F321D9FD46 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:25:17.0739 0x20a8 mrxsmb - ok
19:25:17.0755 0x20a8 [ 185932B1149BD707F8A13174CDAB365B, BC26CB10DD6E81A94477564444E91F76D47E685E897BD77B9C1393F0D31AB718 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:25:17.0833 0x20a8 mrxsmb10 - ok
19:25:17.0864 0x20a8 [ 99E24D4DBACBC569833B9A67710D65E7, 93BC765E7B6E19E83AFF783DE8080A80A1D69A406B496F1E36C47AE6E86AFB76 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:25:17.0911 0x20a8 mrxsmb20 - ok
19:25:17.0942 0x20a8 [ 6F8BE4FB6262012E61BBADB5444628DC, E87489207AA48106C08E4BADDD8D66D14BC9DD6AD2A4CDD880BA655932CDDE60 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
19:25:18.0020 0x20a8 MsBridge - ok
19:25:18.0052 0x20a8 [ 283BDF3602F442336DAF242BDD07FB98, 185F046B6AA24FFD1567F00AA70357C82002FF627E329CEF9B926645A6DDB172 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:25:18.0114 0x20a8 MSDTC - ok
19:25:18.0161 0x20a8 [ 7C55F1751CAC199680D4489D1EE46544, 967EC8137D321F6139C3382D19A338FD97A3023EB654747AC57C2008BE4AF677 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:25:18.0192 0x20a8 Msfs - ok
19:25:18.0239 0x20a8 [ 988588C16A53C2581488C15FF18934BF, F021FD31163CB5C7012CF96EF642C5E551708C835039075268F4CBED002D441D ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:25:18.0255 0x20a8 msgpiowin32 - ok
19:25:18.0293 0x20a8 [ 09622DBC24D0178F15DB8461BB6970DF, C0B3F9B2219AAF87E417EE9FF54C64B8AD9944E101EA79B5DC81D99E8C2ECF30 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:25:18.0329 0x20a8 mshidkmdf - ok
19:25:18.0376 0x20a8 [ 34BB07495C0159BE4189841E16F3BC2F, 264B5735D9A68C85BEDE363D4C0AE1FCC381B39EA884B4BAEE185EB8A873184A ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
19:25:18.0408 0x20a8 mshidumdf - ok
19:25:18.0439 0x20a8 [ 7BF3F0DA362C053918F5F2EC43CE39E2, AA773FA3F83C0C572160D3D0286A697DC628FF4F3655EF21D01C6D1B7BE5DF1C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
19:25:18.0454 0x20a8 msisadrv - ok
19:25:18.0501 0x20a8 [ 669DA2006C0B9D882D2014617E1E88F5, 090F558818806CAEF6C81D369F8BFFE4A8240295EF37CAA7102A18F4CD20D868 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
19:25:18.0548 0x20a8 MSiSCSI - ok
19:25:18.0548 0x20a8 msiserver - ok
19:25:18.0595 0x20a8 [ B2D0FD21FE67D6434769CC6F7A7883CA, B2368BD72952C6EE6DAF1AA006DF575A3019E4721BEFB108D3DF1B9E07B2BC5D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:25:18.0642 0x20a8 MSKSSRV - ok
19:25:18.0689 0x20a8 [ FB3801F176376286A3F8F20FFB8CDC53, EEF89081665B9BBA93AE9F5912C40C1698E8BA8DBBCCC3BBE0BAB5A86B7E05D4 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
19:25:18.0736 0x20a8 MsLldp - ok
19:25:18.0767 0x20a8 [ 85EBF0A28B8B132B67C84C6CE5EBAC29, D0012CF4822A3D16F7BF61C94C5650DC1ED310A0DD1A3333465D28C73D40ECDB ] MSMQ C:\WINDOWS\system32\mqsvc.exe
19:25:18.0814 0x20a8 MSMQ - ok
19:25:18.0829 0x20a8 [ 8CBDF0E7A6CD824352F37A682A33DF7E, 4567FF4C73648FF26EA68EAE2B524B767099789086C158875C97768C77B81359 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:25:18.0861 0x20a8 MSPCLOCK - ok
19:25:18.0892 0x20a8 [ 33E5B6261D69ACD4948A5C64B9D8F29F, 1D32340640312372E52E59AFB5DB872E6F9DFE3AC16B56F9D928AE230DA02B8A ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:25:18.0939 0x20a8 MSPQM - ok
19:25:18.0986 0x20a8 [ 557DF8C0DBBBF518AC395C6EB1B179AE, B294B5A7882C0C60D91FB853FC87505B6E7638D25E360FDAE002AEBB714ED471 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
19:25:19.0017 0x20a8 MsRPC - ok
19:25:19.0048 0x20a8 [ 0A29AFA668F5DD50482A98ECE70C77A7, 4C1F23B062361D97B1C8D864AB227E5F398F774A99B5E60A1149A4F78D5BEC20 ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
19:25:19.0079 0x20a8 mssmbios - ok
19:25:19.0095 0x20a8 [ 30CE30877FD5BFADE74FA27D7829BF89, B5EA1F8C91E75722DB1E3E2172C8607FEDBF35BDC4141258A3E6D29D8B0E193B ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:25:19.0142 0x20a8 MSTEE - ok
19:25:19.0173 0x20a8 [ 13D88C0B8A2FA001CD72D454955A6974, 19DD5C8BBD07B64F355737436BF702FFC209D84A8855D2224D3377E233D4BB34 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
19:25:19.0220 0x20a8 MTConfig - ok
19:25:19.0236 0x20a8 [ 00C7F0F06A0A48B9CDB6B3AC3BE288F0, BF469A2DDF495ACB9FEE9063C6680C95BCC8686682C9EDAE6D1893D4058E8AA6 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
19:25:19.0267 0x20a8 Mup - ok
19:25:19.0298 0x20a8 [ 8E237527CA260C71D39ED4081BDF3419, CA52DD174C756A404B1FAD3F2A70E50085C2820BF12369259F61DA649101A179 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
19:25:19.0329 0x20a8 mvumis - ok
19:25:19.0392 0x20a8 [ 48D0587A8302FD3302CFE6F59F7345B0, 26D48AF3F7FF4867E179347CD635055DEA9A751C6C61CE2C391A7F74FC0DC1DE ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:25:19.0533 0x20a8 NativeWifiP - ok
19:25:19.0580 0x20a8 [ 11BE8117653C542D264788A700AC5BFE, 87EAAC2DF62BB26619DA72950F5EE41DCA1DBDF93F098647F9D200D588F14003 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
19:25:19.0658 0x20a8 NcaSvc - ok
19:25:19.0689 0x20a8 [ 286C6276B2BA86F29A0F687D05466277, AC8551536F37717A0ACE4A260F5696D1276F7AC62F669E8F12AA158DD86F71A5 ] NcbService C:\WINDOWS\System32\ncbservice.dll
19:25:19.0798 0x20a8 NcbService - ok
19:25:19.0814 0x20a8 [ C55DA734ED2A831E0BACAAFA01CEB7FF, 9D989B03D07BBAD287B317D238691664B0694331D6A69B7A1AA3D8AB7D1323FC ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
19:25:19.0923 0x20a8 NcdAutoSetup - ok
19:25:19.0970 0x20a8 [ CF8296427834CF8BBB3EE1444C17362D, 6EFBE1F015DFFA0704C66DF5C88089DD5771E1542018E4AE98389CFF3D0B2309 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
19:25:20.0001 0x20a8 ndfltr - ok
19:25:20.0080 0x20a8 [ 616F40B897DA651221F86A1741E9609B, 22D66029726313D92FC8E074BCC51C1E1560CB5FE36DCB735E7E063EA53E299A ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
19:25:20.0158 0x20a8 NDIS - ok
19:25:20.0205 0x20a8 [ A0719D1EBA971DFC5DF5F7CC010385F8, A982487D3A74E66F3C29AAA5B46CE9A0969F07F267DDEFE58C58573573AB0024 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
19:25:20.0267 0x20a8 NdisCap - ok
19:25:20.0298 0x20a8 [ 0C557932CCCC65AEB37326DD36504527, C0AF3066DEE4BCC32DB30CCC16B7A91442A8383BB36C7C4E3CC0A5EFE0FAAA9B ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
19:25:20.0361 0x20a8 NdisImPlatform - ok
19:25:20.0408 0x20a8 [ 56F9345D1945826135FBAB7589592B1F, 6BC2A5900076B917823C7392C582A2648D0C8000F2F65D309D5B48E36D4FB4D6 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:25:20.0455 0x20a8 NdisTapi - ok
19:25:20.0486 0x20a8 [ AADFC340939D99E5D756E713E1D452EB, EFEFDBB2188DE82C2C5E67929861B269FD4C127D34D1DE6D0596ABC33E2C2B51 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
19:25:20.0548 0x20a8 Ndisuio - ok
19:25:20.0564 0x20a8 [ 312DFD787D99D3BF1427B0388BC04F71, C082CA1F332AD57FF2100748518D3D7B3D0F1B042F69BD7401C44B77AFE97462 ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:25:20.0626 0x20a8 NdisVirtualBus - ok
19:25:20.0673 0x20a8 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
19:25:20.0736 0x20a8 NdisWan - ok
19:25:20.0751 0x20a8 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:25:20.0798 0x20a8 ndiswanlegacy - ok
19:25:20.0830 0x20a8 [ 6E98F16983C4AE8703FF9F90AB4B31DD, BB8BD5DB4B5FB31F3A257747C27CBEFA4B7837EC5C0CF3D4F408E626E4003F4C ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
19:25:20.0861 0x20a8 ndproxy - ok
19:25:20.0892 0x20a8 [ F1B7CC77F412C8D45B2DDCF76EDA4F9D, 25F2AA76E675D9BCC0B1FD47AFEC6DF2D0B47E7B1C8AF6FB27C1ED2FB902961A ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
19:25:20.0970 0x20a8 Ndu - ok
19:25:21.0001 0x20a8 [ 824FDC990A3F79069BE468A132EB6888, D09F7A9EC04E37DA504CE54EEC25C312B407B6A8B214CBB074BEB50DE420F52A ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
19:25:21.0033 0x20a8 NetBIOS - ok
19:25:21.0064 0x20a8 [ F0D791348AD254360CC3C3E501CCB745, E4CAB4D3C2CD3169731283B00DEBFE26438BB66A3F0D78BDB68E876A14FC7070 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:25:21.0142 0x20a8 NetBT - ok
19:25:21.0173 0x20a8 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:25:21.0189 0x20a8 Netlogon - ok
19:25:21.0251 0x20a8 [ 7C8A7380CBE45DFD3DF118D8601499A7, C137280B7696F8CF4258BDC8B241C66BB3AA5708C5410D85255E46C7E8284826 ] Netman C:\WINDOWS\System32\netman.dll
19:25:21.0314 0x20a8 Netman - ok
19:25:21.0361 0x20a8 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:25:21.0439 0x20a8 NetMsmqActivator - ok
19:25:21.0455 0x20a8 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:25:21.0486 0x20a8 NetPipeActivator - ok
19:25:21.0548 0x20a8 [ BBE9D72EFC7BD66B28309C3607683DBA, FC372EFBC650CE0BDB117858D840A1FB361947B1C67D1DD16BABA95D0286856A ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
19:25:21.0626 0x20a8 netprofm - ok
19:25:21.0689 0x20a8 [ 5D046D71B18BEFB2E4D164C3DEEDD672, 536834D020889973854830919B23DF22CC1B27236AFAEDEBDF42D432CE48FCDE ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
19:25:21.0840 0x20a8 NetSetupSvc - ok
19:25:21.0871 0x20a8 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:25:21.0887 0x20a8 NetTcpActivator - ok
19:25:21.0902 0x20a8 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:25:21.0933 0x20a8 NetTcpPortSharing - ok
