Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Pc und INternet langsam, CPU-Auslastung hoch, aber kein Virus gefunden! (https://www.trojaner-board.de/165567-pc-internet-langsam-cpu-auslastung-hoch-kein-virus-gefunden.html)

MissVerstehn 28.03.2015 13:02
Pc und INternet langsam, CPU-Auslastung hoch, aber kein Virus gefunden!
 
Hallo ihr Lieben,
ich habe mir vor einer Zeit eine neuere Version meines Grafiktreibers heruntergeladen und mir dabei vermutlich irgendwas eingefangen...
Hier in Forum berichten Viele von gut versteckten Trojanern, die Abläufe extrem verlangsamen und die CPU Auslastung auf 100% treiben und ich mach mir inzwischen echt Sorgen, so was erwischt zu haben.
Mein Computer ist bei hochfahren gleich schnell geblieben und auch danach nicht „extrem“ langsam… aber auffallend langsamer ist er (besonders im Internet) schon!
Und die CPU Auslastung ist interessanterweise auch immer wieder bei 100% und beginnt dann plötzlich wieder stark abzunehmen.
Könnte ich mir tatsächlich einen von diesen super-intelligenten Trojanern eingefangen haben oder bin ich nur paranoid? :balla:

Ich habe Avast, McAfee, einen Adware Cleaner und Trojan Remover durch meinen PC gejagt, aber sie haben nichts gefunden!
Dann habe ich alle AMD Programme wieder entfernt und auch zugesehen mit einem CCleaner alles Unnötige wegzuschaffen, weil ich dachte vielleicht bilde ich mir die Verlangsamung nur ein, aber das Problem bleibt.

Defogger hat auch nichts gefunden.

Farbar’s Recovery Scan Tool gibt mir als FRST.txt an:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by lilith (administrator) on LILITH-LAPPI on 28-03-2015 12:26:50
Running from C:\Users\lilith\Downloads
Loaded Profiles: lilith (Available profiles: lilith)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Spotify Ltd) C:\Users\lilith\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Spotify Ltd) C:\Users\lilith\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\lilith\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\lilith\AppData\Roaming\Spotify\Spotify.exe
() C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\Mobile Partner Manager\UIExec.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Users\lilith\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\lilith\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\lilith\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\lilith\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\lilith\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7466600 2011-09-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-03-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-01] (Atheros Commnucations)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Mobile Partner Manager\UIExec.exe [133120 2010-01-13] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-24] (Avast Software s.r.o.)
HKU\S-1-5-21-1607166987-670646389-2257712192-1000\...\Run: [Google Update] => C:\Users\lilith\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-05] (Google Inc.)
HKU\S-1-5-21-1607166987-670646389-2257712192-1000\...\Run: [Spotify Web Helper] => C:\Users\lilith\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1964088 2015-03-24] (Spotify Ltd)
HKU\S-1-5-21-1607166987-670646389-2257712192-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
HKU\S-1-5-21-1607166987-670646389-2257712192-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-1607166987-670646389-2257712192-1000\...\Run: [Spotify] => C:\Users\lilith\AppData\Roaming\Spotify\Spotify.exe [6701624 2015-03-24] (Spotify Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1607166987-670646389-2257712192-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-24] (Avast Software s.r.o.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-01] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-24] (Avast Software s.r.o.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\lilith\AppData\Roaming\Mozilla\Firefox\Profiles\syeomnk1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1607166987-670646389-2257712192-1000: @tools.google.com/Google Update;version=3 -> C:\Users\lilith\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-1607166987-670646389-2257712192-1000: @tools.google.com/Google Update;version=9 -> C:\Users\lilith\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Extension: Download videos and MP3s from YouTube - C:\Users\lilith\AppData\Roaming\Mozilla\Firefox\Profiles\syeomnk1.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-11-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-24]
FF HKU\S-1-5-21-1607166987-670646389-2257712192-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-27]

Chrome:
=======
CHR Profile: C:\Users\lilith\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\lilith\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR Profile: C:\Users\lilith\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Avast Online Security) - C:\Users\lilith\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\lilith\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-27]
CHR Extension: (Google Wallet) - C:\Users\lilith\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-24]
StartMenuInternet: Google Chrome.5OZBX3DQHAEJXZK5XOGYE4FIMY - C:\Users\lilith\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://www.delta-homes.com/?type=sc&ts=1427192525&from=wpm03243&uid=ST9320325AS_6VDG3QL4

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-01] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [76448 2011-03-01] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-24] (Avast Software s.r.o.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-27] (Realsil Microelectronics Inc.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32568 2014-04-08] (The OpenVPN Project)
R2 UI Assistant Service; C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe [247296 2010-01-13] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [18959360 2014-11-21] (Advanced Micro Devices, Inc.) [File not signed]
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [589312 2014-11-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [229056 2014-10-28] (AppEx Networks Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-24] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-24] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-24] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-24] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-24] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-24] ()
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-28 12:26 - 2015-03-28 12:27 - 00013620 _____ () C:\Users\lilith\Downloads\FRST.txt
2015-03-28 12:26 - 2015-03-28 12:26 - 00000000 ____D () C:\FRST
2015-03-28 12:24 - 2015-03-28 12:25 - 02095616 _____ (Farbar) C:\Users\lilith\Downloads\FRST64.exe
2015-03-28 12:21 - 2015-03-28 12:21 - 00000000 _____ () C:\Users\lilith\defogger_reenable
2015-03-28 12:20 - 2015-03-28 12:20 - 00050477 _____ () C:\Users\lilith\Downloads\Defogger.exe
2015-03-28 11:55 - 2015-03-28 11:55 - 00388608 _____ (Trend Micro Inc.) C:\Users\lilith\Downloads\HiJackThis204.exe
2015-03-28 11:30 - 2015-03-28 11:30 - 00003232 _____ () C:\Windows\PFRO.log
2015-03-28 11:30 - 2015-03-28 11:30 - 00000056 _____ () C:\Windows\setupact.log
2015-03-28 11:30 - 2015-03-28 11:30 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-27 23:17 - 2015-03-27 23:17 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-03-27 23:17 - 2015-03-27 23:17 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-27 23:17 - 2015-03-27 23:17 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-27 23:16 - 2015-03-27 23:17 - 04197696 _____ (Piriform Ltd) C:\Users\lilith\Downloads\ccsetup503_slim.exe
2015-03-27 23:10 - 2015-03-27 23:12 - 00000000 ____D () C:\Users\lilith\AppData\Local\Martin Fuchs
2015-03-27 22:38 - 2015-03-27 22:38 - 00000000 ____D () C:\ProgramData\TEMP
2015-03-27 22:38 - 2015-03-27 22:38 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-27 21:57 - 2015-03-27 21:57 - 00063437 _____ () C:\Windows\SysWOW64\CCCInstall_201503272157436161.log
2015-03-27 21:25 - 2015-03-24 12:08 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-24 12:13 - 2015-03-24 12:14 - 00000000 ____D () C:\Users\lilith\AppData\Roaming\Dropbox
2015-03-24 12:11 - 2015-03-24 12:11 - 00000000 ____D () C:\Users\lilith\AppData\Roaming\AVAST Software
2015-03-24 12:10 - 2015-03-27 21:27 - 00001922 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-24 12:10 - 2015-03-24 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-24 12:09 - 2015-03-27 21:27 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-24 12:08 - 2015-03-24 12:08 - 00441728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-24 12:08 - 2015-03-24 12:08 - 00268640 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-24 12:08 - 2015-03-24 12:08 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-24 12:08 - 2015-03-24 12:08 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-24 12:08 - 2015-03-24 12:08 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-24 12:08 - 2015-03-24 12:08 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-24 12:08 - 2015-03-24 12:08 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-24 12:08 - 2015-03-24 12:08 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-24 12:08 - 2015-03-24 12:07 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-03-24 12:06 - 2015-03-24 12:06 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-24 12:02 - 2015-03-24 12:02 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-24 11:36 - 2015-03-24 11:37 - 02168320 _____ () C:\Users\lilith\Desktop\adwcleaner_4.113.exe
2015-03-20 19:26 - 2015-03-20 19:26 - 00000000 ____D () C:\Users\lilith\AppData\Roaming\ATI
2015-03-20 19:26 - 2015-03-20 19:26 - 00000000 ____D () C:\Users\lilith\AppData\Local\ATI
2015-03-20 19:25 - 2015-03-20 19:25 - 00000000 ____D () C:\Users\lilith\AppData\Local\AppEx Networks
2015-03-20 19:24 - 2015-03-20 19:24 - 00000000 _____ () C:\Windows\ativpsrm.bin
2015-03-20 19:20 - 2015-03-20 19:20 - 00000000 ____D () C:\Users\lilith\AppData\Roaming\library_dir
2015-03-20 19:18 - 2015-03-27 23:11 - 00000000 ____D () C:\Program Files\AMD Quick Stream
2015-03-20 19:18 - 2015-03-27 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2015-03-20 19:18 - 2015-03-27 22:01 - 00000000 ____D () C:\ProgramData\AMD
2015-03-20 19:18 - 2014-10-28 14:24 - 00229056 _____ (AppEx Networks Corporation) C:\Windows\system32\Drivers\appexDrv.sys
2015-03-20 19:17 - 2015-03-20 19:17 - 00064312 _____ () C:\Windows\SysWOW64\CCCInstall_201503201917379503.log
2015-03-20 19:06 - 2015-03-20 19:08 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-20 18:59 - 2015-03-20 18:59 - 00000000 ____D () C:\AMD
2015-03-20 18:26 - 2015-03-20 18:26 - 00000000 ____D () C:\Users\Public\Documents\EA Games
2015-03-20 17:32 - 2015-03-20 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-03-20 17:31 - 2015-03-20 17:31 - 00000000 ____D () C:\Users\lilith\Documents\EA Games
2015-03-20 17:21 - 2015-03-20 18:07 - 00000000 ____D () C:\Program Files (x86)\EA GAMES
2015-03-20 17:21 - 2005-02-26 06:34 - 00442368 ____R (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2015-03-15 15:26 - 2015-03-15 15:26 - 00003447 _____ () C:\Users\lilith\.recently-used.xbel
2015-03-11 13:59 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 13:59 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 13:59 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 13:59 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 13:59 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 13:59 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 13:59 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 13:59 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 13:59 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 13:59 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 13:59 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 13:59 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 13:57 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 13:57 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 13:57 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 13:57 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 13:57 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 13:57 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 13:57 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 13:57 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 13:57 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 13:57 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-11 13:57 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 13:57 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 13:57 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 13:57 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 13:57 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 13:57 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 13:57 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 13:57 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 13:57 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 13:57 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 13:57 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 13:57 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 13:57 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 13:57 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-11 13:57 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 13:57 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 13:57 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 13:57 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 13:57 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 13:57 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 13:57 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 13:57 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 13:57 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 13:56 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 13:56 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 13:56 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-11 13:56 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 13:56 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 13:56 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 13:56 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 13:56 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 13:56 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 13:56 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 13:56 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 13:56 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 13:56 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-11 13:56 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 13:56 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 13:56 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 13:56 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-11 13:56 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 13:56 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 13:56 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 13:56 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 13:56 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 13:56 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 13:56 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-11 13:56 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 13:56 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 13:56 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 13:56 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 13:56 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 13:56 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 13:56 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 13:56 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 13:56 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 13:56 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-11 13:56 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 13:56 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 13:56 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 13:56 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 13:56 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 13:56 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 13:56 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 13:56 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 13:56 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 13:52 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-11 13:52 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-11 13:52 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-11 13:52 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-11 13:52 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 13:52 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-11 13:52 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-11 13:52 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-11 13:52 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-11 13:52 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-11 13:52 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-11 13:52 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-11 13:52 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-11 13:52 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-11 13:52 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-11 13:52 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-11 13:52 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-11 13:52 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-11 13:52 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-11 13:52 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 13:52 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 13:52 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 13:52 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-11 13:52 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 13:52 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-11 13:52 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-11 13:52 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-11 13:52 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-11 13:52 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-11 13:52 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-11 13:52 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-11 13:52 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 13:52 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 13:52 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 13:52 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 13:52 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 13:51 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 13:51 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 13:51 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 13:51 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 13:51 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 13:51 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 13:51 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 13:51 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 13:51 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 13:51 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 13:51 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-11 13:51 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-11 13:51 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 13:51 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-11 13:51 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-11 13:51 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 13:51 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 13:51 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 13:51 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-11 13:51 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 13:51 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 13:51 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 13:51 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 13:51 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 13:51 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-11 13:51 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-11 13:51 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 13:51 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 13:51 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 13:51 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-11 13:51 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 13:51 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 13:51 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 13:51 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 13:51 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 13:51 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 13:51 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 13:51 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 13:51 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 13:51 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 13:51 - 2015-01-31 04:48 - 01113088 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 13:51 - 2015-01-31 04:05 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 13:51 - 2015-01-31 04:04 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 13:51 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 13:51 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 13:50 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 13:50 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 13:50 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 13:50 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 13:50 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 13:50 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 13:50 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 13:50 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 13:50 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 13:50 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 13:50 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 13:50 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-11 13:50 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-11 13:50 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 13:50 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-11 13:50 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 13:50 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 13:50 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 13:50 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-02-26 09:28 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-26 09:28 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-28 12:21 - 2012-08-04 12:03 - 00000000 ____D () C:\Users\lilith
2015-03-28 11:55 - 2012-08-04 15:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-28 11:40 - 2012-08-05 10:50 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1607166987-670646389-2257712192-1000UA.job
2015-03-28 11:40 - 2012-08-04 11:58 - 01504036 _____ () C:\Windows\WindowsUpdate.log
2015-03-28 11:39 - 2009-07-14 05:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-28 11:39 - 2009-07-14 05:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-28 11:36 - 2014-03-29 13:36 - 00000000 ____D () C:\Users\lilith\AppData\Roaming\Spotify
2015-03-28 11:32 - 2012-12-29 09:12 - 00000439 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-03-28 11:31 - 2014-03-29 13:37 - 00000000 ____D () C:\Users\lilith\AppData\Local\Spotify
2015-03-28 11:30 - 2012-08-29 12:50 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-03-28 11:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-28 00:49 - 2013-10-03 16:24 - 00000000 ____D () C:\Users\lilith\Documents\Zeug
2015-03-28 00:25 - 2014-08-16 18:17 - 00000000 ____D () C:\Users\lilith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-28 00:20 - 2013-10-01 22:07 - 00000000 ____D () C:\Users\lilith\Documents\Bewerbungen
2015-03-27 23:48 - 2014-12-21 15:19 - 00000000 ____D () C:\Users\lilith\AppData\Roaming\DAEMON Tools Lite
2015-03-27 23:45 - 2012-08-04 12:55 - 00000000 ____D () C:\Windows\Panther
2015-03-27 23:44 - 2014-03-11 12:00 - 00000000 ____D () C:\Windows\Minidump
2015-03-27 23:44 - 2012-12-02 21:18 - 00000000 ____D () C:\Users\lilith\AppData\Local\CrashDumps
2015-03-27 23:20 - 2012-08-05 10:52 - 00002365 _____ () C:\Users\lilith\Desktop\Google Chrome.lnk
2015-03-27 21:39 - 2013-12-25 21:38 - 00000000 ____D () C:\AdwCleaner
2015-03-27 21:15 - 2014-04-14 11:46 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner Manager
2015-03-27 21:15 - 2012-08-05 10:06 - 00000000 ____D () C:\Users\lilith\Downloads\Setups von Programmen
2015-03-27 21:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-03-25 13:15 - 2012-08-05 10:50 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1607166987-670646389-2257712192-1000Core.job
2015-03-24 13:31 - 2010-11-21 07:50 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2015-03-24 13:31 - 2010-11-21 07:50 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2015-03-24 13:31 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-24 11:42 - 2012-08-05 11:00 - 00001070 _____ () C:\Users\lilith\Desktop\iexplorer.lnk
2015-03-24 11:42 - 2012-08-05 10:52 - 00000000 ____D () C:\Users\lilith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-24 11:42 - 2012-08-04 13:02 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-24 11:42 - 2012-08-04 13:02 - 00001049 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-24 11:42 - 2012-08-04 12:03 - 00000997 _____ () C:\Users\lilith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-24 11:22 - 2012-08-04 13:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-24 01:04 - 2012-08-04 12:03 - 00000000 ____D () C:\Users\lilith\AppData\Local\VirtualStore
2015-03-20 18:13 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-15 16:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-15 15:26 - 2013-07-15 19:56 - 00000000 ____D () C:\Users\lilith\.gimp-2.6
2015-03-11 17:45 - 2009-07-14 05:45 - 00358376 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 17:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-11 17:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 17:11 - 2013-08-15 13:13 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 17:00 - 2012-08-04 15:58 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-03 14:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-02-07 00:59 - 2014-02-07 00:59 - 0003584 _____ () C:\Users\lilith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-18 22:25 - 2013-08-18 22:25 - 0004096 ____H () C:\Users\lilith\AppData\Local\keyfile3.drm
2013-01-09 00:11 - 2013-01-09 00:11 - 0001407 _____ () C:\Users\lilith\AppData\Local\recently-used.xbel

Files to move or delete:
====================
C:\Users\lilith\DSETUP.dll
C:\Users\lilith\dsetup32.dll
C:\Users\lilith\DXSETUP.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-15 16:02

==================== End Of Log ============================
--- --- ---


Und als Additional.txt:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by lilith at 2015-03-28 12:29:11
Running from C:\Users\lilith\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.60 - Atheros Communications)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version:  - )
Die Sims™ 2 Freizeit-Spaß (HKLM-x32\...\{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}) (Version:  - Electronic Arts)
Die Sims™ 2 Teen Style-Accessoires (HKLM-x32\...\{5C648FDB-0138-4619-B66E-230EF53E8E2C}) (Version:  - Electronic Arts)
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKU\S-1-5-21-1607166987-670646389-2257712192-1000\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mobile Partner Manager (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation)
Mozilla Firefox 14.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 14.0.1 (x86 de)) (Version: 14.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 14.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenVPN 2.3.2 UniPassau (HKLM-x32\...\OpenVPN) (Version: 2.3.2 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6461 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1607166987-670646389-2257712192-1000\...\Spotify) (Version: 1.0.2.6.g9977a14b - Spotify AB)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1607166987-670646389-2257712192-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\lilith\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1607166987-670646389-2257712192-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\lilith\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1607166987-670646389-2257712192-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\lilith\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1607166987-670646389-2257712192-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\lilith\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1607166987-670646389-2257712192-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\lilith\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1607166987-670646389-2257712192-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\lilith\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1607166987-670646389-2257712192-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\lilith\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

15-03-2015 15:22:49 Windows Update
19-03-2015 11:14:37 Windows Update
20-03-2015 17:05:30 Removed Apple Software Update
20-03-2015 17:06:53 Removed iTunes
20-03-2015 17:09:19 Removed Apple Application Support
20-03-2015 17:11:06 Removed Apple Software Update
20-03-2015 19:05:21 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
20-03-2015 19:06:29 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
22-03-2015 11:39:17 Removed iTunes
22-03-2015 11:48:28 Removed Bonjour
22-03-2015 11:49:10 Removed Bonjour
22-03-2015 11:50:17 Removed Apple Mobile Device Support
22-03-2015 18:29:38 Windows Update
24-03-2015 12:05:00 avast! antivirus system restore point
26-03-2015 10:26:14 Windows Update
27-03-2015 21:19:52 avast! antivirus system restore point
27-03-2015 22:00:13 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0064CC5A-A101-4F93-9BE1-277F2F529236} - System32\Tasks\{C574EDA8-2422-47E1-85E1-CC675CF4CAF4} => Chrome.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsPlugin
Task: {297806FD-8CCD-4B4E-B0D3-5B96CF8A10E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {79E6D574-792E-4B29-AB87-C16FDC9B6880} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {918FD78C-DDF1-47BB-B906-09DE8A03F82D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1607166987-670646389-2257712192-1000UA => C:\Users\lilith\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-05] (Google Inc.)
Task: {CED95682-C263-4E55-9D98-B06C0F2900FD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1607166987-670646389-2257712192-1000Core => C:\Users\lilith\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-05] (Google Inc.)
Task: {EB12E5F1-2C14-4091-94A4-FB88DEE2D92F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-24] (Avast Software s.r.o.)
Task: {F6E1E5C6-7147-4AE6-BEED-485681ED5F5A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1607166987-670646389-2257712192-1000Core.job => C:\Users\lilith\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1607166987-670646389-2257712192-1000UA.job => C:\Users\lilith\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-04-14 11:46 - 2010-01-13 18:14 - 00247296 _____ () C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe
2014-04-14 11:46 - 2010-01-13 18:13 - 00133120 _____ () C:\Program Files (x86)\Mobile Partner Manager\UIExec.exe
2015-03-24 12:08 - 2015-03-24 12:08 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-24 12:07 - 2015-03-24 12:07 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-03-27 21:30 - 2015-03-27 21:30 - 02923520 _____ () C:\Program Files\AVAST Software\Avast\defs\15032701\algo.dll
2015-03-28 11:32 - 2015-03-28 11:32 - 02923520 _____ () C:\Program Files\AVAST Software\Avast\defs\15032800\algo.dll
2015-03-24 22:22 - 2015-03-24 22:22 - 40506936 _____ () C:\Users\lilith\AppData\Roaming\Spotify\libcef.dll
2015-03-24 22:22 - 2015-03-24 22:22 - 09305656 _____ () C:\Users\lilith\AppData\Roaming\Spotify\pdf.dll
2015-03-24 22:22 - 2015-03-24 22:22 - 00990776 _____ () C:\Users\lilith\AppData\Roaming\Spotify\ffmpegsumo.dll
2015-03-24 12:08 - 2015-03-24 12:08 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-14 14:00 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\lilith\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-14 14:00 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\lilith\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-03-22 12:50 - 2015-03-14 11:12 - 09278792 _____ () C:\Users\lilith\AppData\Local\Google\Chrome\Application\41.0.2272.101\pdf.dll
2015-03-22 12:50 - 2015-03-14 11:12 - 14974280 _____ () C:\Users\lilith\AppData\Local\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1607166987-670646389-2257712192-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\lilith\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1607166987-670646389-2257712192-500 - Administrator - Disabled)
Gast (S-1-5-21-1607166987-670646389-2257712192-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1607166987-670646389-2257712192-1004 - Limited - Enabled)
lilith (S-1-5-21-1607166987-670646389-2257712192-1000 - Administrator - Enabled) => C:\Users\lilith