19:25:21.0980 0x20a8 [ 46E862DA2CF8F351375EF537276B69B5, AC0FE0977E56380849DCE668AC0F5AF183AAB115ED84ADD964E390CC0BEDF6D3 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
19:25:22.0012 0x20a8 netvsc - ok
19:25:22.0090 0x20a8 [ 88CE4AC85F36B6347C1D820FA373B998, E10B5DF8883928A2062FC6180DE4CF0DE33C68622C2E3E4E1AFC56A0682F8E75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
19:25:22.0152 0x20a8 NgcCtnrSvc - ok
19:25:22.0183 0x20a8 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] NgcSvc C:\WINDOWS\system32\lsass.exe
19:25:22.0215 0x20a8 NgcSvc - ok
19:25:22.0277 0x20a8 [ EA1C2DAB8A63712B94897A58557B086C, 98DD7E5C84F3CDF2DAA89484892D6B439F5D14297B5243436925BEEAA0C02EE1 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
19:25:22.0387 0x20a8 NlaSvc - ok
19:25:22.0418 0x20a8 [ 41557BE174E9EC6AC703A8A4ADBC6650, 8CF6DF3FDC3C7C44B32851538A67BF86A54AB6444A424D7A20B7A9A94B4158D8 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:25:22.0465 0x20a8 Npfs - ok
19:25:22.0496 0x20a8 [ AC3F70FCFBCE97AA2F12BA43EE13B86E, D0AC50FB022C0F3031531CEE210D47FC3244C6FB55FAAD4AAB04081F0A21DAE4 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
19:25:22.0594 0x20a8 npsvctrig - ok
19:25:22.0628 0x20a8 [ 0AF4872D3D6FD3A030E836DAC2B3EF2D, 03EE7B6FAFC0BB5C26793BC5FF8BD1019AC96B3104688009C1E062C3F4F34D6D ] nsi C:\WINDOWS\system32\nsisvc.dll
19:25:22.0660 0x20a8 nsi - ok
19:25:22.0691 0x20a8 [ 66A98C407085B8920DF1E6D722F1ADB8, 3FE307E4A9E41B08E0453507E50D6D0C67FA6F4245A863D90181463C749C83B5 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
19:25:22.0722 0x20a8 nsiproxy - ok
19:25:22.0863 0x20a8 [ 466EC5659C02ED53DBD47DC1BC2B8086, 1F35DE75386F7D029C01D67B09D5E5157141C6892858885C11972CE73D6078AC ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
19:25:22.0972 0x20a8 NTFS - ok
19:25:23.0019 0x20a8 [ 383E546EF4982262A0EF6CC2B6E9D525, 3C6C90B62E8EB094E6928C388E5081A3F73DF87B0F34F716B72EA7B6EF71FBB7 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:25:23.0050 0x20a8 Null - ok
19:25:23.0066 0x20a8 [ 466F875F1D4C6ABB46AF28007009237C, 26F5A5579737A7CF2267F79DDE5A551149C682D5FD24663B53FCEC5AA6B448CE ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
19:25:23.0097 0x20a8 nvraid - ok
19:25:23.0128 0x20a8 [ 76F19EAE7A52CBAF7B8EC428BE6E0DA0, CF1E55D92FA32744A20AB75D466A3E05E6FACF4694F9265C41F5C27C1E7243DC ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
19:25:23.0160 0x20a8 nvstor - ok
19:25:23.0191 0x20a8 [ 0D0CB77D74B38E0EC62341C19E469D8D, A05D3CC67FEEB2FD219BFAA34BF98CB3F3718042124AF28F0E9FDFB9F132DD76 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
19:25:23.0222 0x20a8 nv_agp - ok
19:25:23.0285 0x20a8 [ EA3FFE8617B9FCA1620AD9876E92F4F1, 68D5143CA71D10A2BB44E29B3C76580596669D0624076BCF6CCBA7AF3140538E ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
19:25:23.0347 0x20a8 OneSyncSvc - ok
19:25:23.0488 0x20a8 [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:25:23.0519 0x20a8 ose64 - ok
19:25:23.0566 0x20a8 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
19:25:23.0660 0x20a8 p2pimsvc - ok
19:25:23.0722 0x20a8 [ 3612CE3432E0A2BE0081E6B488ACF84C, F1A641735FD374CA293FB98FADA2C41E2033B17FECCA3B6D225D0E591AFFF413 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
19:25:23.0769 0x20a8 p2psvc - ok
19:25:23.0816 0x20a8 [ 38F1AE32339731F6E5A7281AE8042545, 308954518C45D29FC199525F0CC7FE4EA805322EC0B871DDDCBEEC15355514C8 ] Parport C:\WINDOWS\System32\drivers\parport.sys
19:25:23.0863 0x20a8 Parport - ok
19:25:23.0910 0x20a8 [ 707889D2F95AAE8C9DD254D8767AD908, BE7BD94728D7629F8B7567523FFB42B8979941CEA2EA03E11BFCD51CF119FC27 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
19:25:23.0941 0x20a8 partmgr - ok
19:25:23.0988 0x20a8 [ A09B0D8F9F0FC17EBCE6481AC9FD5CDF, 8E8D68992D98CF3DBC4B70C7902B3EC28A1E2DA8D4DB38F0AD9D52B1A5A1D40F ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
19:25:24.0035 0x20a8 PcaSvc - ok
19:25:24.0097 0x20a8 [ 2834089EA4E550FF3B96E61FB4AA34ED, D25DAB47F9778675E984E0738D2014024C2758D52D7E071167A12FF466B7898E ] pci C:\WINDOWS\system32\drivers\pci.sys
19:25:24.0144 0x20a8 pci - ok
19:25:24.0175 0x20a8 [ 3D587E4295B11B8480F7ACB09A89D718, 8C3BD62B3451E1B2E7197EDAE381785406DF86C03BEEC486602C642FDD37DBC1 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
19:25:24.0207 0x20a8 pciide - ok
19:25:24.0238 0x20a8 [ B8F07002B5F1DA23CFF979C2806B09F3, AD5C589A02BB8185AA070420BF30E78BC8BE3C6F9B0F66319A8CA05B70A5ED32 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
19:25:24.0269 0x20a8 pcmcia - ok
19:25:24.0285 0x20a8 [ FF588077D0C6AC2EA3FCBF1903CE08D0, 64BE1646FB6D8CC902B6F386255F7C0420E3C334E14DECD527DD541B43A1DCD6 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
19:25:24.0316 0x20a8 pcw - ok
19:25:24.0363 0x20a8 [ 70469C8AC4AD367295E70CFDD81B754C, 3EC6FD742C7C60363939E5343477810D751D91D32A2F24285976C08A7C4477AB ] pdc C:\WINDOWS\system32\drivers\pdc.sys
19:25:24.0394 0x20a8 pdc - ok
19:25:24.0457 0x20a8 [ 688F47C342E1BBC87A48AB71D316233E, CE99AB67C7E7A11AC69C2F4513AEBDACA385BA7F8CC49BE6313CE04ED404A0E7 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
19:25:24.0535 0x20a8 PEAUTH - ok
19:25:24.0566 0x20a8 [ 189265498945593D5256CFF7FEBB9665, 9CB88CC3C726BFE6EDCE8D9E4544306AACD3FB9E969E3A438D9FD533F25C1281 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
19:25:24.0582 0x20a8 percsas2i - ok
19:25:24.0628 0x20a8 [ 9B86965114F6831A5130EFE6657B17D9, 4C5B657DB9A9F96BFD3EAFA756ED60D911EB58857C439F5FA6E495A473ED1145 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
19:25:24.0660 0x20a8 percsas3i - ok
19:25:24.0753 0x20a8 [ 8A5A52C855FB5BFEF019AE9938AEA8AE, 77CB8A09B209DB5895319BA9D073A67148926E22C47836343050DFC178AFAEEE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
19:25:24.0832 0x20a8 PerfHost - ok
19:25:24.0910 0x20a8 [ C1E6FBEBD285CABA0985533A56144F5F, A5619DE1E8E8DD05FAFAEC9B808F1C816393BFD2D85B4779483AD3942A388220 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
19:25:25.0020 0x20a8 PimIndexMaintenanceSvc - ok
19:25:25.0162 0x20a8 [ 82FDEC2A262728F62F2111A84CC04B16, A1FCE38D4F55F10BB9B3BFB7D9E3EF7C27D499D9C8882218C8A9A73487798188 ] pla C:\WINDOWS\system32\pla.dll
19:25:25.0294 0x20a8 pla - ok
19:25:25.0337 0x20a8 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
19:25:25.0384 0x20a8 PlugPlay - ok
19:25:25.0399 0x20a8 [ F1E9C35A8DFD4D64382CFB9019A950F9, 24E0381C6909F9876D6DC4697DC6405FE18DF91531891B2CCA6DB0191B9C6DF4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
19:25:25.0462 0x20a8 PNRPAutoReg - ok
19:25:25.0493 0x20a8 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
19:25:25.0540 0x20a8 PNRPsvc - ok
19:25:25.0602 0x20a8 [ 62C0BD179961132EF2C5B952210C11F5, 2473FBB3619D0DDA229D4BEC30CEFE7497C27ED3844A5B7655F6F2D328FEAF61 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
19:25:25.0681 0x20a8 PolicyAgent - ok
19:25:25.0728 0x20a8 [ 6390391EDFC43DD11CE9E6AADCAC20EA, C8BC222FFBB9E47489D16BB5248E0E2E594011C46CFF71F5DBCC4D5CC6788098 ] Power C:\WINDOWS\system32\umpo.dll
19:25:25.0774 0x20a8 Power - ok
19:25:25.0821 0x20a8 [ 1433EB7908E5E1E20FFD50E4126C3484, 34D81680C8F2F2C5892FC0E0A6DFCBB241AFF493267A1FE182ED28AE9F712456 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
19:25:25.0884 0x20a8 PptpMiniport - ok
19:25:26.0087 0x20a8 [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:25:26.0353 0x20a8 PrintNotify - ok
19:25:26.0399 0x20a8 [ 22DE54C3974E4FD98F61D095C22C59B7, 64E78D6DEC4A28ABB0A23F2CF078459D81796EC79235AE45976ABB4F72B1D1E6 ] Processor C:\WINDOWS\System32\drivers\processr.sys
19:25:26.0446 0x20a8 Processor - ok
19:25:26.0493 0x20a8 [ 27D0B024BB356C6BEB1214B61E47DE02, 8CBDD62E243CC652F2197AE83DEDD21D91D2792558A6D7D1CC680B37607DEF4B ] ProfSvc C:\WINDOWS\system32\profsvc.dll
19:25:26.0540 0x20a8 ProfSvc - ok
19:25:26.0571 0x20a8 [ EDD52C352CBAAAD13FD7BD5DCEA309B3, EC7D294B23FD5C309E5C4C455896937B85DC615E1B36C9F8F3BDC90E75EBF9CF ] Psched C:\WINDOWS\system32\drivers\pacer.sys
19:25:26.0603 0x20a8 Psched - ok
19:25:26.0649 0x20a8 [ DD3FF2053356D11C785999BBC633F3E0, E9A5B7C657F4523E5DEF7AEE7ECFCC94E911FC65F1D491BEF01239F357B8D8E0 ] QWAVE C:\WINDOWS\system32\qwave.dll
19:25:26.0743 0x20a8 QWAVE - ok
19:25:26.0790 0x20a8 [ 51590F442C6E5D43244BA30DDB0CE79D, 9C7FD0A19753C13FD4A27EBFD60703A2414D5A2F6F451F0B32769C8D7C953980 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
19:25:26.0821 0x20a8 QWAVEdrv - ok
19:25:26.0868 0x20a8 [ E951E70019865B06126AF850BCCA2026, C590DE38C7603149AFA0271D57EEBAF956F18F50584FCF04BC2C8D8CEC5C5932 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:25:26.0915 0x20a8 RasAcd - ok
19:25:26.0962 0x20a8 [ 0BF8607133AE264BC3C41A5BAA5FFB7B, 9A4F6AC6013AB5C2A99BCFC2CCF161DD225DE8D85D61579655ADBF04A4383A61 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
19:25:27.0024 0x20a8 RasAgileVpn - ok
19:25:27.0071 0x20a8 [ FE0976379F9E7DB6F7945FCEB88C7E29, BA331CE55C02E86478714DA87FAC547B50D53BC7D02BCA5A64D484DED44BFAA5 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:25:27.0118 0x20a8 RasAuto - ok
19:25:27.0149 0x20a8 [ CA60F6C03611AF1710BC903ED9F566FB, B5C9E8BAC631738761E11168AB68EB1ECC5EC96BF9A8248B9127DCF744CA4691 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