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/28/2015 11:31:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/28/2015 11:31:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/27/2015 10:26:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2015 10:25:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/27/2015 09:41:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2015 09:41:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/27/2015 09:18:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2015 09:17:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/27/2015 00:15:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2015 00:15:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (03/28/2015 00:27:36 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (03/28/2015 11:41:31 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureCommand" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (03/28/2015 11:40:42 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (03/28/2015 11:33:08 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (03/28/2015 11:32:37 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (03/28/2015 11:31:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001

Error: (03/27/2015 11:09:13 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (03/27/2015 11:08:53 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (03/27/2015 10:27:08 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (03/27/2015 10:25:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001


Microsoft Office Sessions:
=========================
Error: (03/28/2015 11:31:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/28/2015 11:31:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

Error: (03/27/2015 10:26:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2015 10:25:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

Error: (03/27/2015 09:41:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2015 09:41:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

Error: (03/27/2015 09:18:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2015 09:17:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

Error: (03/27/2015 00:15:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/27/2015 00:15:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe


==================== Memory info ===========================

Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 37%
Total physical RAM: 3690.91 MB
Available physical RAM: 2308.41 MB
Total Pagefile: 7380 MB
Available Pagefile: 5741.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:85.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: B03E7563)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Gmer fängt bei mir sobald ich es öffne mit einem Scan aller Laufwerke an, ohne dass ich es stoppen kann, deshalb noch kein Gmer.txt … wenn der aber wichtig ist versuche ich es natürlich nochmal!

Ich hoffe ich habe nichts vergessen, wenn doch seid bitte gnädig, es ist mein erster Post hier! ;)
Vielen Dank schon mal im Voraus, dass ihr euch die Zeit nehmt das wirklich auch zu lesen!
:dankeschoen:

schrauber 28.03.2015 13:09
hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.



ProcessExplorer als Ersatz für den Windows Taskmanager installieren

Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden.

Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt.

Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).

MissVerstehn 28.03.2015 14:58
Liste der Anhänge anzeigen (Anzahl: 2)
Hi! Danke zuerst einmal für die schnelle Antwort, das war ja super flott! :bussi:

Malwarebytes meldet nach dem Scan, dass kein Cleanup nötig ist und keine Malware gefunden wurde.