19:25:27.0212 0x20a8 Rasl2tp - ok
19:25:27.0259 0x20a8 [ 586A17C10D417D889F1FF7D8636E2F34, EEDA4EE8D2BC5C8C7756AB79F1F19AF8B1C4057996748FAE4E3F37844DB0EB33 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:25:27.0337 0x20a8 RasMan - ok
19:25:27.0368 0x20a8 [ E5FA41160F5A3D78D8F7765E5C5F6BB0, 31BA423FFFC3206717DC34B482149421EE28B27A4A3BA2DC78C3B3A9EE0C1365 ] RasPppoe C:\WINDOWS\System32\drivers\raspppoe.sys
19:25:27.0415 0x20a8 RasPppoe - ok
19:25:27.0462 0x20a8 [ DF0834AE921E633E05D1FDC55C318957, 851A00961224DACBEF9DA427122F6B4B73BB99849D5ECB55DBBD311B2EA84C33 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
19:25:27.0524 0x20a8 RasSstp - ok
19:25:27.0571 0x20a8 [ FC9B7AC6E2B837EF7CD6C64F7068D41D, 9B0DD842033E82BC7EE80416A62B084BF5200923EB7A6C80415BB28004E9B5E3 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:25:27.0634 0x20a8 rdbss - ok
19:25:27.0665 0x20a8 [ FB7375657F8A5932C35EAA45E9B4B416, 99594708BFD6DC9F8CECBF092058D4D0D4F1BC3204E86F9FDAD5207ED5ECF194 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
19:25:27.0759 0x20a8 rdpbus - ok
19:25:27.0806 0x20a8 [ A32AED8C644734B283A7C9D08D76064D, A12F67C57E43B6A2FE6449EA3822B1108FE70C66AF9911798777F85D760E384C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
19:25:27.0884 0x20a8 RDPDR - ok
19:25:27.0946 0x20a8 [ 37CC7E41243EFBB4FBC0510E5CA32A02, 634E2F81D61F937F30E5ECE01FB581E090C6DA073EF7B1A3F6083ECAF363CB46 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:25:27.0978 0x20a8 RdpVideoMiniport - ok
19:25:28.0040 0x20a8 [ DAF957B25A35757E9D814611FAE8FE3B, 5244A427B2DEB5349B9F336A4A39A6834A6E8118A8EDA00738C6CE09F2452C24 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
19:25:28.0087 0x20a8 rdyboost - ok
19:25:28.0228 0x20a8 [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
19:25:28.0290 0x20a8 ReFSv1 - ok
19:25:28.0384 0x20a8 [ BABEE4A896D005BD0D205F1C932DA25E, 269FDF65BE3A226FA2A5CA25085366E32ADAD30A020484FE844962E8C61CB1D2 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:25:28.0446 0x20a8 RemoteAccess - ok
19:25:28.0509 0x20a8 [ 066062967A77867BDCF665960EFDAD32, 68143DBDFA7C68786C22F5CC4E80200255C663A844069C080E7816F423ABB1F4 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:25:28.0587 0x20a8 RemoteRegistry - ok
19:25:28.0978 0x20a8 [ 891C83BE8BA62B7547B9A6576A360C71, B808FE4B5A93B8C971C2AF6CC7F0BAE7154A43A87D6CE0826277D1D7D7948E24 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
19:25:29.0196 0x20a8 RetailDemo - ok
19:25:29.0259 0x20a8 [ 6451FE42C35FDE3862D99579444F4A8F, BD56A1120AACF6143E6EB739E12BEE86DF142F1159865608BDF1BBE54B66AFCE ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
19:25:29.0337 0x20a8 RpcEptMapper - ok
19:25:29.0384 0x20a8 [ F24131EAD1D0B73463052BB042A37B6C, 43B5772310B200DF1914C8E4D10401A0BCE9082BDEAC34736AFB2920B39D7956 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:25:29.0431 0x20a8 RpcLocator - ok
19:25:29.0556 0x20a8 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:25:29.0634 0x20a8 RpcSs - ok
19:25:29.0665 0x20a8 [ DC66C1D262D64E30A30B68E9F21AC74B, A5ED3D31BCD68DBC00A956787517ACA167C86F5FFDAF7C9A85505FA2B705C6CB ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
19:25:29.0712 0x20a8 rspndr - ok
19:25:29.0743 0x20a8 [ 88F7703F2A4677C828124AE2110D3EBC, 529F6A5815806F2EA2235802BD28AF8D7A40E7799356BD3EC337C9E71B6B53E6 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
19:25:29.0790 0x20a8 s3cap - ok
19:25:29.0821 0x20a8 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] SamSs C:\WINDOWS\system32\lsass.exe
19:25:29.0853 0x20a8 SamSs - ok
19:25:29.0900 0x20a8 [ B467E932FE4E16E201DC7E56870CB559, 6FCE9A2DFC5D222BBEA4AA271A17B830FCF8EAE44B07BEE5FF34AE50CABCBB6A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
19:25:29.0931 0x20a8 sbp2port - ok
19:25:29.0993 0x20a8 [ 3E115C63649402D321D396F8D606C9B0, F4BA7FE0E89D563A57B6865E4CF1334998987D11A0D70FF7491726A507B40DF4 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
19:25:30.0056 0x20a8 SCardSvr - ok
19:25:30.0087 0x20a8 [ 67EFFD3D1BB6D2B67DF7F8FDCB1A51FC, DE41539FAC730F5CFF6C8754ECFF1253AFDC1C86743AE71B61D716B7A84E85FD ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
19:25:30.0165 0x20a8 ScDeviceEnum - ok
19:25:30.0212 0x20a8 [ 31DDA0716EC265CA57DAF9D2295FD76F, E6F39C1B3CF81918277DB8C6E3DF9A82812E1C9063DEB1FB85FE433DC9A16CBA ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:25:30.0259 0x20a8 scfilter - ok
19:25:30.0337 0x20a8 [ 1BFAC03B6422E878EFCDA934BF4C4823, 0BA537A4B9E8020E6B709A44F1382DB3B41CEF631B847201F812152FEB303CD3 ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:25:30.0478 0x20a8 Schedule - ok
19:25:30.0525 0x20a8 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
19:25:30.0556 0x17e8 Object required for P2P: [ 7614E6E6B53E8FE6E6B8A6D6D3CC2018 ] Audiosrv
19:25:30.0587 0x20a8 SCPolicySvc - ok
19:25:30.0650 0x20a8 [ 004C66464D8FE76D5DA78BE6777D61AF, 58B5C436798EEBBE7081D54B55B70DEB15331856802CD45E3FF8BDE794F06A27 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
19:25:30.0681 0x20a8 sdbus - ok
19:25:30.0728 0x20a8 [ A906C527B838A4922611C63EBD250F91, 6BB0054A9C2408138BDF49D834FF99B5B9764E7747ABC15016F54FBA1D28394F ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
19:25:30.0837 0x20a8 SDRSVC - ok
19:25:30.0884 0x20a8 [ F4BF50A7D16A97A887BFA0F193693C42, EEBF5AAC149C72F490BAC954B25BB6882B10FC38F93CA4F4829A06702B1ECEF9 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
19:25:30.0950 0x20a8 sdstor - ok
19:25:30.0994 0x20a8 [ 648A299839E8F48A946C41DE270D28F5, EEC9A5FCBE3FF78FB5E0452FF1932A8B0C7399688041E22555703CB1977A4428 ] seclogon C:\WINDOWS\system32\seclogon.dll
19:25:31.0062 0x20a8 seclogon - ok
19:25:31.0093 0x20a8 [ 29452A9DA3E3482F0C2963312F979053, E1782D36C336C4B4C261AD665C1E9051905AA86020E08FC94069972AF4C4DB4B ] SENS C:\WINDOWS\System32\sens.dll
19:25:31.0155 0x20a8 SENS - ok
19:25:31.0234 0x20a8 [ 919BA7E3054E4F1D61A3524ADCE6A970, 3C382673DF5AF2F38A5AE4A268F5856B0CC9E65D52213DE6D2C06E252753B73C ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
19:25:31.0457 0x20a8 SensorDataService - ok
19:25:31.0521 0x20a8 [ 01C2EEA7870FE26A4A6CCBA5421CC7E5, 9E643AB6BCBECE4F2A5FD4C96547A4E3F2BDFEFC5FE24B802467718EC69929F8 ] SensorService C:\WINDOWS\system32\SensorService.dll
19:25:31.0677 0x20a8 SensorService - ok
19:25:31.0724 0x20a8 [ D2FEE824B4AA0BE377F1353E5F915BF4, 00D754C62F3482BBD0EA72C896139C39D15192B2D9FCC7B755D1FB9DF9FCFD9B ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
19:25:31.0818 0x20a8 SensrSvc - ok
19:25:31.0864 0x20a8 [ 9DB0BBE3ABE1F49651AE51EC5BCABE58, 0B46C1F231F41766AB73EE7E9834D3CDACA602D12E702D9277E28B47417D9CA4 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
19:25:31.0896 0x20a8 SerCx - ok
19:25:31.0927 0x20a8 [ C4AF79C37334D995D95C22C14FDBF7FD, 4D4985921261909F2123467A22EDB102B490710F60AB935624435E5BB808A0E9 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
19:25:31.0958 0x20a8 SerCx2 - ok
19:25:31.0989 0x20a8 [ FC541A272F47BE03E67A9FCB87FA8C3E, 730A3616FD67E9F2832442144B2655A8EF78B9AFCB204113E73E257256491354 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
19:25:32.0021 0x20a8 Serenum - ok
19:25:32.0052 0x20a8 [ 2A5F5F95FCA123DCBF53B5F603B64789, DE5C9E1D88B2C180B137DA7839F3EF6C936A171ABA49F89C10EE9C73A2226F3F ] Serial C:\WINDOWS\System32\drivers\serial.sys
19:25:32.0083 0x20a8 Serial - ok
19:25:32.0114 0x20a8 [ C8738887228B7BFA3B1A906816A8BB12, 328283569201791891D5E9FB3028DB5B9FD93A7BEFC00C7DEBC2CC5731DE64D5 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
19:25:32.0161 0x20a8 sermouse - ok
19:25:32.0255 0x20a8 [ B1CB58853153397DFFA2D13A81451D09, CC9B3B064711E9B5CB38DC1C84DC410033939848BD31BB0D12F990E8154F357E ] SessionEnv C:\WINDOWS\system32\sessenv.dll
19:25:32.0302 0x20a8 SessionEnv - ok
19:25:32.0364 0x20a8 [ 67832B68752CDF7FDE56949E4A2E70BF, A72320EA8575A751DF86A1EE7969AD9D548D6185F2520197262E11B79FF8222B ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
19:25:32.0396 0x20a8 sfloppy - ok
19:25:32.0474 0x20a8 [ F10E5536E1C753E01CF19FA4F466CE90, C9897F22B176D84CA233F864078895E3DAD4DAD090FACBB01BD6E59EE337B47C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:25:32.0536 0x20a8 SharedAccess - ok
19:25:32.0583 0x20a8 [ 4AC12D495B3CB4275F74C68A7A017561, DC53EBD606ECCD8BCF6D618C0EB58B03F5C20F09E0F0AEDE9B8082D6B208B19A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:25:32.0661 0x20a8 ShellHWDetection - ok
19:25:32.0704 0x20a8 [ ED058030296CF9B79C8D48BF43724323, 01DC7C2590DF48116CD1A126F207FE5DE439A53286BAE3736E22EE3D1CA80BE3 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:25:32.0740 0x20a8 SiSRaid2 - ok
19:25:32.0792 0x20a8 [ 633D3D1581E9DCCD5A2D8F039104C9A5, C44B5097016C2AEC8B41F77425FE44413562F9DCF0C0C11CA69D8178970B4706 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
19:25:32.0817 0x20a8 SiSRaid4 - ok
19:25:32.0910 0x20a8 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:25:32.0934 0x20a8 SkypeUpdate - ok
19:25:32.0981 0x20a8 [ 35B8FC714C2E7F07F7DC7C64452153F8, 6D45EB01B5F972ED0E5520E771F007FFEE892054FABDB3DD00D3E9915D3A0A31 ] smphost C:\WINDOWS\System32\smphost.dll
19:25:33.0044 0x20a8 smphost - ok
19:25:33.0122 0x20a8 [ DE3A5C27EC842A113F68A2705FF63B00, B134EF63708A892B673B539F544F7980FF72838D822E8E4CCDDB359B22CB8805 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
19:25:33.0184 0x17e8 Object send P2P result: true
__________________ an alle hilfreichen Antworten!Systeminfos: Windows 10 Home 64-bit (von Windows 7 geupgraded) Antivirenprogramm: Avast (Premier) Antimalwareprogramm: MBAM (Premium) |
|
07.10.2015, 18:29
| #6 |
| | Wo CPU-Auslastung permanent über 55%, auch wenn ich nichts tue Lösung! Und das wars jetzt aber mit Nummer 2  Code:
ATTFilter 19:25:33.0231 0x20a8 SmsRouter - ok
19:25:33.0309 0x20a8 [ CD1056818A6FCEF4D32BD1D6E34070D5, F5BFB61ACB220A73B0DC4487B049F52E9F9FA2D4188C001E7A5838D47CEA6343 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
19:25:33.0372 0x20a8 SNMPTRAP - ok
19:25:33.0419 0x20a8 [ 187B4AD4446C59F8FCC4A10F473EE3D1, 0AAD961B3D7B3484DC89CB86F3EC96CEBFABB7224A5BFB48083DE8F1805EA7B4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
19:25:33.0466 0x20a8 spaceport - ok
19:25:33.0497 0x20a8 [ 2799FCA215919FDC9A87C5FCAB530828, BDE968BF26693AA4D70AB669896BCA49C6F533EA226386B35B0EA589A55227B5 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
19:25:33.0528 0x20a8 SpbCx - ok
19:25:33.0591 0x20a8 [ 58C17D92AD61EC7A98B05F4FAD0D205A, B881134A1BD9194145A9D18BDB34D57E2C167F06C2A9368459D0C33E6E0D6501 ] Spooler C:\WINDOWS\System32\spoolsv.exe
19:25:33.0669 0x20a8 Spooler - ok
19:25:33.0976 0x20a8 [ 5C31E109943E67CFC801810C00AB63EE, 9A80D7CDA1135EBCE10E753986A59CFA3D8D49F9B0BE38FDF99880B1DD88C41D ] sppsvc C:\WINDOWS\system32\sppsvc.exe
19:25:34.0398 0x20a8 sppsvc - ok
19:25:34.0466 0x20a8 [ AA1F23501511EFE9CF9771F6B20E8D45, E786852D9877CCFD35444F8FC694467132F868D87A8C344FD1016FFDE74695A5 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:25:34.0542 0x20a8 srv - ok
19:25:34.0618 0x20a8 [ F5B169EDF9D5E3C7200D89D30E065D13, 12BAF3A3CB76F0900FA53681C9AD16F40308F493BA22C0F60E1E268D0D6AF825 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
19:25:34.0758 0x20a8 srv2 - ok
19:25:34.0786 0x20a8 [ 2E142E027F0AA698BA4DCE49CBDB43CD, A21027BBBC75A55A8B302D028113A0683016E4C72790A8C561DDB1AE7FDB4289 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:25:34.0834 0x20a8 srvnet - ok
19:25:34.0882 0x20a8 [ BF71B3FB5B7557CB740CDB09C5FB50D9, D6F9E65FDC9C4ADAFE82D94F71A1F5960DB3BEEBF4FE5B2D087515C4FAA5F287 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:25:34.0950 0x20a8 SSDPSRV - ok
19:25:34.0994 0x20a8 [ EF1BC04215C201ADA3F7F5A2F034EA21, E1A7A0FA2032B9E7D3951100E74C04D93CD848C88D23D57FBA0BFA2816B29C61 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
19:25:35.0046 0x20a8 SstpSvc - ok
19:25:35.0185 0x20a8 [ C26E2C89EFB4BB39CD135B5DED804B78, 99288C6023DC6AC6554521EA671AB387ACE2AE2BCDE145C7012202842FF40841 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
19:25:35.0395 0x20a8 StateRepository - ok
19:25:35.0481 0x20a8 [ 7AE700179C4839F657D245319E234A06, 6EAEFE4A8CAF1A70F1BAD4DD457C6AEC080839542D4E5582376489800BE52E89 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:25:35.0533 0x20a8 Steam Client Service - ok
19:25:35.0565 0x20a8 [ DDE064A4298FD1FBF804D3ED691E7EDB, B0D117B1FC0DA2CB76F5F63699E2F108930B6C6721AC443111D48215ED624278 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
19:25:35.0593 0x20a8 stexstor - ok
19:25:35.0647 0x20a8 [ 60F04DF1AB55D6D4BDA02052DD20537E, 52996EDF2C06968DADC9BDF24E4039929B81643493C7193B8CC4A6BD1A3AE761 ] stisvc C:\WINDOWS\System32\wiaservc.dll
19:25:35.0741 0x20a8 stisvc - ok
19:25:35.0794 0x20a8 [ 32C95F44108C3E7DB58F773346E3C9D0, F852D8ECA06080EA6DE1A90509071965A750D9CFC9627F0D4DB8ECC57133B0B5 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
19:25:35.0826 0x20a8 storahci - ok
19:25:35.0854 0x20a8 [ 8883C8CE4942A99B84E1CC6EFA19738E, 60C1CDA4382F8EE70D810DBB1BCAF5F389433563FF23EEB84859612F396D8CE6 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
19:25:35.0878 0x20a8 storflt - ok
19:25:35.0933 0x20a8 [ AE7B7E1E95BFB9340B1956C98CA52C81, 3E0214A0C486C1CD05D9BC57E58A998A3CEADDC1D24AE2A75098F56B37069160 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
19:25:35.0961 0x20a8 stornvme - ok
19:25:35.0989 0x20a8 [ 63513EF3121689B3A59BD217618A2E42, DE9B89732801DEC60BD116D58CFB427F7E37F093BE8A9F6E0CAC729B5346B314 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
19:25:36.0095 0x20a8 storqosflt - ok
19:25:36.0155 0x20a8 [ CC96FF061C772340F2ED89ABBA567ADC, 028CD44405B7FAFC7BF331DD729E44E0594A63386F48CF39D7725A58B3DE22D6 ] StorSvc C:\WINDOWS\system32\storsvc.dll
19:25:36.0276 0x20a8 StorSvc - ok
19:25:36.0316 0x20a8 [ 000F5CFCEF0F06DC8FD1D2F568E48AE4, C1FE485E57A1B912CE79556E0EFF03CC11362E7966D250E3AA4962DCCB8F8EE6 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
19:25:36.0344 0x20a8 storufs - ok
19:25:36.0372 0x20a8 [ 7415087F9006D6818F85F3CBD79B1A50, C768EBB2263375D285D689FEEF546147D42D7376977424A4D6FD655CC78EA7CD ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
19:25:36.0408 0x20a8 storvsc - ok
19:25:36.0454 0x20a8 [ E49858EA5865A015EB78B7F7C1C07DE2, 1ADBBAC2D2E2E3C40AB0BDDE068001E76A8DAB79C54F06479F7A4567DAD7A7A8 ] svsvc C:\WINDOWS\system32\svsvc.dll
19:25:36.0502 0x20a8 svsvc - ok
19:25:36.0608 0x20a8 [ 802278EE4ACCE9EA1F1481DF20EB1667, E78F0DA2CA0B2C2DF3B7E3B2A22C03380FE649813EE6EB31067C5FB6727DB7BD ] swenum C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys
19:25:36.0636 0x20a8 swenum - ok
19:25:36.0672 0x20a8 [ 313D2C0DBA0B23A8302254FD317D2EC8, 20B98D6F33FEC7ACBCEED9757A3FEAD837FA7BA378BA25575A33EA45E076FC6B ] swprv C:\WINDOWS\System32\swprv.dll
19:25:36.0752 0x20a8 swprv - ok
19:25:36.0810 0x20a8 [ 12D0CB1DCAE6725B6CA54CC2038C4C8C, 7D224298E440B8C5FDD99A52485A6245DE5109C9A02E65AD38F1EC6DBF4AEEF2 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
19:25:36.0858 0x20a8 Synth3dVsc - ok
19:25:36.0954 0x20a8 [ D5B31B2F14848015C211F1D674A82F3A, 58C18254C817693DB727090D1CC518032B3A67C5B3FC7F2F8CE4613A33790CFA ] SysMain C:\WINDOWS\system32\sysmain.dll
19:25:37.0162 0x20a8 SysMain - ok
19:25:37.0230 0x20a8 [ D5AAA188C70146977CFEE8D128599F3F, 9ABC30982E552EAF41FE84397EEEE5A3187444062C662D7CF35A03E3B274AFB8 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:25:37.0314 0x20a8 SystemEventsBroker - ok
19:25:37.0379 0x20a8 [ 95875059929EF91B55EA612D7967DD3D, 5F734209C8C9725376F7C146ED84999CC6D019C4C10B1795F53E72BE8853E2DD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:25:37.0578 0x20a8 TabletInputService - ok
19:25:37.0614 0x20a8 [ 529237C999DC10284D561F6B1AFF0595, 0263DA3CDFE2AA5AA2EB82BDB911A6C87FB4E1E02F3535E7F28E12E9EA4EE4E5 ] taphss6 C:\WINDOWS\system32\DRIVERS\taphss6.sys
19:25:37.0650 0x20a8 taphss6 - ok
19:25:37.0706 0x20a8 [ FE33F417DFD9847CB571D3C7EE5FA7E3, B3C7BE7998B9B093DD969A2588EE8CEBD9771331A63D4B1D86A188317B5EE71C ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:25:37.0798 0x20a8 TapiSrv - ok
19:25:38.0146 0x20a8 [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
19:25:38.0310 0x20a8 Tcpip - ok
19:25:38.0550 0x20a8 [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
19:25:38.0766 0x20a8 Tcpip6 - ok
19:25:38.0822 0x20a8 [ D378A1AF58AFA84BB6AC753F2C1BE9F4, 8BBA623193D51E6A8DD0627FA08C93B918EF1BA2EEBA46CDBB86FE6A1007FDEE ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
19:25:38.0886 0x20a8 tcpipreg - ok
19:25:38.0970 0x20a8 [ 28E1E63A1AC65E17B3194238FA2CF3BF, 9A52D6DD14BEBB7B407B2703A111D1B302F1B84AA40A14D21FCA554F395E935D ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
19:25:39.0006 0x20a8 tdx - ok
19:25:39.0050 0x20a8 [ CCDBD2817C10A4F631280CBB3AE44FFB, A022DEF4D3CF75F41FA26275347F4BA38A513AD32FF18385C2E756DECB61D404 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
19:25:39.0082 0x20a8 terminpt - ok
19:25:39.0174 0x20a8 [ A0608264209A836821D6AB8C67B108AB, 7912C75F72BCAB7426A2E00C597C8D94C185B5DD31BD6C4BE5D56FECD5B0D9EA ] TermService C:\WINDOWS\System32\termsrv.dll
19:25:39.0314 0x20a8 TermService - ok
19:25:39.0358 0x20a8 [ 261830B1E3650E4471E1F98850B929B7, D281B8A93315E64C7AF5002E5BFBE6AFF8B35FD6AA747AE07D7AA96F4AFAA613 ] Themes C:\WINDOWS\system32\themeservice.dll
19:25:39.0438 0x20a8 Themes - ok
19:25:39.0546 0x20a8 [ 8D23F0819A00C547814409B734DD3747, 0E1B25A53C84486F8A57F309F3C016114F90F5AF5E576889BD230931F38594A5 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
19:25:39.0742 0x20a8 tiledatamodelsvc - ok
19:25:39.0826 0x20a8 [ 354DAA630928CD4DA2BC84A0DA4ADA9D, AFAE4948EA4F899267DC52DF9A06450FC3E77083B563E541581DA90685C7E98C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
19:25:39.0938 0x20a8 TimeBroker - ok
19:25:39.0990 0x20a8 [ F4AEDABC8F3A9D632F8206D0C7F8CA09, 6E76749CD4B857B4D930267E3CF448AF4D14FAC851873C5E71572E62CAD2FA36 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
19:25:40.0030 0x20a8 TPM - ok
19:25:40.0062 0x20a8 [ 2D0338A3009075FCCB119CB7F3280F82, F42F3B8DA0F8B2C99892E66CDEF471A1CD30A30CF437ADFF464A2C786A6B87A6 ] TrkWks C:\WINDOWS\System32\trkwks.dll
19:25:40.0118 0x20a8 TrkWks - ok
19:25:40.0182 0x20a8 [ 62D6A900C5DFF2ECF131384E5A5C85AB, 1AF1FB868C59DFF452E3351EE5070B2C746DE606B9E2F1834CE2256F41ABE7A9 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:25:40.0282 0x20a8 TrustedInstaller - ok