TDSSKiller findet ebenfalls nichts:
Code:
14:42:08.0888 0x067c  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:42:11.0676 0x067c  ============================================================
14:42:11.0676 0x067c  Current date / time: 2015/03/28 14:42:11.0676
14:42:11.0676 0x067c  SystemInfo:
14:42:11.0676 0x067c 
14:42:11.0676 0x067c  OS Version: 6.1.7601 ServicePack: 1.0
14:42:11.0676 0x067c  Product type: Workstation
14:42:11.0676 0x067c  ComputerName: LILITH-LAPPI
14:42:11.0676 0x067c  UserName: lilith
14:42:11.0676 0x067c  Windows directory: C:\Windows
14:42:11.0676 0x067c  System windows directory: C:\Windows
14:42:11.0676 0x067c  Running under WOW64
14:42:11.0676 0x067c  Processor architecture: Intel x64
14:42:11.0676 0x067c  Number of processors: 2
14:42:11.0676 0x067c  Page size: 0x1000
14:42:11.0676 0x067c  Boot type: Normal boot
14:42:11.0676 0x067c  ============================================================
14:42:14.0611 0x067c  KLMD registered as C:\Windows\system32\drivers\32589066.sys
14:42:15.0456 0x067c  System UUID: {62829D47-6F84-9CA0-0439-F62D436DDB75}
14:42:17.0065 0x067c  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:42:17.0075 0x067c  ============================================================
14:42:17.0075 0x067c  \Device\Harddisk0\DR0:
14:42:17.0075 0x067c  MBR partitions:
14:42:17.0076 0x067c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:42:17.0076 0x067c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
14:42:17.0076 0x067c  ============================================================
14:42:17.0091 0x067c  C: <-> \Device\Harddisk0\DR0\Partition2
14:42:17.0091 0x067c  ============================================================
14:42:17.0091 0x067c  Initialize success
14:42:17.0091 0x067c  ============================================================
14:42:23.0652 0x1540  ============================================================
14:42:23.0652 0x1540  Scan started
14:42:23.0652 0x1540  Mode: Manual; SigCheck; TDLFS;
14:42:23.0652 0x1540  ============================================================
14:42:23.0652 0x1540  KSN ping started
14:42:26.0711 0x1540  KSN ping finished: true
14:42:29.0087 0x1540  ================ Scan system memory ========================
14:42:29.0088 0x1540  System memory - ok
14:42:29.0089 0x1540  ================ Scan services =============================
14:42:29.0347 0x1540  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:42:29.0657 0x1540  1394ohci - ok
14:42:29.0778 0x1540  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:42:29.0864 0x1540  ACPI - ok
14:42:29.0911 0x1540  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
14:42:29.0994 0x1540  AcpiPmi - ok
14:42:30.0189 0x1540  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:42:30.0248 0x1540  AdobeARMservice - ok
14:42:30.0563 0x1540  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:42:30.0641 0x1540  AdobeFlashPlayerUpdateSvc - ok
14:42:30.0765 0x1540  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
14:42:30.0881 0x1540  adp94xx - ok
14:42:30.0994 0x1540  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\drivers\adpahci.sys
14:42:31.0085 0x1540  adpahci - ok
14:42:31.0135 0x1540  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
14:42:31.0188 0x1540  adpu320 - ok
14:42:31.0251 0x1540  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
14:42:31.0407 0x1540  AeLookupSvc - ok
14:42:31.0544 0x1540  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
14:42:31.0597 0x1540  AERTFilters - ok
14:42:31.0716 0x1540  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD            C:\Windows\system32\drivers\afd.sys
14:42:31.0917 0x1540  AFD - ok
14:42:31.0991 0x1540  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
14:42:32.0047 0x1540  agp440 - ok
14:42:32.0080 0x1540  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
14:42:32.0129 0x1540  ALG - ok
14:42:32.0188 0x1540  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:42:32.0220 0x1540  aliide - ok
14:42:32.0243 0x1540  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
14:42:32.0263 0x1540  amdide - ok
14:42:32.0359 0x1540  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
14:42:32.0403 0x1540  AmdK8 - ok
14:42:34.0382 0x1540  [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:42:35.0425 0x1540  amdkmdag - detected UnsignedFile.Multi.Generic ( 1 )
14:42:38.0011 0x1540  Detect skipped due to KSN trusted
14:42:38.0026 0x1540  amdkmdag - ok
14:42:38.0192 0x1540  [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
14:42:38.0281 0x1540  amdkmdap - detected UnsignedFile.Multi.Generic ( 1 )
14:42:40.0846 0x1540  Detect skipped due to KSN trusted
14:42:40.0846 0x1540  amdkmdap - ok
14:42:40.0994 0x1540  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:42:41.0063 0x1540  AmdPPM - ok
14:42:41.0125 0x1540  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
14:42:41.0201 0x1540  amdsata - ok
14:42:41.0264 0x1540  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:42:41.0321 0x1540  amdsbs - ok
14:42:41.0369 0x1540  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata        C:\Windows\system32\drivers\amdxata.sys
14:42:41.0420 0x1540  amdxata - ok
14:42:41.0511 0x1540  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID          C:\Windows\system32\drivers\appid.sys
14:42:41.0582 0x1540  AppID - ok
14:42:41.0628 0x1540  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:42:41.0696 0x1540  AppIDSvc - ok
14:42:41.0761 0x1540  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo        C:\Windows\System32\appinfo.dll
14:42:41.0843 0x1540  Appinfo - ok
14:42:41.0943 0x1540  [ F401929EE0CC92BFE7F15161CA535383, 61E1C0630B8BBC65C51121D5DC7F095C59B475F39BB7B0DC68133EF7D9D0A29D ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:42:41.0983 0x1540  Apple Mobile Device - ok
14:42:42.0079 0x1540  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt        C:\Windows\System32\appmgmts.dll
14:42:42.0164 0x1540  AppMgmt - ok
14:42:42.0292 0x1540  [ 6D403E62AC3851116520C4D3DFFC95BE, 5119371DB04C7E7FE5870CBDB55D828643914CF7448F192658B9BC3F464E972F ] APXACC          C:\Windows\system32\DRIVERS\appexDrv.sys
14:42:42.0394 0x1540  APXACC - ok
14:42:42.0495 0x1540  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\drivers\arc.sys
14:42:42.0567 0x1540  arc - ok
14:42:42.0598 0x1540  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:42:42.0647 0x1540  arcsas - ok
14:42:42.0845 0x1540  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:42:42.0895 0x1540  aspnet_state - ok
14:42:42.0963 0x1540  [ BA4B999D245287608A79C92CDAE6F3C1, 799CC0FB185FDF3438687184944E6F6AB6EE73B3B542542D3C13C0FF1A8C0276 ] aswHwid        C:\Windows\system32\drivers\aswHwid.sys
14:42:43.0025 0x1540  aswHwid - ok
14:42:43.0063 0x1540  [ 245D3A0670491E1F88759EC45C9F7314, 1FFBDDDC6FCD29770B439933EEB8BE1ABA9149193932B2481720E8E9F265A797 ] aswMonFlt      C:\Windows\system32\drivers\aswMonFlt.sys
14:42:43.0148 0x1540  aswMonFlt - ok
14:42:43.0189 0x1540  [ BC18D5B42B19564BA09156410E1FB9BE, 0DA9636632462208AE4D360BFE5A8187644B036A0D43E981665D888A5363B953 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
14:42:43.0249 0x1540  aswRdr - ok
14:42:43.0281 0x1540  [ 713AFFD4E38553AEF04617C985B4030B, A09FBE4D49390024E8CF93352EACEB5AC53BEE5A4E5A76F5BE0341F8A002C4DD ] aswRvrt        C:\Windows\system32\drivers\aswRvrt.sys
14:42:43.0332 0x1540  aswRvrt - ok
14:42:43.0463 0x1540  [ 669F6B37965756E407B447272B5EE39F, FE2C0A8F96415191650485AED637A45B26E7B9A25A4BFB5D809844BD24FD6BA9 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
14:42:43.0679 0x1540  aswSnx - ok
14:42:43.0846 0x1540  [ 3A145C94A519E52FE7E99460DD0DF53C, 91E9544B1B72FCC32463BF34838DAA9F14DCABF3BE9FE9382087ACDB3B4FC598 ] aswSP          C:\Windows\system32\drivers\aswSP.sys
14:42:43.0951 0x1540  aswSP - ok
14:42:44.0010 0x1540  [ 8CDA894FA86D03FB43063D5FD85EFCAE, 20D110ACC84300514557AB6E565CFA0101DA749559B52877A41A509E79314AF6 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
14:42:44.0093 0x1540  aswStm - ok
14:42:44.0162 0x1540  [ 11644D8399F4AC8BB12C2364DCB87CB4, 828C3A03AB9D5F0650C7B90B7479CCAAD586B22BB7AC6DB7C91E8D9D80427DFB ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
14:42:44.0247 0x1540  aswVmm - ok
14:42:44.0305 0x1540  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:42:44.0462 0x1540  AsyncMac - ok
14:42:44.0524 0x1540  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
14:42:44.0593 0x1540  atapi - ok
14:42:44.0647 0x1540  [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort      C:\Windows\system32\DRIVERS\btath_flt.sys
14:42:44.0725 0x1540  AthBTPort - ok
14:42:44.0835 0x1540  [ 4C4A576818EA028257C624AE36FF7A03, 951521E0531D943EF55737EE99BBCBD6CC6ABC50530985D774EEBE8564166EDB ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
14:42:44.0890 0x1540  Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
14:42:47.0446 0x1540  Detect skipped due to KSN trusted
14:42:47.0446 0x1540  Atheros Bt&Wlan Coex Agent - ok
14:42:47.0594 0x1540  [ 1A3F71AADE163866001C91BF9FB6F299, 929C4633C19E9C066C322F27431AEBBE7EB676CC14A02624BF51A803426BC1EA ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
14:42:47.0643 0x1540  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
14:42:50.0412 0x1540  Detect skipped due to KSN trusted
14:42:50.0412 0x1540  AtherosSvc - ok
14:42:50.0889 0x1540  [ B4421D8CDADC441F76BA39532A3E3414, 4C7C14C99E2095012A85672C824E21CF2FC152BCC37A1B25BF3189D0F6A06ED3 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
14:42:51.0296 0x1540  athr - ok
14:42:51.0447 0x1540  [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
14:42:51.0478 0x1540  AtiHDAudioService - detected UnsignedFile.Multi.Generic ( 1 )
14:42:54.0179 0x1540  Detect skipped due to KSN trusted
14:42:54.0179 0x1540  AtiHDAudioService - ok
14:42:54.0362 0x1540  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:42:54.0494 0x1540  AudioEndpointBuilder - ok
14:42:54.0586 0x1540  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:42:54.0724 0x1540  AudioSrv - ok
14:42:54.0945 0x1540  [ 35714DC1ADD995681D890D4382C75721, C1D10F2D47D348DCEA363B676E35A363FE8FA0E24295C4AD90F7EA37826A822D ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:42:55.0048 0x1540  avast! Antivirus - ok
14:42:55.0168 0x1540  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:42:55.0289 0x1540  AxInstSV - ok
14:42:55.0467 0x1540  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
14:42:55.0558 0x1540  b06bdrv - ok
14:42:55.0642 0x1540  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:42:55.0693 0x1540  b57nd60a - ok
14:42:55.0793 0x1540  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:42:55.0857 0x1540  BDESVC - ok
14:42:55.0870 0x1540  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:42:56.0028 0x1540  Beep - ok
14:42:56.0171 0x1540  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
14:42:56.0314 0x1540  BFE - ok
14:42:56.0436 0x1540  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
14:42:56.0579 0x1540  BITS - ok
14:42:56.0663 0x1540  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:42:56.0710 0x1540  blbdrive - ok
14:42:56.0793 0x1540  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:42:56.0824 0x1540  bowser - ok
14:42:56.0864 0x1540  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:42:56.0942 0x1540  BrFiltLo - ok
14:42:56.0970 0x1540  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:42:57.0042 0x1540  BrFiltUp - ok
14:42:57.0079 0x1540  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
14:42:57.0159 0x1540  Browser - ok
14:42:57.0202 0x1540  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
14:42:57.0294 0x1540  Brserid - ok
14:42:57.0325 0x1540  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:42:57.0410 0x1540  BrSerWdm - ok
14:42:57.0451 0x1540  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:42:57.0496 0x1540  BrUsbMdm - ok
14:42:57.0526 0x1540  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:42:57.0563 0x1540  BrUsbSer - ok
14:42:57.0693 0x1540  [ FE70889A85C57A9268101B2DB0474509, 9E957390A52BE4E5642724FEC06A201682F93DD1C6F2C00A5F57351460CF5AE0 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
14:42:57.0762 0x1540  BTATH_A2DP - ok
14:42:57.0849 0x1540  [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS      C:\Windows\system32\DRIVERS\btath_bus.sys
14:42:57.0910 0x1540  BTATH_BUS - ok
14:42:57.0975 0x1540  [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
14:42:58.0068 0x1540  BTATH_HCRP - ok
14:42:58.0163 0x1540  [ 0DEA505EFB5D771826D177EF8B8A208F, FD8027DA791F04077490749AC5A08F73CCBA1731462579AA9008CD8DD82FBBBC ] BTATH_LWFLT    C:\Windows\system32\DRIVERS\btath_lwflt.sys
14:42:58.0225 0x1540  BTATH_LWFLT - ok
14:42:58.0294 0x1540  [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP      C:\Windows\system32\DRIVERS\btath_rcp.sys
14:42:58.0379 0x1540  BTATH_RCP - ok
14:42:58.0479 0x1540  [ DCE0798FD5BB4E452227EC58700956F5, 7A32824F7AFF47C907CE0F84994CEF15A38A60722533058C8AC014691DFE72F4 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
14:42:58.0629 0x1540  BtFilter - ok
14:42:58.0663 0x1540  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum        C:\Windows\system32\drivers\BthEnum.sys
14:42:58.0857 0x1540  BthEnum - ok
14:42:58.0925 0x1540  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:42:59.0000 0x1540  BTHMODEM - ok
14:42:59.0064 0x1540  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:42:59.0110 0x1540  BthPan - ok
14:42:59.0178 0x1540  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT        C:\Windows\System32\Drivers\BTHport.sys
14:42:59.0251 0x1540  BTHPORT - ok
14:42:59.0282 0x1540  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
14:42:59.0420 0x1540  bthserv - ok
14:42:59.0447 0x1540  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:42:59.0522 0x1540  BTHUSB - ok
14:42:59.0608 0x1540  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:42:59.0711 0x1540  cdfs - ok
14:42:59.0828 0x1540  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
14:42:59.0867 0x1540  cdrom - ok
14:42:59.0949 0x1540  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
14:43:00.0127 0x1540  CertPropSvc - ok
14:43:00.0208 0x1540  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:43:00.0256 0x1540  circlass - ok
14:43:00.0315 0x1540  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
14:43:00.0367 0x1540  CLFS - ok
14:43:00.0487 0x1540  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:43:00.0518 0x1540  clr_optimization_v2.0.50727_32 - ok
14:43:00.0562 0x1540  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:43:00.0594 0x1540  clr_optimization_v2.0.50727_64 - ok
14:43:00.0746 0x1540  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:43:00.0850 0x1540  clr_optimization_v4.0.30319_32 - ok
14:43:00.0896 0x1540  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:43:00.0990 0x1540  clr_optimization_v4.0.30319_64 - ok
14:43:01.0062 0x1540  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:43:01.0127 0x1540  CmBatt - ok
14:43:01.0178 0x1540  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:43:01.0225 0x1540  cmdide - ok
14:43:01.0328 0x1540  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG            C:\Windows\system32\Drivers\cng.sys
14:43:01.0450 0x1540  CNG - ok
14:43:01.0532 0x1540  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:43:01.0583 0x1540  Compbatt - ok
14:43:01.0639 0x1540  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
14:43:01.0711 0x1540  CompositeBus - ok
14:43:01.0758 0x1540  COMSysApp - ok
14:43:01.0798 0x1540  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
14:43:01.0857 0x1540  crcdisk - ok