19:25:40.0342 0x20a8 [ 676C801CAA61AADD0C918CC536A74B78, DB5DEC9445272E46D32DC2A9A99A9AE45729E424E61C679ECFD973AA88457BE6 ] TsUsbFlt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
19:25:40.0518 0x20a8 TsUsbFlt - ok
19:25:40.0554 0x20a8 [ 2BB6CC0DD1CEE86330743B56FA9FE91F, EE71E3DEECA7599947AB09E8967FE8066348D82B4C17D8CBE800FCDE9CF4989D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:25:40.0610 0x20a8 TsUsbGD - ok
19:25:40.0666 0x20a8 [ 14B46248612DF1B1A695040FFFBCFAFC, 8C373A3C416FC9AB3872A187E64AC7A6E69FF605BD8784E8F2B1C28C293A0495 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
19:25:40.0781 0x20a8 tunnel - ok
19:25:40.0829 0x20a8 [ D0BE5EA1652D55029C9A898FB8ACFCE0, 80C4BC30B967C79B3457F43EB9B530CA2571C6158958879AC55E5A81F71CFF15 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
19:25:40.0865 0x20a8 uagp35 - ok
19:25:40.0897 0x20a8 [ 13C15E4B238895FE4731DB1D612EEB5F, 211E4B05AA09F7FBE2487C3241A98D1F970FEE5B9B1BAED2788B57233BFC4104 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
19:25:40.0929 0x20a8 UASPStor - ok
19:25:40.0973 0x20a8 [ BEBB8B55C5F99B69EEE39A9D7BADB21E, 08A094EA38AB58CC70108A3BDFDD3251897DC4B13FDDAD54C1B063137836EF34 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
19:25:41.0038 0x20a8 UcmCx0101 - ok
19:25:41.0098 0x20a8 [ DE3EDAF609D00EA2E54986E6459796A6, 61A9AB51869F38300CC5CC5D302B962FB966F54CBB2E393954F36372B3A479FE ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
19:25:41.0322 0x20a8 UcmUcsi - ok
19:25:41.0367 0x20a8 [ FB1C1D8B96A482F3581338D6752E1D6C, 0FFAEE3E088614B3483C459513BB9D78EB76B574696FD877A3CDF6A11378F46C ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
19:25:41.0403 0x20a8 Ucx01000 - ok
19:25:41.0435 0x20a8 [ 4E1543ACE2F6E2846713E5123D9D4159, 1A6AFC525A80D1F19B14CDAD38790DF7293911C4D0E8301161D92201B934C3D4 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
19:25:41.0494 0x20a8 UdeCx - ok
19:25:41.0518 0x20a8 [ CDCA9CC1D8293E75218D8FF85F2337A4, 173086C08DDC7625E026E425F1E2B5D6C795771BEAE9BFF6093E3592FBEBD323 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
19:25:41.0588 0x20a8 udfs - ok
19:25:41.0630 0x20a8 [ BC683E19307C533C7161DB7A58051347, 5553BE3421986FDD9992EBFD883CDA151F7166C01BBFA3E9183A3C93E41D79B6 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
19:25:41.0675 0x20a8 UEFI - ok
19:25:41.0733 0x20a8 [ D14B42C26DE402F316D49667D15446F0, 61CC9FF03EF78631C800EFD8D587975CB94D53DB80E6F60BD13BA52EC5690D3D ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
19:25:41.0769 0x20a8 Ufx01000 - ok
19:25:41.0804 0x20a8 [ 192470BE4321791FBB25F379D0141D6F, AD120F8F98BD99014471CE60630B5FEE7555AB261C98B7D9819FE23C386655F7 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
19:25:41.0836 0x20a8 UfxChipidea - ok
19:25:41.0870 0x20a8 [ F7BD838E84E6B286DBCE068EFB8C0800, A55188C8F8BDC739A7ED7D29CDCB2A17468BBB158E13D804963B31ED73449520 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
19:25:41.0903 0x20a8 ufxsynopsys - ok
19:25:41.0978 0x20a8 [ C844E39B900FFA46CA8DD2BBA670A077, 0CB6232BCE47C59821DF25D6ED33E85C3E32DDAB101AA8A2C22B5401E73F5D5B ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
19:25:42.0034 0x20a8 UI0Detect - ok
19:25:42.0078 0x20a8 [ A25842AC180F0E8B02380ECB8ADA1AF5, AF22E7559C5EF8DC22A2B9E27FFFFF075B1D1B68A8307266BD9473E0FAF36BEF ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
19:25:42.0118 0x20a8 uliagpkx - ok
19:25:42.0158 0x20a8 [ 21088F43172525C7E02D335A3327F46C, B04AD471A7DFE83AB557DB4540616B7DF4A1904F8BDDCB920D449FCEE6F36FD5 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
19:25:42.0194 0x20a8 umbus - ok
19:25:42.0222 0x20a8 [ 294A291B5D48FE8F38DD94B7272442C5, 66C9139636760C92C1E04FCF440C432FF6C5A94E1577CAFE1D61FCF2D30472ED ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
19:25:42.0290 0x20a8 UmPass - ok
19:25:42.0362 0x20a8 [ 3427889AECC3B6912A0A01D095E32B98, 322AE14B74295ACFC124719BBEF8809201150A184E262EC55E26D2B45787BF9D ] UmRdpService C:\WINDOWS\System32\umrdp.dll
19:25:42.0434 0x20a8 UmRdpService - ok
19:25:42.0526 0x20a8 [ E41C778D6208A51F57557523E2B479B5, 509122792ACDF892CC0DC933486CD2E223DD76E526CDD81A452EF098242023D7 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
19:25:42.0658 0x20a8 UnistoreSvc - ok
19:25:42.0928 0x20a8 [ 2C16648A12999AE69A9EBF41974B0BA2, 06008F61B6EC36CD34CB8C4BA983371DB7A9F4BEE15E5329F5E90FEEE300D258 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:25:43.0056 0x20a8 UNS - ok
19:25:43.0176 0x20a8 [ BD693208673F40BA21AA70B69F1D439C, E324947C2DD34386A83B09E73668F1CCED127AC91194B8BF7EC4C8E36CF8203E ] upnphost C:\WINDOWS\System32\upnphost.dll
19:25:43.0257 0x20a8 upnphost - ok
19:25:43.0293 0x20a8 [ A7A52EDDC3FAF183D6AC4774690ADF13, 630A0331F2EFA2DC7EFDACD08D8DF5C85BFDA30FF1525050FF54E069AFA45F6C ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
19:25:43.0325 0x20a8 UrsChipidea - ok
19:25:43.0361 0x20a8 [ 2EEA0897DD9E30E958B508D557F0B5E4, BE051A3AA5DFF56310FAB67AD19AC0443A3580542886EF3554EBE18F1323596F ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
19:25:43.0393 0x20a8 UrsCx01000 - ok
19:25:43.0437 0x20a8 [ DC54D775A3A61E4CDE871B4E38A1459A, CC996A9D293201BBD285E7B629B12EE88574702B8AC7BB4149439D6A25A07F7E ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
19:25:43.0469 0x20a8 UrsSynopsys - ok
19:25:43.0507 0x20a8 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
19:25:43.0576 0x20a8 USBAAPL64 - ok
19:25:43.0612 0x20a8 [ 1DC6166DB6C4FEFE87D9B9105044E5BE, D19B867C0E900B596B4180390A6E4F2ECCBDF8FBD49561C23DBA7D460B8F44A9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:25:43.0688 0x20a8 usbaudio - ok
19:25:43.0724 0x20a8 [ 18B63A0980F4AA1E6D7879B253980E37, 05F96DBE0A3DE2A685DEEBA8B6838A47AEB7CE2EBE8EB6BAD67B36DCF7E73589 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
19:25:43.0763 0x20a8 usbccgp - ok
19:25:43.0799 0x20a8 [ 1C60A1A3C8E1E819E16F12BAEB1C83F8, E255BD173DBF091C5EA07381862E23C1FD761489EC396E312974FBC124E1F33A ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
19:25:43.0843 0x20a8 usbcir - ok
19:25:43.0883 0x20a8 [ 9A3E39F85DC6E3B9F792F1095ACFF788, 66B8E137A5232E9F717907CFD49FE624AE101F4DE14E2960849DABF7A877E87A ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
19:25:43.0919 0x20a8 usbehci - ok
19:25:43.0983 0x20a8 [ 15FE07A404C8A0CD306661433027FFE4, 250C5B4624EF062C88F49DCFEA00BFF1771EFE8B095EC4F0B51C99BB3F80EC66 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
19:25:44.0063 0x20a8 usbhub - ok
19:25:44.0135 0x20a8 [ C08449092043601887A1743350888635, 5CD916649D2CD8823B89C9E7459AD76AA8E54D70B6D9F40AD4A41144E22ACBE0 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
19:25:44.0203 0x20a8 USBHUB3 - ok
19:25:44.0235 0x20a8 [ 72EA850B59F40C25A4FEDDA5FE84EFEB, FB4801AA1FB72FC1C41024916368823E88D53E338640E3BEA865B0F0E7B8EE91 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
19:25:44.0499 0x20a8 usbohci - ok
19:25:44.0547 0x20a8 [ 47B2B2DE152E25546944049CA1170BB1, DDA0A806D3108B2475AB13F584EA8CE6F0932C5E394C2C3FA691DFAB8A2BCAC0 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
19:25:44.0667 0x20a8 usbprint - ok
19:25:44.0723 0x20a8 [ 923CA145CD0A9DFBA4CBBA60AB684C2C, EFAA1E730802490E9A53718D70484832A38345FE0A670937FC546FD245DF2CC9 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:25:44.0771 0x20a8 usbscan - ok
19:25:44.0819 0x20a8 [ 1F72E1A7E1858B7B3FF81522FCEBDE95, 4FAD243DA73C45CD5CA5E50F824F30EF0DC777D83957FD21FF43D8C89EC15AAC ] usbser C:\WINDOWS\System32\drivers\usbser.sys
19:25:45.0023 0x20a8 usbser - ok
19:25:45.0071 0x20a8 [ CD35467670DF1E6FBF36DA308F0C872B, E1F4F9B1EBD476394CBD0C934842AEE2502B030D97351B0A1E751FF23B011B57 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:25:45.0107 0x20a8 USBSTOR - ok
19:25:45.0143 0x20a8 [ DFA92EA105DD1073B43FB210EEB03DD4, D940432458F0A04F5013B48197CEA0412C8A909C50605AA21DD08271C90E2FE3 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
19:25:45.0179 0x20a8 usbuhci - ok
19:25:45.0231 0x20a8 [ B1484D4BBC6B7B424F1CD1554B0AFB84, C9432978603360182AAA983248FFA97576B3C59BE5DA45473DFA17E2940479C8 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
19:25:45.0275 0x20a8 usbvideo - ok
19:25:45.0339 0x20a8 [ C67A03F54A1EA683F4880A481EE5FF6C, 346185B378577FF14EFAD01ECB7DFC9AFC0D50F16DF081C3BA99AEFF710A0EE9 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:25:45.0379 0x20a8 USBXHCI - ok
19:25:45.0495 0x20a8 [ 87E5D206DCDD7E8DB7A597DA59FB9A07, 7743172EA1B14354E2EEC1CCA0045CC2DA288F7A8643F3E8BB37BE6AAF4560AD ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
19:25:45.0631 0x20a8 UserDataSvc - ok
19:25:45.0759 0x20a8 [ E9E2B5FFBEFC2CDF14A6E55DD94CC823, A10C011835A65601B8FE3A30F361C224C60084A78085842ADCDA248047530CD1 ] UserManager C:\WINDOWS\System32\usermgr.dll
19:25:45.0863 0x20a8 UserManager - ok
19:25:45.0931 0x20a8 [ 0CFEA30C0217EE74FF853B2B0CC0BE6D, 1F0856D2D94F46D7B24B7EE18ED868C9EFAE972039D35D1FAA9058A12CF40493 ] UsoSvc C:\WINDOWS\system32\usocore.dll
19:25:46.0147 0x20a8 UsoSvc - ok
19:25:46.0175 0x20a8 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] VaultSvc C:\WINDOWS\system32\lsass.exe
19:25:46.0207 0x20a8 VaultSvc - ok
19:25:46.0247 0x20a8 [ 26223003DDFB347B5CF3EC0B56DB066B, 78848BE1334C05F28FA431B08225EAE8345B2C66E7D677F9936892FC941EA961 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
19:25:46.0283 0x20a8 vdrvroot - ok
19:25:46.0347 0x20a8 [ 0C3F4E7684C1D72E85A98689E65A98A1, F7928D3EFC1A83125887ADA5F8E008022B58F0DBA8A711B4D60975D8CE82B595 ] vds C:\WINDOWS\System32\vds.exe
19:25:46.0451 0x20a8 vds - ok
19:25:46.0499 0x20a8 [ A417284BC6B5C2EEF63F2C5154473530, 55146660CDDD829630C216038E6500CFAC906E67C82881047B665BFEEB286D10 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
19:25:46.0535 0x20a8 VerifierExt - ok
19:25:46.0595 0x20a8 [ 4C39C05A72EB14C0567501C7E087E564, D3DC122B7E4A5BD345517FE3A9E9E58CD3C78887F9F327AB782BADCAD0F8F2EB ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
19:25:46.0655 0x20a8 vhdmp - ok
19:25:46.0687 0x20a8 [ C42206A15078596FDE8E89BB629DE342, B95F9EC2413ADE658A7CE4A9BB57A0E125C29205C24BBB120153DACAF4CF9482 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
19:25:46.0723 0x20a8 vhf - ok
19:25:46.0759 0x20a8 [ 248D9F911A5C94CF8477125DD0C3A291, 418C7285184BCC9DE4E56175960585867A5DB21FEF761C49FF6F1AF1C07D8088 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
19:25:46.0795 0x20a8 vmbus - ok
19:25:46.0823 0x20a8 [ 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E, 2B5CF364F4D1D3359FBEA8BB2E72A1FCE1277E8D893977B751D9AC10A27DF018 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
19:25:46.0891 0x20a8 VMBusHID - ok
19:25:46.0957 0x20a8 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
19:25:47.0039 0x20a8 vmicguestinterface - ok
19:25:47.0071 0x20a8 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
19:25:47.0127 0x20a8 vmicheartbeat - ok
19:25:47.0163 0x20a8 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
19:25:47.0223 0x20a8 vmickvpexchange - ok
19:25:47.0263 0x20a8 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
19:25:47.0327 0x20a8 vmicrdv - ok
19:25:47.0363 0x20a8 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
19:25:47.0419 0x20a8 vmicshutdown - ok
19:25:47.0455 0x20a8 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
19:25:47.0511 0x20a8 vmictimesync - ok
19:25:47.0547 0x20a8 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
19:25:47.0615 0x20a8 vmicvmsession - ok
19:25:47.0651 0x20a8 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
19:25:47.0711 0x20a8 vmicvss - ok
19:25:47.0762 0x20a8 [ 91F165C5D71D9DCB18D4661CF10D1084, 1D55C1FF0F5D860E6DB60EEFE303C0797C98BB0B053ECC255F9B316872288818 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
19:25:47.0794 0x20a8 volmgr - ok
19:25:47.0810 0x20a8 [ 17042748AC05862A0283D32575220080, A85B480CB969CB7678545D2A9EE99CBD2ADFF210FA016A43E092D0711FBB633D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
19:25:47.0866 0x20a8 volmgrx - ok
19:25:47.0907 0x20a8 [ 823A237D871CD652C6BFD47BECB6810A, 99310521451CB54C29A5DEA54C3A666F95E2A1FF0979D5F9792885A161E90C65 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
19:25:47.0955 0x20a8 volsnap - ok
19:25:48.0006 0x20a8 [ 78727FA284C2095EED660D71CD3C9AEF, 323F0BD5A624DF77973F28C7CF31EC6B3A525496EBF063666623A62B1DB0EA65 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
19:25:48.0026 0x20a8 vpci - ok
19:25:48.0087 0x20a8 [ 2415961D561E02F5E46B7C1C687A6788, 68A54B9595A0D15D410D5F1656B6EBE3B913A4BA5F71C658C9B99420E6ED327A ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
19:25:48.0119 0x20a8 vsmraid - ok
19:25:48.0252 0x20a8 [ 16419CBDB04DB9FF298169AA93413822, 743AD26F08AF5EFF5DD353E75C3D659B10C3FEC2FEDABB76387B87721B5B98F8 ] VSS C:\WINDOWS\system32\vssvc.exe
19:25:48.0378 0x20a8 VSS - ok
19:25:48.0455 0x20a8 [ 6AE9A843AE979F2DCCA5A25C07C7A5F8, 3CEC26DE2EEC97929A0FBBD87FF75F8DC387C0988B2047074C8F069ACBEF2587 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
19:25:48.0497 0x20a8 VSTXRAID - ok
19:25:48.0539 0x20a8 [ BD232C761C59FA8D8EF626CA630E2D2E, E494EFDCE8F6343F49F33F1F03DCD5DEC9CB6F349B1AD302B4D3333B5F6BD8E5 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
19:25:48.0599 0x20a8 vwifibus - ok
19:25:48.0619 0x20a8 [ 3039687AB65CEE26CF478C1F42FFCD7D, 40E140C6F94B6203767A1493DF8CAE6BA1FB67FBD0C13789444F72410D0E6FF1 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
19:25:48.0664 0x20a8 vwififlt - ok
19:25:48.0753 0x20a8 [ EC9B6544C569E8D7FAB91772BD7D23F2, 06CC5F21E9A9DD35099CB3E44C3E2BF2F944CE5B71284E6A85E1B681F12BD31B ] W32Time C:\WINDOWS\system32\w32time.dll
19:25:48.0826 0x20a8 W32Time - ok
19:25:48.0896 0x20a8 [ 9776E4816D92B766F461957FBDA84360, 048F6ADC97767AFAB50582D0AE1E67A15B038A1C02F7982A6AD30B61AC5C7369 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
19:25:48.0948 0x20a8 w3logsvc - ok
19:25:49.0016 0x20a8 [ F61FA0EDBE913DFCA0CF012FDD9E99EE, DE8685230D49F940640F400D2EC4F10E677AF6D57B3FAB0342AA98BEA779D6AD ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
19:25:49.0089 0x20a8 W3SVC - ok
19:25:49.0137 0x20a8 [ FC40A7527D39F06D032A6553D22E4BF6, F572FCB5EB3DE16FD6222A5B6A43C81E3A1F838890667D9F0453F82FFCA772FF ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
19:25:49.0184 0x20a8 WacomPen - ok
19:25:49.0258 0x20a8 [ 2CFE8CBE358CC4D5715E010E3B13559F, 54E9BFCE202FA123EB261C226094054950429AAFA304AA714F461B003E070BD9 ] WalletService C:\WINDOWS\system32\WalletService.dll
19:25:49.0354 0x20a8 WalletService - ok
19:25:49.0390 0x20a8 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:25:49.0430 0x20a8 wanarp - ok
19:25:49.0450 0x20a8 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:25:49.0490 0x20a8 wanarpv6 - ok
19:25:49.0538 0x20a8 [ F61FA0EDBE913DFCA0CF012FDD9E99EE, DE8685230D49F940640F400D2EC4F10E677AF6D57B3FAB0342AA98BEA779D6AD ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
19:25:49.0597 0x20a8 WAS - ok
19:25:49.0701 0x20a8 [ CF9EF65FA66B0F4982FD1FACAB3009B6, 681C1CD5DCAF87EF436B907534E98B0AB4F66BD62E46B8977A7880B854766A27 ] wbengine C:\WINDOWS\system32\wbengine.exe
19:25:49.0865 0x20a8 wbengine - ok
19:25:49.0930 0x20a8 [ 8F2B0ED6FCA72B34BEEA37E32D0EE106, A86C641A13FDF056B7BA13641551582199DDB08E9490003C74D999518B097C00 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
19:25:50.0040 0x20a8 WbioSrvc - ok
19:25:50.0114 0x20a8 [ A40484AC27EE08DBE7F8DA5E1F6651ED, E3259694450C4F1DEC5E0EA5E23BF3A51F1819374DF47FECF70282AFD46114A1 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
19:25:50.0215 0x20a8 Wcmsvc - ok
19:25:50.0273 0x20a8 [ 8E7FD07D2C82ACBCA52C4100C20F6542, FB2CD88557ABB5EBE6555CD4E41BF4BDC6FE6BCF26288338F2FB034B966FCBD3 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
19:25:50.0356 0x20a8 wcncsvc - ok
19:25:50.0392 0x20a8 [ 9C776ED423CD03F8ABD54C2557E34416, 282C1208977070EC0280D5ABA0E03A847AEAEE31F35CDAA3C7A02D8477614EB1 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
19:25:50.0496 0x20a8 WcsPlugInService - ok
19:25:50.0546 0x20a8 [ C8BA574B3BA6AE88741AC86B1FE3C1DC, B2422CDE3A6A27B52D270D24298FF69D91D389C68456EC1805BA30AA59BAB839 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
19:25:50.0574 0x20a8 WdBoot - ok
19:25:50.0658 0x20a8 [ 927AD29D7F91B9A0C5294932374DA15E, ABB2722EF4153771D15683B5CE603D2B7D8A585357F64A3DC26114F37BE2906E ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
19:25:50.0725 0x20a8 Wdf01000 - ok
19:25:50.0781 0x20a8 [ C5BB7C612B4C852836BEA39593BA5F46, 1E2B123F34500C2A8E983AAAF7F14E409B88DC396A655F19F3E7F15D0C51A762 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
19:25:50.0829 0x20a8 WdFilter - ok
19:25:50.0885 0x20a8 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
19:25:50.0937 0x20a8 WdiServiceHost - ok
19:25:50.0957 0x20a8 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
19:25:51.0005 0x20a8 WdiSystemHost - ok
19:25:51.0061 0x20a8 [ 9B2039C5673EEBF1D4E34ABC0AFB88C7, BBC85546BD86B9027426DAF148194CFE992B80FF89311B28BE0BD82C88630E8C ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
19:25:51.0129 0x20a8 wdiwifi - ok
19:25:51.0173 0x20a8 [ BD193A7BD34B2E829FAF56306FEE3B09, ADD746D198E21242CEFA01840952B792074EFC473113CD3E7F1ABBA6A4E26AF6 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:25:51.0205 0x20a8 WdNisDrv - ok
19:25:51.0246 0x20a8 WdNisSvc - ok
19:25:51.0274 0x20a8 [ 6A3B5013D5C7840E8CABD63DD021C112, 371CCEEAC7816CFE79ACA8A218CDA16469D9567CB63CC9D18C55FF047011EF25 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:25:51.0347 0x20a8 WebClient - ok
19:25:51.0409 0x20a8 [ EED4043BC3C2D00067411730EE118354, 5E268DA4DB78C06D8F181E9408B4769F8A12C38DA52C1E986EE0CEE1101E9485 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
19:25:51.0457 0x20a8 Wecsvc - ok
19:25:51.0495 0x20a8 [ 6ECD7A49AFC6533821BEEA1876CEB21D, 2E972245F56F589EF1AB9DABB9214B9DE6E290878735476323A3357D8CDFC71F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
19:25:51.0563 0x20a8 WEPHOSTSVC - ok
19:25:51.0607 0x20a8 [ 09B434867028AF4895A87959EA668686, 26A7DB82E42DCBF3A77092D58AC6392754FD7C538B9EAAEFA88E9AF81DFE8E96 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
19:25:51.0711 0x20a8 wercplsupport - ok
19:25:51.0763 0x20a8 [ DE4E417B867841EE55114E588098B8D5, 878708C93FC1D919E2B9E1C5F94A0EAFC5F28BDAA58D3F29DEEDC8EC3F72D9ED ] WerSvc C:\WINDOWS\System32\WerSvc.dll
19:25:51.0829 0x20a8 WerSvc - ok
19:25:51.0849 0x20a8 wfpcapture - ok