14:43:01.0978 0x1540  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:43:02.0076 0x1540  CryptSvc - ok
14:43:02.0193 0x1540  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC            C:\Windows\system32\drivers\csc.sys
14:43:02.0332 0x1540  CSC - ok
14:43:02.0484 0x1540  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
14:43:02.0609 0x1540  CscService - ok
14:43:02.0731 0x1540  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:43:02.0938 0x1540  DcomLaunch - ok
14:43:03.0046 0x1540  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
14:43:03.0232 0x1540  defragsvc - ok
14:43:03.0267 0x1540  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:43:03.0412 0x1540  DfsC - ok
14:43:03.0509 0x1540  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:43:03.0595 0x1540  Dhcp - ok
14:43:03.0662 0x1540  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
14:43:03.0826 0x1540  discache - ok
14:43:03.0909 0x1540  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
14:43:03.0970 0x1540  Disk - ok
14:43:04.0029 0x1540  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc          C:\Windows\system32\drivers\dmvsc.sys
14:43:04.0085 0x1540  dmvsc - ok
14:43:04.0163 0x1540  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:43:04.0209 0x1540  Dnscache - ok
14:43:04.0315 0x1540  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
14:43:04.0409 0x1540  dot3svc - ok
14:43:04.0446 0x1540  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
14:43:04.0610 0x1540  DPS - ok
14:43:04.0694 0x1540  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
14:43:04.0755 0x1540  drmkaud - ok
14:43:04.0927 0x1540  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
14:43:05.0078 0x1540  DXGKrnl - ok
14:43:05.0177 0x1540  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
14:43:05.0325 0x1540  EapHost - ok
14:43:05.0663 0x1540  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\drivers\evbda.sys
14:43:06.0062 0x1540  ebdrv - ok
14:43:06.0124 0x1540  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS            C:\Windows\System32\lsass.exe
14:43:06.0186 0x1540  EFS - ok
14:43:06.0311 0x1540  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
14:43:06.0436 0x1540  ehRecvr - ok
14:43:06.0489 0x1540  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
14:43:06.0563 0x1540  ehSched - ok
14:43:06.0703 0x1540  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
14:43:06.0810 0x1540  elxstor - ok
14:43:06.0855 0x1540  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:43:06.0916 0x1540  ErrDev - ok
14:43:07.0061 0x1540  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
14:43:07.0265 0x1540  EventSystem - ok
14:43:07.0312 0x1540  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
14:43:07.0462 0x1540  exfat - ok
14:43:07.0524 0x1540  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
14:43:07.0709 0x1540  fastfat - ok
14:43:07.0855 0x1540  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
14:43:07.0978 0x1540  Fax - ok
14:43:08.0010 0x1540  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\drivers\fdc.sys
14:43:08.0072 0x1540  fdc - ok
14:43:08.0103 0x1540  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
14:43:08.0263 0x1540  fdPHost - ok
14:43:08.0294 0x1540  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:43:08.0453 0x1540  FDResPub - ok
14:43:08.0485 0x1540  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:43:08.0566 0x1540  FileInfo - ok
14:43:08.0594 0x1540  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
14:43:08.0693 0x1540  Filetrace - ok
14:43:08.0724 0x1540  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:43:08.0762 0x1540  flpydisk - ok
14:43:08.0878 0x1540  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:43:08.0931 0x1540  FltMgr - ok
14:43:09.0131 0x1540  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache      C:\Windows\system32\FntCache.dll
14:43:09.0363 0x1540  FontCache - ok
14:43:09.0588 0x1540  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:43:09.0638 0x1540  FontCache3.0.0.0 - ok
14:43:09.0675 0x1540  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
14:43:09.0743 0x1540  FsDepends - ok
14:43:09.0778 0x1540  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:43:09.0830 0x1540  Fs_Rec - ok
14:43:09.0935 0x1540  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:43:10.0009 0x1540  fvevol - ok
14:43:10.0122 0x1540  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:43:10.0163 0x1540  gagp30kx - ok
14:43:10.0359 0x1540  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\Windows\System32\gpsvc.dll
14:43:10.0579 0x1540  gpsvc - ok
14:43:10.0633 0x1540  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:43:10.0680 0x1540  hcw85cir - ok
14:43:10.0762 0x1540  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:43:10.0887 0x1540  HdAudAddService - ok
14:43:10.0960 0x1540  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:43:11.0042 0x1540  HDAudBus - ok
14:43:11.0079 0x1540  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
14:43:11.0160 0x1540  HidBatt - ok
14:43:11.0181 0x1540  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:43:11.0263 0x1540  HidBth - ok
14:43:11.0294 0x1540  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\drivers\hidir.sys
14:43:11.0370 0x1540  HidIr - ok
14:43:11.0424 0x1540  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\system32\hidserv.dll
14:43:11.0583 0x1540  hidserv - ok
14:43:11.0676 0x1540  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
14:43:11.0726 0x1540  HidUsb - ok
14:43:11.0775 0x1540  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:43:11.0925 0x1540  hkmsvc - ok
14:43:11.0978 0x1540  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:43:12.0061 0x1540  HomeGroupListener - ok
14:43:12.0119 0x1540  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:43:12.0208 0x1540  HomeGroupProvider - ok
14:43:12.0294 0x1540  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:43:12.0350 0x1540  HpSAMD - ok
14:43:12.0479 0x1540  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:43:12.0702 0x1540  HTTP - ok
14:43:12.0764 0x1540  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:43:12.0813 0x1540  hwpolicy - ok
14:43:12.0878 0x1540  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:43:12.0955 0x1540  i8042prt - ok
14:43:13.0082 0x1540  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
14:43:13.0161 0x1540  iaStorV - ok
14:43:13.0510 0x1540  [ E4693409D06785477A49FB34AFAE1B92, 3855CE03672D73084BBAC219F2B350CF22608A82828F82A9E842034F6A975F14 ] IconMan_R      C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
14:43:13.0725 0x1540  IconMan_R - detected UnsignedFile.Multi.Generic ( 1 )
14:43:16.0304 0x1540  Detect skipped due to KSN trusted
14:43:16.0305 0x1540  IconMan_R - ok
14:43:16.0493 0x1540  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:43:16.0645 0x1540  idsvc - ok
14:43:16.0755 0x1540  IEEtwCollectorService - ok
14:43:16.0813 0x1540  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
14:43:16.0859 0x1540  iirsp - ok
14:43:16.0992 0x1540  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
14:43:17.0156 0x1540  IKEEXT - ok
14:43:17.0498 0x1540  [ E395D888EF6D3777134A9E09FF7582C2, 106468BEC6DF248EED008B0868909F104EFE9FB4B19CD624E824B5D87E748270 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:43:17.0847 0x1540  IntcAzAudAddService - ok
14:43:17.0945 0x1540  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:43:17.0976 0x1540  intelide - ok
14:43:18.0076 0x1540  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
14:43:18.0145 0x1540  intelppm - ok
14:43:18.0178 0x1540  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
14:43:18.0362 0x1540  IPBusEnum - ok
14:43:18.0409 0x1540  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:43:18.0584 0x1540  IpFilterDriver - ok
14:43:18.0678 0x1540  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:43:18.0766 0x1540  iphlpsvc - ok
14:43:18.0799 0x1540  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
14:43:18.0862 0x1540  IPMIDRV - ok
14:43:18.0886 0x1540  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
14:43:18.0978 0x1540  IPNAT - ok
14:43:19.0045 0x1540  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:43:19.0092 0x1540  IRENUM - ok
14:43:19.0132 0x1540  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:43:19.0164 0x1540  isapnp - ok
14:43:19.0226 0x1540  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:43:19.0279 0x1540  iScsiPrt - ok
14:43:19.0359 0x1540  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:43:19.0378 0x1540  kbdclass - ok
14:43:19.0464 0x1540  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:43:19.0527 0x1540  kbdhid - ok
14:43:19.0547 0x1540  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso          C:\Windows\system32\lsass.exe
14:43:19.0628 0x1540  KeyIso - ok
14:43:19.0700 0x1540  [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:43:19.0761 0x1540  KSecDD - ok
14:43:19.0794 0x1540  [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
14:43:19.0876 0x1540  KSecPkg - ok
14:43:19.0986 0x1540  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
14:43:20.0145 0x1540  ksthunk - ok
14:43:20.0188 0x1540  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
14:43:20.0308 0x1540  KtmRm - ok
14:43:20.0378 0x1540  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:43:20.0525 0x1540  LanmanServer - ok
14:43:20.0595 0x1540  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:43:20.0745 0x1540  LanmanWorkstation - ok
14:43:20.0846 0x1540  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:43:20.0992 0x1540  lltdio - ok
14:43:21.0063 0x1540  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
14:43:21.0253 0x1540  lltdsvc - ok
14:43:21.0296 0x1540  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
14:43:21.0465 0x1540  lmhosts - ok
14:43:21.0561 0x1540  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:43:21.0616 0x1540  LSI_FC - ok
14:43:21.0657 0x1540  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
14:43:21.0715 0x1540  LSI_SAS - ok
14:43:21.0752 0x1540  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:43:21.0794 0x1540  LSI_SAS2 - ok
14:43:21.0849 0x1540  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:43:21.0902 0x1540  LSI_SCSI - ok
14:43:21.0918 0x1540  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
14:43:22.0088 0x1540  luafv - ok
14:43:22.0177 0x1540  [ 23488767CB18FC3FF39E3AF1DB3FB02C, F526B80EDA5309162239741CF1C77957E2F9EDEB223AB3DB6FF0DEA3D473590B ] massfilter      C:\Windows\system32\drivers\massfilter.sys
14:43:22.0221 0x1540  massfilter - ok
14:43:22.0252 0x1540  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
14:43:22.0299 0x1540  Mcx2Svc - ok
14:43:22.0360 0x1540  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\drivers\megasas.sys
14:43:22.0395 0x1540  megasas - ok
14:43:22.0427 0x1540  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:43:22.0495 0x1540  MegaSR - ok
14:43:22.0588 0x1540  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
14:43:22.0677 0x1540  MMCSS - ok
14:43:22.0715 0x1540  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
14:43:22.0808 0x1540  Modem - ok
14:43:22.0862 0x1540  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
14:43:22.0909 0x1540  monitor - ok
14:43:22.0992 0x1540  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:43:23.0026 0x1540  mouclass - ok
14:43:23.0060 0x1540  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:43:23.0117 0x1540  mouhid - ok
14:43:23.0217 0x1540  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:43:23.0278 0x1540  mountmgr - ok
14:43:23.0392 0x1540  [ 46297FA8E30A6007F14118FC2B942FBC, 40785B7121DBFA411EA922ECF6008BA4A94BC742662E271BFD6B31288ECC1BA4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:43:23.0451 0x1540  MozillaMaintenance - ok
14:43:23.0581 0x1540  [ FBA4CDA6B3B00D7A116DCC2B5C7E9790, FE909159323290555971F031E7911DCCD035B873E630A230A660C13D57719206 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
14:43:23.0661 0x1540  MpFilter - ok
14:43:23.0726 0x1540  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:43:23.0779 0x1540  mpio - ok
14:43:23.0878 0x1540  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:43:24.0038 0x1540  mpsdrv - ok
14:43:24.0151 0x1540  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:43:24.0383 0x1540  MpsSvc - ok
14:43:24.0462 0x1540  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:43:24.0544 0x1540  MRxDAV - ok
14:43:24.0592 0x1540  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:43:24.0676 0x1540  mrxsmb - ok
14:43:24.0729 0x1540  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:43:24.0809 0x1540  mrxsmb10 - ok
14:43:24.0848 0x1540  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:43:24.0938 0x1540  mrxsmb20 - ok
14:43:24.0990 0x1540  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:43:25.0037 0x1540  msahci - ok
14:43:25.0083 0x1540  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
14:43:25.0146 0x1540  msdsm - ok
14:43:25.0193 0x1540  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
14:43:25.0284 0x1540  MSDTC - ok
14:43:25.0331 0x1540  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:43:25.0472 0x1540  Msfs - ok
14:43:25.0553 0x1540  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
14:43:25.0647 0x1540  mshidkmdf - ok
14:43:25.0663 0x1540  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:43:25.0694 0x1540  msisadrv - ok
14:43:25.0744 0x1540  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
14:43:25.0847 0x1540  MSiSCSI - ok
14:43:25.0859 0x1540  msiserver - ok
14:43:25.0945 0x1540  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
14:43:26.0045 0x1540  MSKSSRV - ok
14:43:26.0193 0x1540  [ F46BA4E7F4A34295B20917CD77F6CEC9, 1A91AC1AC1FBFC6922D0430D752240A91C9001373B1F84F960FDE0AC062A411A ] MsMpSvc        c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:43:26.0251 0x1540  MsMpSvc - ok
14:43:26.0349 0x1540  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:43:26.0509 0x1540  MSPCLOCK - ok
14:43:26.0534 0x1540  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
14:43:26.0670 0x1540  MSPQM - ok
14:43:26.0733 0x1540  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
14:43:26.0818 0x1540  MsRPC - ok
14:43:26.0865 0x1540  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:43:26.0927 0x1540  mssmbios - ok
14:43:26.0958 0x1540  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
14:43:27.0110 0x1540  MSTEE - ok
14:43:27.0171 0x1540  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:43:27.0226 0x1540  MTConfig - ok
14:43:27.0267 0x1540  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\Windows\system32\Drivers\mup.sys
14:43:27.0314 0x1540  Mup - ok
14:43:27.0398 0x1540  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
14:43:27.0596 0x1540  napagent - ok
14:43:27.0726 0x1540  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
14:43:27.0847 0x1540  NativeWifiP - ok
14:43:28.0024 0x1540  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:43:28.0163 0x1540  NDIS - ok
14:43:28.0210 0x1540  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
14:43:28.0376 0x1540  NdisCap - ok
14:43:28.0477 0x1540  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:43:28.0608 0x1540  NdisTapi - ok
14:43:28.0701 0x1540  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
14:43:28.0854 0x1540  Ndisuio - ok
14:43:28.0901 0x1540  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
14:43:29.0042 0x1540  NdisWan - ok
14:43:29.0089 0x1540  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
14:43:29.0242 0x1540  NDProxy - ok
14:43:29.0275 0x1540  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
14:43:29.0410 0x1540  NetBIOS - ok
14:43:29.0468 0x1540  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
14:43:29.0639 0x1540  NetBT - ok
14:43:29.0684 0x1540  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon        C:\Windows\system32\lsass.exe
14:43:29.0751 0x1540  Netlogon - ok
14:43:29.0813 0x1540  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
14:43:29.0994 0x1540  Netman - ok
14:43:30.0170 0x1540  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:43:30.0233 0x1540  NetMsmqActivator - ok
14:43:30.0303 0x1540  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:43:30.0366 0x1540  NetPipeActivator - ok
14:43:30.0444 0x1540  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
14:43:30.0653 0x1540  netprofm - ok
14:43:30.0714 0x1540  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:43:30.0802 0x1540  NetTcpActivator - ok
14:43:30.0849 0x1540  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:43:30.0896 0x1540  NetTcpPortSharing - ok
14:43:30.0961 0x1540  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
14:43:30.0992 0x1540  nfrd960 - ok
14:43:31.0117 0x1540  [ E10B84385C3FEEF4BDE8E6A980535522, 56D9E47B76CDABE45E64C9E74DCBCC2F7C07A44519ED938BD730018C48445614 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:43:31.0164 0x1540  NisDrv - ok
14:43:31.0226 0x1540  [ 9BF50324444C46997C2492D505B47F2D, 42C74456C64F7D688E0911255746BD2A52A3590AED22B24F7E385760D720B8E9 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
14:43:31.0380 0x1540  NisSrv - ok
14:43:31.0450 0x1540  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:43:31.0572 0x1540  NlaSvc - ok
14:43:31.0595 0x1540  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:43:31.0740 0x1540  Npfs - ok
14:43:31.0787 0x1540  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
14:43:31.0902 0x1540  nsi - ok
14:43:31.0918 0x1540  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:43:32.0024 0x1540  nsiproxy - ok
14:43:32.0177 0x1540  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:43:32.0323 0x1540  Ntfs - ok
14:43:32.0355 0x1540  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
14:43:32.0433 0x1540  Null - ok
14:43:32.0525 0x1540  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:43:32.0551 0x1540  nvraid - ok
14:43:32.0601 0x1540  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:43:32.0643 0x1540  nvstor - ok
14:43:32.0724 0x1540  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:43:32.0761 0x1540  nv_agp - ok
14:43:32.0777 0x1540  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:43:32.0824 0x1540  ohci1394 - ok
14:43:32.0918 0x1540  [ 2BD93CDCD566B9DF88280CA4F956E937, 0A242E2F08256CCD809B2311AF7DEE91005431824D3AB97E45E4BFC52A0142B4 ] OpenVPNService  C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
14:43:32.0953 0x1540  OpenVPNService - ok
14:43:33.0056 0x1540  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:43:33.0099 0x1540  ose - ok
14:43:33.0234 0x1540  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:43:33.0340 0x1540  p2pimsvc - ok
14:43:33.0408 0x1540  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
14:43:33.0508 0x1540  p2psvc - ok
14:43:33.0563 0x1540  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\drivers\parport.sys
14:43:33.0625 0x1540  Parport - ok
14:43:33.0679 0x1540  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
14:43:33.0741 0x1540  partmgr - ok
14:43:33.0824 0x1540  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:43:33.0887 0x1540  PcaSvc - ok
14:43:33.0938 0x1540  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
14:43:33.0977 0x1540  pci - ok
14:43:34.0039 0x1540  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:43:34.0071 0x1540  pciide - ok
14:43:34.0102 0x1540  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:43:34.0149 0x1540  pcmcia - ok
14:43:34.0180 0x1540  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
14:43:34.0211 0x1540  pcw - ok
14:43:34.0313 0x1540  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:43:34.0397 0x1540  PEAUTH - ok
14:43:34.0506 0x1540  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
14:43:34.0631 0x1540  PeerDistSvc - ok
14:43:34.0787 0x1540  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:43:34.0841 0x1540  PerfHost - ok
14:43:34.0993 0x1540  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
14:43:35.0180 0x1540  pla - ok
14:43:35.0282 0x1540  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:43:35.0344 0x1540  PlugPlay - ok
14:43:35.0359 0x1540  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
14:43:35.0437 0x1540  PNRPAutoReg - ok
14:43:35.0475 0x1540  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
14:43:35.0541 0x1540  PNRPsvc - ok
14:43:35.0596 0x1540  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
14:43:35.0732 0x1540  PolicyAgent - ok
14:43:35.0783 0x1540  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power          C:\Windows\system32\umpo.dll
14:43:35.0883 0x1540  Power - ok
14:43:35.0994 0x1540  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:43:36.0102 0x1540  PptpMiniport - ok
14:43:36.0119 0x1540  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\drivers\processr.sys
14:43:36.0156 0x1540  Processor - ok
14:43:36.0252 0x1540  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc        C:\Windows\system32\profsvc.dll
14:43:36.0293 0x1540  ProfSvc - ok
14:43:36.0324 0x1540  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:43:36.0360 0x1540  ProtectedStorage - ok
14:43:36.0466 0x1540  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:43:36.0607 0x1540  Psched - ok
14:43:36.0951 0x1540  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:43:37.0108 0x1540  ql2300 - ok
14:43:37.0160 0x1540  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:43:37.0192 0x1540  ql40xx - ok
14:43:37.0247 0x1540  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
14:43:37.0309 0x1540  QWAVE - ok
14:43:37.0325 0x1540  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:43:37.0381 0x1540  QWAVEdrv - ok
14:43:37.0412 0x1540  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:43:37.0510 0x1540  RasAcd - ok
14:43:37.0591 0x1540  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
14:43:37.0677 0x1540  RasAgileVpn - ok
14:43:37.0724 0x1540  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
14:43:37.0822 0x1540  RasAuto - ok
14:43:37.0861 0x1540  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
14:43:37.0981 0x1540  Rasl2tp - ok
14:43:38.0077 0x1540  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
14:43:38.0193 0x1540  RasMan - ok
14:43:38.0209 0x1540  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:43:38.0318 0x1540  RasPppoe - ok
14:43:38.0349 0x1540  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
14:43:38.0458 0x1540  RasSstp - ok
14:43:38.0510 0x1540  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
14:43:38.0670 0x1540  rdbss - ok
14:43:38.0717 0x1540  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:43:38.0795 0x1540  rdpbus - ok
14:43:38.0811 0x1540  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:43:38.0951 0x1540  RDPCDD - ok
14:43:39.0025 0x1540  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
14:43:39.0133 0x1540  RDPDR - ok
14:43:39.0192 0x1540  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:43:39.0344 0x1540  RDPENCDD - ok
14:43:39.0360 0x1540  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:43:39.0530 0x1540  RDPREFMP - ok
14:43:39.0595 0x1540  [ 76D8CC526512ECAE2AEF63B1A6D018A1, 7281AFEBA5455BB879D4BA2DBADDCF6DAC87C1040605907CC907142609985B17 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:43:39.0654 0x1540  RdpVideoMiniport - ok
14:43:39.0727 0x1540  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
14:43:39.0826 0x1540  RDPWD - ok
14:43:39.0924 0x1540  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:43:40.0007 0x1540  rdyboost - ok
14:43:40.0059 0x1540  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:43:40.0225 0x1540  RemoteAccess - ok
14:43:40.0277 0x1540  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:43:40.0448 0x1540  RemoteRegistry - ok
14:43:40.0544 0x1540  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:43:40.0602 0x1540  RFCOMM - ok
14:43:40.0692 0x1540  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:43:40.0791 0x1540  RpcEptMapper - ok
14:43:40.0842 0x1540  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
14:43:40.0876 0x1540  RpcLocator - ok
14:43:40.0944 0x1540  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
14:43:41.0084 0x1540  RpcSs - ok
14:43:41.0204 0x1540  [ 546D7F426776090B90EF5F195B6AE662, E67598E1CA5F98184DD7380E7AFD65C18C99EDC3326909EBFF2A61F95C3A027D ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
14:43:41.0259 0x1540  RSPCIESTOR - ok
14:43:41.0337 0x1540  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:43:41.0452 0x1540  rspndr - ok
14:43:41.0586 0x1540  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
14:43:41.0649 0x1540  RTL8167 - ok
14:43:41.0665 0x1540  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap          C:\Windows\system32\drivers\vms3cap.sys
14:43:41.0696 0x1540  s3cap - ok
14:43:41.0727 0x1540  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs          C:\Windows\system32\lsass.exe
14:43:41.0766 0x1540  SamSs - ok
14:43:41.0813 0x1540  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:43:41.0852 0x1540  sbp2port - ok
14:43:41.0896 0x1540  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:43:42.0001 0x1540  SCardSvr - ok
14:43:42.0023 0x1540  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:43:42.0099 0x1540  scfilter - ok
14:43:42.0170 0x1540  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
14:43:42.0304 0x1540  Schedule - ok
14:43:42.0341 0x1540  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
14:43:42.0417 0x1540  SCPolicySvc - ok
14:43:42.0449 0x1540  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:43:42.0489 0x1540  SDRSVC - ok
14:43:42.0579 0x1540  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:43:42.0696 0x1540  secdrv - ok
14:43:42.0731 0x1540  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
14:43:42.0878 0x1540  seclogon - ok
14:43:42.0925 0x1540  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
14:43:43.0093 0x1540  SENS - ok
14:43:43.0124 0x1540  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:43:43.0188 0x1540  SensrSvc - ok
14:43:43.0262 0x1540  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\drivers\serenum.sys
14:43:43.0311 0x1540  Serenum - ok
14:43:43.0343 0x1540  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
14:43:43.0404 0x1540  Serial - ok
14:43:43.0436 0x1540  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:43:43.0483 0x1540  sermouse - ok
14:43:43.0574 0x1540  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
14:43:43.0677 0x1540  SessionEnv - ok
14:43:43.0709 0x1540  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
14:43:43.0752 0x1540  sffdisk - ok
14:43:43.0767 0x1540  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:43:43.0825 0x1540  sffp_mmc - ok
14:43:43.0855 0x1540  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
14:43:43.0893 0x1540  sffp_sd - ok
14:43:43.0975 0x1540  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
14:43:44.0083 0x1540  sfloppy - ok
14:43:44.0219 0x1540  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:43:44.0395 0x1540  SharedAccess - ok
14:43:44.0459 0x1540  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:43:44.0555 0x1540  ShellHWDetection - ok
14:43:44.0654 0x1540  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:43:44.0714 0x1540  SiSRaid2 - ok
14:43:44.0769 0x1540  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:43:44.0831 0x1540  SiSRaid4 - ok
14:43:44.0995 0x1540  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
14:43:45.0086 0x1540  SkypeUpdate - ok
14:43:45.0102 0x1540  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
14:43:45.0251 0x1540  Smb - ok
14:43:45.0377 0x1540  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:43:45.0459 0x1540  SNMPTRAP - ok
14:43:45.0492 0x1540  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
14:43:45.0542 0x1540  spldr - ok
14:43:45.0621 0x1540  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler        C:\Windows\System32\spoolsv.exe
14:43:45.0751 0x1540  Spooler - ok
14:43:46.0120 0x1540  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:43:46.0656 0x1540  sppsvc - ok
14:43:46.0683 0x1540  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
14:43:46.0793 0x1540  sppuinotify - ok
14:43:47.0137 0x1540  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
14:43:47.0231 0x1540  srv - ok
14:43:47.0340 0x1540  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:43:47.0443 0x1540  srv2 - ok
14:43:47.0490 0x1540  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:43:47.0552 0x1540  srvnet - ok
14:43:47.0599 0x1540  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
14:43:47.0790 0x1540  SSDPSRV - ok
14:43:47.0821 0x1540  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
14:43:47.0975 0x1540  SstpSvc - ok
14:43:48.0006 0x1540  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:43:48.0053 0x1540  stexstor - ok
14:43:48.0189 0x1540  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
14:43:48.0321 0x1540  stisvc - ok
14:43:48.0368 0x1540  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt        C:\Windows\system32\drivers\vmstorfl.sys
14:43:48.0430 0x1540  storflt - ok
14:43:48.0510 0x1540  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc        C:\Windows\system32\drivers\storvsc.sys
14:43:48.0572 0x1540  storvsc - ok
14:43:48.0614 0x1540  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:43:48.0661 0x1540  swenum - ok
14:43:48.0740 0x1540  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
14:43:48.0950 0x1540  swprv - ok
14:43:48.0989 0x1540  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
14:43:49.0052 0x1540  Synth3dVsc - ok
14:43:49.0181 0x1540  [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP          C:\Windows\system32\DRIVERS\SynTP.sys
14:43:49.0267 0x1540  SynTP - ok
14:43:49.0496 0x1540  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain        C:\Windows\system32\sysmain.dll
14:43:49.0752 0x1540  SysMain - ok
14:43:49.0777 0x1540  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:43:49.0876 0x1540  TabletInputService - ok
14:43:49.0946 0x1540  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901        C:\Windows\system32\DRIVERS\tap0901.sys
14:43:49.0977 0x1540  tap0901 - ok
14:43:50.0008 0x1540  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
14:43:50.0190 0x1540  TapiSrv - ok
14:43:50.0222 0x1540  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
14:43:50.0293 0x1540  TBS - ok
14:43:50.0480 0x1540  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
14:43:50.0610 0x1540  Tcpip - ok
14:43:50.0817 0x1540  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:43:50.0960 0x1540  TCPIP6 - ok
14:43:51.0040 0x1540  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:43:51.0075 0x1540  tcpipreg - ok
14:43:51.0122 0x1540  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:43:51.0160 0x1540  TDPIPE - ok
14:43:51.0211 0x1540  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
14:43:51.0256 0x1540  TDTCP - ok
14:43:51.0322 0x1540  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
14:43:51.0360 0x1540  tdx - ok
14:43:51.0391 0x1540  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:43:51.0422 0x1540  TermDD - ok
14:43:51.0461 0x1540  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
14:43:51.0496 0x1540  terminpt - ok
14:43:51.0576 0x1540  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService    C:\Windows\System32\termsrv.dll