19:25:51.0888 0x20a8 [ DBF5255B759212E5217A2748567A0B5C, 5E81A9289EC39702179038B686A35FADF9974651E74222F3354B4CBE919887B0 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
19:25:51.0920 0x20a8 WFPLWFS - ok
19:25:51.0962 0x20a8 [ 4CD8826BB8320741842A9E53E48AF2BC, 97B22D9DCD0FD31D3A801946173369B0E70B1850576682C8A8180874A61CAD1A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
19:25:52.0019 0x20a8 WiaRpc - ok
19:25:52.0083 0x20a8 [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr C:\WINDOWS\system32\DRIVERS\wimfltr.sys
19:25:52.0111 0x20a8 WimFltr - ok
19:25:52.0163 0x20a8 [ 4375BCBA419D19695CF566082CEF27D3, 6F86FA14B41A03F2BA51B8702F3D59B85FD488405601FA177495E4B7C576850D ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
19:25:52.0191 0x20a8 WIMMount - ok
19:25:52.0207 0x20a8 WinDefend - ok
19:25:52.0299 0x20a8 [ 037BC6DE5F58D4A74A5BB0C12DCECDCA, 92921A2615A41C434BADEB33594DABC166FC9418FBD311A3B2022410B14BFDAC ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
19:25:52.0339 0x20a8 WindowsTrustedRT - ok
19:25:52.0367 0x20a8 [ 70BCD70BD53F2FE660ED94B025A043EB, B23B96DCAB30C62CB1651B3A2292155AEE8217CE3120574F5158D5E7DA09DE56 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
19:25:52.0395 0x20a8 WindowsTrustedRTProxy - ok
19:25:52.0480 0x20a8 [ 8921ECEC2C7D1B1333D77325C60D3AEA, 67C6B6A92B34D99165B5591D0730322C31E967E599BA44924249BF5AD505C132 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:25:52.0737 0x20a8 WinHttpAutoProxySvc - ok
19:25:52.0777 0x20a8 [ 7792AE5403BF8975B6460DFC3428D129, D88F77E973D58C2CA629CC9249877A34ABF31CA1DC2A570666921A8A0DC8DEC7 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
19:25:52.0809 0x20a8 WinMad - ok
19:25:52.0881 0x20a8 [ 73B5230F03DC7002A70F11EA1B0BAA37, DFE8BBE52B58589686E402ACED51021E298A491F907EBA5689DF9DAFC3002BA5 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:25:52.0925 0x20a8 Winmgmt - ok
19:25:53.0065 0x20a8 [ 2FE85D6AFF90F56A78743CC93B9CA684, B515765C4EE64E7EC16BD6AF037C084CCA6E81180AEF59E18F260406ABE6DF58 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:25:53.0244 0x20a8 WinRM - ok
19:25:53.0328 0x20a8 [ 811F30EB6EE8318C4171CB95AE30B9BD, 765F6BEA3D35D523B5D7ED7356EC0C97A48066A5C4D77C1E6EDAC6F220153385 ] WINUSB C:\WINDOWS\System32\drivers\WinUsb.sys
19:25:53.0364 0x20a8 WINUSB - ok
19:25:53.0396 0x20a8 [ DF00381AB8665D48DE3FF794BC6760AB, 749AC7048601061A34BFF507B574AF028FC662C0A98692E7331E667D105EC09D ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
19:25:53.0424 0x20a8 WinVerbs - ok
19:25:53.0550 0x20a8 [ 3C096082A9232B7CEE4653B9C9031769, CFD4C7D0874097ED70735FD99206F21C12749B7956C4B5D4287F160EC6A21DCC ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
19:25:53.0739 0x20a8 WlanSvc - ok
19:25:53.0840 0x20a8 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:25:53.0861 0x20a8 wlcrasvc - ok
19:25:53.0984 0x20a8 [ 0968D575D9108497A6DC37749D4A6C4F, 8BFEDBE642DA0FD8AC1E60180C192527F3D36E43089090A7BB6D8B27AB6E4F7F ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
19:25:54.0162 0x20a8 wlidsvc - ok
19:25:54.0198 0x20a8 [ 623ED8E10DFEEAB7AE2CD11A0451DB79, 7DDE15F22FD24556D4765F6CFD0F8E2F27370A89A962919646DE2613B33D43D6 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
19:25:54.0230 0x20a8 WmiAcpi - ok
19:25:54.0306 0x20a8 [ B2BB87531C4127ED4120E9BF5566827F, 1DDC0F00F215D77D3698F81B56D4488F384E9D017267840EDFA4846742B99B6A ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:25:54.0350 0x20a8 wmiApSrv - ok
19:25:54.0402 0x20a8 WMPNetworkSvc - ok
19:25:54.0462 0x20a8 [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
19:25:54.0498 0x20a8 Wof - ok
19:25:54.0668 0x20a8 [ C7503A49364DB2AF7A7DE177B233081F, 85DC6D8B5631E51FCF395A884F58571A96C8C55C38CA9ABEBD9C75BABAD21E38 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
19:25:54.0872 0x20a8 workfolderssvc - ok
19:25:54.0924 0x20a8 [ 388F2A3C771B8BEE76FD1AAF9614D08E, C064EC6136CC20C4EE19C86E91CA071974933BB52C9EF8521DF4AFD060FED4A2 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
19:25:54.0956 0x20a8 wpcfltr - ok
19:25:55.0019 0x20a8 [ A6FCFE1F691B4A4D266F5D487FADB9FE, 2135D0C13C1295A2F76885E380CD72CB71CEB8E0D9F1C183A35935B27737D423 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
19:25:55.0118 0x20a8 WPDBusEnum - ok
19:25:55.0166 0x20a8 [ 37DCE976B3935380F2F6E39ABB6BF40D, B14E875F6D6503DF0DB6D9D2363316073AEEF394D830EA2270A0DCDA56E1CEC4 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:25:55.0192 0x20a8 WpdUpFltr - ok
19:25:55.0233 0x20a8 [ 80F0154FD4293E562D54E97811E03499, EDE920F7F95EFBE542FE3CE066B6F7CDE3B9A37DDF3411DC86EACE9EEF294C1D ] WpnService C:\WINDOWS\system32\WpnService.dll
19:25:55.0323 0x20a8 WpnService - ok
19:25:55.0389 0x20a8 [ 3CD22DD5A790CF7C24D65455E565EA83, 49DB06DF6F38940E7F8691C16586A78BB20E702FD48A34E50987C06B08BDF4DB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:25:55.0433 0x20a8 ws2ifsl - ok
19:25:55.0494 0x20a8 [ EBA916109A176714E6A7BD152387F13C, 7B38B1708B83271ADA8D1CEC7F5F0A75C7F2572185C0961EFC749D5DF16A03F0 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
19:25:55.0542 0x20a8 wscsvc - ok
19:25:55.0566 0x20a8 WSearch - ok
19:25:55.0797 0x20a8 [ 9EB85802AB625970E05879D15DE56335, B7DCE5E1924A5CEE76CC07FF3B8CEDBBD0DDBB4C4ED0A3BFB8D1ABCAD7C0AA23 ] WSService C:\WINDOWS\System32\WSService.dll
19:25:55.0970 0x20a8 WSService - ok
19:25:56.0106 0x20a8 [ B70FF53144AC4B3C7D98BFB7D7C239BD, 996F6253F24C6D734B777988CDE03CD3A32FFBAD6D7A198F1C590B762CD8DC0E ] wuauserv C:\WINDOWS\system32\wuaueng.dll
19:25:56.0269 0x20a8 wuauserv - ok
19:25:56.0305 0x20a8 [ 835F60262E7E310080EA05F6752BF248, 3010B731DF3D52B56EA16FD29B66F5D3AB9412E49CA4C547BAAECA3225C5DC40 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
19:25:56.0341 0x20a8 WudfPf - ok
19:25:56.0381 0x20a8 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
19:25:56.0434 0x20a8 WUDFRd - ok
19:25:56.0482 0x20a8 [ 44CF3130AEC8914705487C4AEF756A19, 30B09E32DEC02141F9B99ED012E441056C1663A72E4130EF4221ECC0ED87BF4B ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
19:25:56.0547 0x20a8 wudfsvc - ok
19:25:56.0575 0x20a8 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:25:56.0619 0x20a8 WUDFWpdFs - ok
19:25:56.0647 0x20a8 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
19:25:56.0695 0x20a8 WUDFWpdMtp - ok
19:25:56.0807 0x20a8 [ D23F211E1AA0787EFEC373D172D4A1C2, 6CCAB272D121C9946B2CF6B19F50E09946F0187713D54BFBD371B5C017367204 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
19:25:56.0936 0x20a8 WwanSvc - ok
19:25:57.0022 0x20a8 [ 9BDC2AFCEF4CF1C630D728DE1DBD495A, 5CE19974380CCEC46C181315B349E9A7CE757E19118EC5978A2293D63268BA66 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
19:25:57.0147 0x20a8 XblAuthManager - ok
19:25:57.0220 0x20a8 [ 3EDB6162310EA223890C2DF44C68358B, 12053291809CA9C38A30EA4B2DE7115F535531F0925220C63B0312979F9CC707 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
19:25:57.0393 0x20a8 XblGameSave - ok
19:25:57.0457 0x20a8 [ 30021D1E0407B71E8D5D4F8DAE4E656A, EE2E366A1CC033C068176C7E9F876FFA0EF86A15A482B6964E170DE863CFF542 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
19:25:57.0563 0x20a8 xboxgip - ok
19:25:57.0647 0x20a8 [ 729B70C81F207541BC6A4ABAE3A8D594, 31F9BC41169D28B397C0D988C367C32FA9A95289E68AB8F38061DA478752A765 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
19:25:57.0821 0x20a8 XboxNetApiSvc - ok
19:25:57.0861 0x20a8 [ 6851673B90D8CB332439E0339F81A6B6, 4E95F1A63E6DD58BB5BD6FC1D9784837D5E6F5BCF870C7ECC92DCA1AF20B6A4C ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
19:25:57.0905 0x20a8 xinputhid - ok
19:25:57.0925 0x20a8 ================ Scan global ===============================
19:25:57.0963 0x20a8 [ C6BC6E49A7F76AA2BBA58CD08196755F, D02B6B285899E966D19323566A4780D51303D00E66674D7FF4B61991430A69A6 ] C:\WINDOWS\system32\basesrv.dll
19:25:58.0000 0x20a8 [ 70EC9717DC3A1CDF79C703A145E0E5B7, D5ABF42063DFF799FD4099D8A347256CC79B89582B987B3DEE240AFA5BA421BE ] C:\WINDOWS\system32\winsrv.dll
19:25:58.0047 0x20a8 [ F435AFA375ACBAEE44324DD464EDCC11, 815DE470439AE5D96348BEBF971A14FBDCA1D36F31CA0D25F69E5F41817D43D5 ] C:\WINDOWS\system32\sxssrv.dll
19:25:58.0091 0x20a8 [ BB3D8E1C108F7244613FF3993291A922, 1642AF23F200D46F54239C3BA743F1D5ADDC6A32D5F6481264D0C1D7F3E9D533 ] C:\WINDOWS\system32\services.exe
19:25:58.0111 0x20a8 [ Global ] - ok
19:25:58.0111 0x20a8 ================ Scan MBR ==================================
19:25:58.0131 0x20a8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:25:59.0184 0x20a8 \Device\Harddisk0\DR0 - ok
19:25:59.0196 0x20a8 [ D18727ACF1626BEF725BDA318B5AD14F ] \Device\Harddisk1\DR1
19:25:59.0272 0x20a8 \Device\Harddisk1\DR1 - ok
19:25:59.0272 0x20a8 ================ Scan VBR ==================================
19:25:59.0288 0x20a8 [ 5F2E60469947CFA27E296748F3541959 ] \Device\Harddisk0\DR0\Partition1
19:25:59.0296 0x20a8 \Device\Harddisk0\DR0\Partition1 - ok
19:25:59.0312 0x20a8 [ EF2DF5C1B0ECC4B1AB1B36BAEEA4F814 ] \Device\Harddisk0\DR0\Partition2
19:25:59.0312 0x20a8 \Device\Harddisk0\DR0\Partition2 - ok
19:25:59.0312 0x20a8 ================ Scan generic autorun ======================