14:43:51.0684 0x1540  TermService - ok
14:43:51.0728 0x1540  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
14:43:51.0904 0x1540  Themes - ok
14:43:51.0948 0x1540  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
14:43:52.0048 0x1540  THREADORDER - ok
14:43:52.0099 0x1540  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
14:43:52.0222 0x1540  TrkWks - ok
14:43:52.0276 0x1540  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:43:52.0360 0x1540  TrustedInstaller - ok
14:43:52.0422 0x1540  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:43:52.0461 0x1540  tssecsrv - ok
14:43:52.0540 0x1540  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:43:52.0561 0x1540  TsUsbFlt - ok
14:43:52.0592 0x1540  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
14:43:52.0623 0x1540  TsUsbGD - ok
14:43:52.0660 0x1540  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
14:43:52.0704 0x1540  tsusbhub - ok
14:43:52.0824 0x1540  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:43:52.0960 0x1540  tunnel - ok
14:43:53.0007 0x1540  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:43:53.0060 0x1540  uagp35 - ok
14:43:53.0122 0x1540  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:43:53.0288 0x1540  udfs - ok
14:43:53.0476 0x1540  [ 0CA9E659B7053D398052776AC936B167, D9ECFE78A5B23256EE12B9709DCEBA704FAB1C9258DD5768770E8B7B3030A2D0 ] UI Assistant Service C:\Program Files (x86)\Mobile Partner Manager\AssistantServices.exe
14:43:53.0522 0x1540  UI Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
14:43:56.0125 0x1540  Detect skipped due to KSN trusted
14:43:56.0125 0x1540  UI Assistant Service - ok
14:43:56.0161 0x1540  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
14:43:56.0247 0x1540  UI0Detect - ok
14:43:56.0318 0x1540  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:43:56.0392 0x1540  uliagpkx - ok
14:43:56.0476 0x1540  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
14:43:56.0550 0x1540  umbus - ok
14:43:56.0566 0x1540  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:43:56.0639 0x1540  UmPass - ok
14:43:56.0693 0x1540  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
14:43:56.0799 0x1540  UmRdpService - ok
14:43:56.0879 0x1540  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
14:43:57.0061 0x1540  upnphost - ok
14:43:57.0145 0x1540  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64      C:\Windows\system32\Drivers\usbaapl64.sys
14:43:57.0178 0x1540  USBAAPL64 - ok
14:43:57.0269 0x1540  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
14:43:57.0310 0x1540  usbccgp - ok
14:43:57.0392 0x1540  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:43:57.0441 0x1540  usbcir - ok
14:43:57.0464 0x1540  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
14:43:57.0526 0x1540  usbehci - ok
14:43:57.0623 0x1540  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:43:57.0719 0x1540  usbhub - ok
14:43:57.0753 0x1540  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
14:43:57.0815 0x1540  usbohci - ok
14:43:57.0867 0x1540  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:43:57.0926 0x1540  usbprint - ok
14:43:57.0978 0x1540  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:43:58.0051 0x1540  USBSTOR - ok
14:43:58.0103 0x1540  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
14:43:58.0172 0x1540  usbuhci - ok
14:43:58.0278 0x1540  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:43:58.0370 0x1540  usbvideo - ok
14:43:58.0417 0x1540  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
14:43:58.0594 0x1540  UxSms - ok
14:43:58.0625 0x1540  [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc        C:\Windows\system32\lsass.exe
14:43:58.0691 0x1540  VaultSvc - ok
14:43:58.0772 0x1540  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:43:58.0793 0x1540  vdrvroot - ok
14:43:58.0862 0x1540  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
14:43:59.0059 0x1540  vds - ok
14:43:59.0079 0x1540  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
14:43:59.0126 0x1540  vga - ok
14:43:59.0151 0x1540  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
14:43:59.0246 0x1540  VgaSave - ok
14:43:59.0255 0x1540  VGPU - ok
14:43:59.0290 0x1540  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
14:43:59.0337 0x1540  vhdmp - ok
14:43:59.0407 0x1540  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:43:59.0444 0x1540  viaide - ok
14:43:59.0513 0x1540  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus          C:\Windows\system32\drivers\vmbus.sys
14:43:59.0576 0x1540  vmbus - ok
14:43:59.0607 0x1540  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:43:59.0669 0x1540  VMBusHID - ok
14:43:59.0721 0x1540  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:43:59.0770 0x1540  volmgr - ok
14:43:59.0817 0x1540  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
14:43:59.0924 0x1540  volmgrx - ok
14:43:59.0988 0x1540  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap        C:\Windows\system32\drivers\volsnap.sys
14:44:00.0071 0x1540  volsnap - ok
14:44:00.0144 0x1540  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
14:44:00.0239 0x1540  vsmraid - ok
14:44:00.0453 0x1540  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
14:44:00.0809 0x1540  VSS - ok
14:44:00.0844 0x1540  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:44:00.0888 0x1540  vwifibus - ok
14:44:00.0976 0x1540  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:44:01.0031 0x1540  vwififlt - ok
14:44:01.0093 0x1540  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
14:44:01.0158 0x1540  vwifimp - ok
14:44:01.0207 0x1540  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
14:44:01.0347 0x1540  W32Time - ok
14:44:01.0371 0x1540  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:44:01.0418 0x1540  WacomPen - ok
14:44:01.0525 0x1540  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:44:01.0619 0x1540  WANARP - ok
14:44:01.0677 0x1540  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:44:01.0775 0x1540  Wanarpv6 - ok
14:44:02.0018 0x1540  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
14:44:02.0193 0x1540  WatAdminSvc - ok
14:44:02.0424 0x1540  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
14:44:02.0576 0x1540  wbengine - ok
14:44:02.0607 0x1540  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:44:02.0692 0x1540  WbioSrvc - ok
14:44:02.0724 0x1540  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
14:44:02.0818 0x1540  wcncsvc - ok
14:44:02.0843 0x1540  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:44:02.0890 0x1540  WcsPlugInService - ok
14:44:02.0921 0x1540  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
14:44:02.0959 0x1540  Wd - ok
14:44:03.0091 0x1540  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:44:03.0237 0x1540  Wdf01000 - ok
14:44:03.0335 0x1540  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:44:03.0406 0x1540  WdiServiceHost - ok
14:44:03.0437 0x1540  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost  C:\Windows\system32\wdi.dll
14:44:03.0515 0x1540  WdiSystemHost - ok
14:44:03.0593 0x1540  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient      C:\Windows\System32\webclnt.dll
14:44:03.0687 0x1540  WebClient - ok
14:44:03.0753 0x1540  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:44:03.0926 0x1540  Wecsvc - ok
14:44:03.0960 0x1540  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
14:44:04.0105 0x1540  wercplsupport - ok
14:44:04.0215 0x1540  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:44:04.0390 0x1540  WerSvc - ok
14:44:04.0486 0x1540  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:44:04.0577 0x1540  WfpLwf - ok
14:44:04.0609 0x1540  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:44:04.0647 0x1540  WIMMount - ok
14:44:04.0693 0x1540  WinDefend - ok
14:44:04.0734 0x1540  WinHttpAutoProxySvc - ok
14:44:04.0821 0x1540  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
14:44:04.0925 0x1540  Winmgmt - ok
14:44:05.0109 0x1540  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM          C:\Windows\system32\WsmSvc.dll
14:44:05.0290 0x1540  WinRM - ok
14:44:05.0414 0x1540  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:44:05.0460 0x1540  WinUsb - ok
14:44:05.0548 0x1540  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
14:44:05.0661 0x1540  Wlansvc - ok
14:44:05.0692 0x1540  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
14:44:05.0743 0x1540  WmiAcpi - ok
14:44:05.0828 0x1540  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:44:05.0874 0x1540  wmiApSrv - ok
14:44:05.0906 0x1540  WMPNetworkSvc - ok
14:44:05.0943 0x1540  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:44:05.0990 0x1540  WPCSvc - ok
14:44:06.0025 0x1540  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:44:06.0076 0x1540  WPDBusEnum - ok
14:44:06.0109 0x1540  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
14:44:06.0191 0x1540  ws2ifsl - ok
14:44:06.0222 0x1540  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
14:44:06.0290 0x1540  wscsvc - ok
14:44:06.0305 0x1540  WSearch - ok
14:44:06.0590 0x1540  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:44:06.0903 0x1540  wuauserv - ok
14:44:06.0982 0x1540  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:44:07.0060 0x1540  WudfPf - ok
14:44:07.0164 0x1540  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:44:07.0243 0x1540  WUDFRd - ok
14:44:07.0325 0x1540  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
14:44:07.0418 0x1540  wudfsvc - ok
14:44:07.0492 0x1540  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\Windows\System32\wwansvc.dll
14:44:07.0588 0x1540  WwanSvc - ok
14:44:07.0718 0x1540  [ FF5A03A65B68DB7E02A12880399D40D4, 9C530A1E7C0B7500C6965896B97CB9BA7BD210165EC0D0B7FE4D1CAEB747BFFF ] ZTEusbmdm6k    C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:44:07.0792 0x1540  ZTEusbmdm6k - ok
14:44:07.0883 0x1540  [ FF5A03A65B68DB7E02A12880399D40D4, 9C530A1E7C0B7500C6965896B97CB9BA7BD210165EC0D0B7FE4D1CAEB747BFFF ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:44:07.0930 0x1540  ZTEusbnmea - ok
14:44:07.0960 0x1540  [ FF5A03A65B68DB7E02A12880399D40D4, 9C530A1E7C0B7500C6965896B97CB9BA7BD210165EC0D0B7FE4D1CAEB747BFFF ] ZTEusbser6k    C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:44:08.0007 0x1540  ZTEusbser6k - ok
14:44:08.0129 0x1540  ================ Scan global ===============================
14:44:08.0161 0x1540  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:44:08.0223 0x1540  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:44:08.0307 0x1540  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:44:08.0386 0x1540  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:44:08.0450 0x1540  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:44:08.0494 0x1540  [ Global ] - ok
14:44:08.0506 0x1540  ================ Scan MBR ==================================
14:44:08.0520 0x1540  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:44:09.0190 0x1540  \Device\Harddisk0\DR0 - ok
14:44:09.0205 0x1540  ================ Scan VBR ==================================
14:44:09.0205 0x1540  [ 9602DC48F506CFE46BFA50184BD12CB3 ] \Device\Harddisk0\DR0\Partition1
14:44:09.0205 0x1540  \Device\Harddisk0\DR0\Partition1 - ok
14:44:09.0243 0x1540  [ A02C9D9D1C944A5DFFB1F8293B9EDA4A ] \Device\Harddisk0\DR0\Partition2
14:44:09.0251 0x1540  \Device\Harddisk0\DR0\Partition2 - ok
14:44:09.0253 0x1540  ================ Scan generic autorun ======================
14:44:10.0043 0x1540  [ 4A2E8D18F774CA393F478F24D0D82620, 5454621FC4BE2CB55B9E1EF99ED3C2D6A4FEBCF34B9D862C1D5ACD0D3E939866 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
14:44:10.0802 0x1540  RTHDVCPL - ok
14:44:10.0833 0x1540  SynTPEnh - ok
14:44:10.0976 0x1540  [ 996E0DF31F7C7AD1C5BD8B56DFB601D3, CA68E25B69A21CB02EAA472FBF012BC8F358A155BCF8EA1EAA45FA405F48C0AE ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
14:44:11.0073 0x1540  AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
14:44:13.0652 0x1540  Detect skipped due to KSN trusted
14:44:13.0652 0x1540  AtherosBtStack - ok
14:44:13.0732 0x1540  [ 82CDD11153EC417F7E0C8C653805105B, 742EFC9F716F134608B790B84C7E808E0CEFE4297B15A3FF21F8A5F00211360F ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
14:44:13.0843 0x1540  AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
14:44:16.0434 0x1540  Detect skipped due to KSN trusted
14:44:16.0434 0x1540  AthBtTray - ok
14:44:16.0622 0x1540  [ 87A4BA086E5B5DF0F36E3F6D7234D701, EE26338497E016A95CB5970777B7B7AC8FAEF4E491713D729EDEFBCDC9FBF4A4 ] c:\Program Files\Microsoft Security Client\msseces.exe
14:44:16.0824 0x1540  MSC - ok
14:44:16.0906 0x1540  [ 7618ADE9F11AF1D520AEE52C0F046748, 0E929FEBBF2FA814DBAC9E65242D0FB47D2E42F133A12A2C47F075E5D03AD1BC ] C:\Program Files (x86)\Mobile Partner Manager\UIExec.exe
14:44:16.0951 0x1540  UIExec - detected UnsignedFile.Multi.Generic ( 1 )
14:44:19.0493 0x1540  Detect skipped due to KSN trusted
14:44:19.0494 0x1540  UIExec - ok
14:44:20.0192 0x1540  [ 938FA6F63B210FB8EF5A7B2FC1229431, 545DDA9C32DF14B50688F8192A345FE66D2DB3F8763ECBF85B38AC829E49E1D9 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
14:44:20.0608 0x1540  AvastUI.exe - ok
14:44:20.0809 0x1540  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:44:20.0959 0x1540  Sidebar - ok
14:44:21.0014 0x1540  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:44:21.0109 0x1540  mctadmin - ok
14:44:21.0262 0x1540  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:44:21.0425 0x1540  Sidebar - ok
14:44:21.0462 0x1540  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:44:21.0559 0x1540  mctadmin - ok
14:44:21.0659 0x1540  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\lilith\AppData\Local\Google\Update\GoogleUpdate.exe
14:44:21.0706 0x1540  Google Update - ok
14:44:21.0991 0x1540  [ 32E8A4FCE03B255E7C7448F3B4910BC0, 56EA3F53A5636549271C18FE6126D7F572F97415852D27B966E32304B4A70004 ] C:\Users\lilith\AppData\Roaming\Spotify\SpotifyWebHelper.exe
14:44:22.0220 0x1540  Spotify Web Helper - ok
14:44:22.0262 0x1540  AppEx Accelerator UI - ok
14:44:23.0460 0x1540  [ 845799C9874B68BEAE3B64059653C7E3, 2E0B9DD46569A6449989E2D7C60B88B46352A178019B4BD840C166674E798CFD ] C:\Program Files\CCleaner\CCleaner64.exe
14:44:23.0976 0x1540  CCleaner Monitoring - ok
14:44:24.0795 0x1540  [ 60428B7F66FE3A08DE7FCB12A5EA58F6, 3C0F9FD7646B324F3EB5775D75BAA72E1B90AA0ADD8F812603565769943954DF ] C:\Users\lilith\AppData\Roaming\Spotify\Spotify.exe
14:44:25.0489 0x1540  Spotify - ok
14:44:25.0504 0x1540  Waiting for KSN requests completion. In queue: 9
14:44:26.0505 0x1540  Waiting for KSN requests completion. In queue: 9
14:44:27.0505 0x1540  Waiting for KSN requests completion. In queue: 9
14:44:28.0591 0x1540  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.7.205.0 ), 0x61000 ( enabled : updated )
14:44:28.0596 0x1540  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2214.845 ), 0x41000 ( enabled : updated )
14:44:28.0619 0x1540  Win FW state via NFP2: enabled
14:44:31.0218 0x1540  ============================================================
14:44:31.0218 0x1540  Scan finished
14:44:31.0218 0x1540  ============================================================
14:44:31.0254 0x13b4  Detected object count: 0
14:44:31.0254 0x13b4  Actual detected object count: 0
Ich glaube inzwischen fast, dass ich vielleicht doch überreagier und es einfach an meinem alten PC liegen könnte... in dem Fall möchte ich mich entschuldigen, es tut mir wirklich unendlich Leid, wenn ich deine Zeit verschwendet habe :(
Die Screenshots vom Process Explorer habe ich trotzdem noch angehängt, nur für den Fall, dass da irgendetwas auffällig ist, denn ich erkenne nichts...