19:25:59.0346 0x20a8 [ 0C3154D0620F974AD5C4E8D87626C8CF, 4E6B751F9C0D5D4833A12166BC5142E0A7402E98D00F570926ED9CA0936A8007 ] C:\WINDOWS\system32\igfxtray.exe
19:25:59.0378 0x20a8 IgfxTray - ok
19:25:59.0411 0x20a8 [ E4AA3D28753EF9DB333FE40079993B09, ECC60BAA7D21EF97CDA17F45277FBFE52B2169155DDB157E34A7AE2EC1BEC185 ] C:\WINDOWS\system32\hkcmd.exe
19:25:59.0447 0x20a8 HotKeysCmds - ok
19:25:59.0475 0x20a8 [ CF40080765D6F66FA93318C0DB6C7D1F, 015EE5BE439DAC6D3F7C7471EEF554C11F28947492E3F7AA14BB72622C327DCD ] C:\WINDOWS\system32\igfxpers.exe
19:25:59.0513 0x20a8 Persistence - ok
19:26:00.0139 0x20a8 [ BFA073F60AD4D2D69EB00BBD38161D1D, 87233B975560544A033F095572CCEFD2B0412D113E3FE76262AFA46B530BBA49 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:26:00.0635 0x20a8 RtHDVCpl - ok
19:26:00.0740 0x20a8 [ 1ABF8A68CAEEE3DF0D39AD56614AE6D6, D5C709A6B6A95387F47019FF988D8D5D86A58FFDE95132B3D3EBE499CDD25156 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
19:26:00.0800 0x20a8 RtHDVBg - ok
19:26:00.0804 0x20a8 ETDCtrl - ok
19:26:00.0931 0x20a8 [ 5A9CDFF0CEDFA8061D0DE6B6C2547F51, 76CDEF7A94D90D79CFA105E492E53350F7545900FEF651CD0D18B3163B812AD2 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
19:26:00.0968 0x20a8 AdobeAAMUpdater-1.0 - ok
19:26:01.0029 0x20a8 [ 4F249E7F6B1513C6CE6080566D12096D, 8CD68DA14FAD3EA91DB10632A0CE4A17FDEA31DE37729017A0D205FC25756719 ] C:\Program Files\iTunes\iTunesHelper.exe
19:26:01.0053 0x20a8 iTunesHelper - ok
19:26:01.0316 0x20a8 [ F66203AF9C159E2CBD54DF981654F499, C28A7E3D4BB50F14D40C3AE9D1267D11015381A9615663BAAAB6C0084A72E607 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
19:26:01.0516 0x20a8 AvastUI.exe - ok
19:26:01.0740 0x20a8 [ 3D1D33DE714636AEAB4AC18291D254F6, 8C9ECD5818F48B90FAEFBEC896F795DDE45CCE73BB11901E90E035F179037117 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
19:26:01.0832 0x20a8 Adobe Creative Cloud - ok
19:26:01.0886 0x20a8 [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:26:01.0926 0x20a8 SunJavaUpdateSched - ok
19:26:02.0277 0x20a8 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:26:02.0649 0x20a8 OneDriveSetup - ok
19:26:03.0089 0x20a8 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:26:03.0417 0x20a8 OneDriveSetup - ok
19:26:03.0748 0x20a8 [ C81F59B7D524FB462F73B27757084618, 6C7DF7257ED0D9C69A53B98F15EAF1B42D302659791EE80F48D06BCA11EA09D8 ] C:\Program Files\CCleaner\CCleaner64.exe
19:26:04.0116 0x20a8 CCleaner Monitoring - ok
19:26:04.0426 0x20a8 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:26:04.0678 0x20a8 OneDriveSetup - ok
19:26:04.0690 0x20a8 Waiting for KSN requests completion. In queue: 225
19:26:05.0697 0x20a8 Waiting for KSN requests completion. In queue: 225
19:26:06.0698 0x20a8 Waiting for KSN requests completion. In queue: 225
19:26:07.0363 0x0538 Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip
19:26:07.0698 0x20a8 Waiting for KSN requests completion. In queue: 156
19:26:08.0698 0x20a8 Waiting for KSN requests completion. In queue: 156
19:26:09.0699 0x20a8 Waiting for KSN requests completion. In queue: 156
19:26:09.0969 0x0538 Object send P2P result: true
19:26:09.0969 0x0538 Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip6
19:26:10.0700 0x20a8 Waiting for KSN requests completion. In queue: 155
19:26:11.0702 0x20a8 Waiting for KSN requests completion. In queue: 155
19:26:12.0565 0x0538 Object send P2P result: true
19:26:12.0584 0x0538 Object required for P2P: [ 0968D575D9108497A6DC37749D4A6C4F ] wlidsvc
19:26:12.0705 0x20a8 Waiting for KSN requests completion. In queue: 38
19:26:13.0706 0x20a8 Waiting for KSN requests completion. In queue: 38
19:26:14.0706 0x20a8 Waiting for KSN requests completion. In queue: 38
19:26:15.0194 0x0538 Object send P2P result: true
19:26:15.0798 0x20a8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x60100 ( disabled : updated )
19:26:15.0805 0x20a8 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2225.1172 ), 0x41000 ( enabled : updated )
19:26:15.0809 0x20a8 FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2225.1172 ), 0x41010 ( enabled )
19:26:18.0316 0x20a8 ============================================================
19:26:18.0316 0x20a8 Scan finished
19:26:18.0316 0x20a8 ============================================================
19:26:18.0324 0x0cf8 Detected object count: 0
19:26:18.0324 0x0cf8 Actual detected object count: 0
__________________ --> CPU-Auslastung permanent über 55%, auch wenn ich nichts tue |
|
09.10.2015, 12:06
| #7 |
| /// Selecta Jahrusso | CPU-Auslastung permanent über 55%, auch wenn ich nichts tue Hy und sorry. Ich hab das Thema zwar gelesen, aber aufs Antworten vergessen  Wurde Windows 10 als Upgrade oder direkt von einem Bootmedium installiert ? ( Win10 hat noch Kinderkrankheiten, mit denen ich mich auch zeitweise rumschlage ) Wurde schon versucht, Avast temporär zu deaktivieren ? Die Treiber scheinen alle OK zu sein. Warum sind die Windows Updates auf Demand ? Ich würde diese schnellstens wieder auf Auto stellen Versuche bitte einmal einen Clean Boot Clean Boot - Probleme beim Systemstart diagnostizieren btw, dir ist bewusst, dass MSCONFIG nicht für das dauerhafte deaktivieren von Startelemente gedacht ist ^^
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
09.10.2015, 13:00
| #8 | ||||
| | CPU-Auslastung permanent über 55%, auch wenn ich nichts tueZitat:
Zitat:
Zitat:
Habe bei "Installationsart von Updates auswählen" auf "Automatisch" gesetzt... Meinen Autostart habe ich als Screenshot angehängt, aber keine Ahnung was diese Module da sind... Danke für deine Mühe & schönes Wochenende Achja, Zitat:
__________________ an alle hilfreichen Antworten!Systeminfos: Windows 10 Home 64-bit (von Windows 7 geupgraded) Antivirenprogramm: Avast (Premier) Antimalwareprogramm: MBAM (Premium) |
|
10.10.2015, 11:18
| #9 |
| /// Selecta Jahrusso | CPU-Auslastung permanent über 55%, auch wenn ich nichts tue Hy. Wochenende is bei mir nicht so toll. Muss da viel in der FH rumsitzen  Ich muss jetzt mal mit der Fehlersuche beginnen, dann kümmern wir ums um den Rest. Deinstalliere mal Avast und starte den PC neu. Tritt das Problem immer noch auf ? Wenn Ja, Avast wieder Installieren. Wenn Nein, haben wir das Problem ja gefunden
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
10.10.2015, 20:07
| #10 |
| | CPU-Auslastung permanent über 55%, auch wenn ich nichts tue [gelöst] Also, ich kann dir jetzt nur nach Gefühl antworten. Der Laptop war nach Deinstallation und Neustart im Leerlauf, also ohne das ich irgendwas offen hatte, bei einer CPU von 4%. Manchmal sprang es auch mal auf 20-30, aber das legte sich schnell wieder. Jetzt habe ich mir Avast wieder neuzugelegt und sehe keinen Unterschied im Vergleich bei der Deinstallation von Avast. Hab dir ein paar Screenshots angehängt, die den Task-Manager zeigen. Die ersten 2 Screenshots sind nach Neustart und Deinstallation, der letzte Screenshot, wie der Name schon sagt, alle Prozesse nach Systemneustart und Installation von Avast. Danke & liebe Grüße!
__________________ an alle hilfreichen Antworten!Systeminfos: Windows 10 Home 64-bit (von Windows 7 geupgraded) Antivirenprogramm: Avast (Premier) Antimalwareprogramm: MBAM (Premium) |
|
10.10.2015, 20:30
| #11 |
| | CPU-Auslastung permanent über 55%, auch wenn ich nichts tue [gelöst] Ist eigentlich alles inordnung. LG  |
|
10.10.2015, 20:47
| #12 |
| | CPU-Auslastung permanent über 55%, auch wenn ich nichts tue [gelöst] And was ist mit meinen angeblich falschen Einstellungen? Lg.
__________________ an alle hilfreichen Antworten!Systeminfos: Windows 10 Home 64-bit (von Windows 7 geupgraded) Antivirenprogramm: Avast (Premier) Antimalwareprogramm: MBAM (Premium) |
|
10.10.2015, 20:54
| #13 |
| | CPU-Auslastung permanent über 55%, auch wenn ich nichts tue [gelöst] Hallo, So sollten deine Update Einstellungen sein LG |
|
10.10.2015, 21:01
| #14 |
| | CPU-Auslastung permanent über 55%, auch wenn ich nichts tue [gelöst] Hast du die ganze Ansicht auch nochmal für Windows 10? Wie nämlich bereits gesagt, habe ich bei "Installationsart von Updates auswählen" das Auswahlfeld auf "Automatisch" gesetzt... [b]Lg.
__________________ an alle hilfreichen Antworten!Systeminfos: Windows 10 Home 64-bit (von Windows 7 geupgraded) Antivirenprogramm: Avast (Premier) Antimalwareprogramm: MBAM (Premium) |
|
10.10.2015, 21:05
| #15 |
| | CPU-Auslastung permanent über 55%, auch wenn ich nichts tue [gelöst] Hallo, Da ich Windows 10 eher verabscheue, leider nicht. Und wie ich gerade sehe, hast Windows 10 Home, da werden die Updates sowieso alle Automatisch installiert. Ich würde dir aber noch ein Windows 10 AntiSpy Tool raten. LG |
|
| Themen zu CPU-Auslastung permanent über 55%, auch wenn ich nichts tue |
| antivirus, arbeitsspeicher, ausgelastet, auslastung, bonjour, computer, converter, cpu ausgelastet, desktop, dnsapi.dll, excel, flash player, google, home, installation, langsam, launch, mozilla, problem, prozesse, realtek, registry, scan, security, software, system, taskmanager, teamspeak, windows, zugriff verweigert |
CPU-Auslastung permanent über 55%, auch wenn ich nichts tue
Linear-Darstellung