Dankeschön nochmal und Entschuldigung, falls das alles überflüssig war!

schrauber 28.03.2015 22:00
Chrome zieht schon ne Menge Saft.

Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de


Neue Screenshots bitte, aber vorher nach CPU Last sortieren :)

MissVerstehn 29.03.2015 14:35
Liste der Anhänge anzeigen (Anzahl: 2)
Hey,
ich hab beides gemacht und hoffe, dass ich diesmal auch die richtigen Screenshots schicke:
auf dem ersten habe ich es (wenn ich das richtig verstanden hab) nach dem tatsächlich allokierten RAM sortiert und beim zweiten nach Speicherplatz des Programms(?)...
Sorry, ich hab wirklich wenig Ahnung von Computern! :stirn:
Und nochmal danke!

schrauber 30.03.2015 05:01
Merkwürdig, Chrome zieht immer noch Saft ohne Ende. Chrome zu machen wenn Du den Screenshot machst, und CPU so sortieren dass die höchste Zahl oben steht.

MissVerstehn 30.03.2015 13:40
Liste der Anhänge anzeigen (Anzahl: 2)
Könnte es sein, dass ich durch das Runterladen von dem neuen Grafikkartentreiber irgendwas an meiner Grafikkarte kaputt gemacht habe? Oder dass ich deswegen jetzt auch einen neuen Netzwerktreiber brauche?

schrauber 30.03.2015 17:33
Das sieht schon besser aus. Process Explorer zieht Saft, und im Hintergrund lief ein Update.

Normalerweise passiert das nicht bei Treiberinstallation.

MissVerstehn 31.03.2015 11:01
Also liegt es an Chome und ich brauch mir keine Sorgen um Trojaner oder so machen?

schrauber 31.03.2015 19:11
Jo, Logs sind sauber :)

MissVerstehn 31.03.2015 21:32
Cool, vielen Dank! Mega nett, dass du dir die Zeit genommen hast mir zu helfen, ich weis das wirklich zu schätzen :dankeschoen:

schrauber 01.04.2015 08:49
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:08 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131