Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: AVG-Erkennung auf Win7-System (Agent_c.ALS)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 03.11.2015, 22:49   #1
zabbn
 
AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



Hallo, guten Abend!

Habe soeben einen Fund von AVG gemeldet bekommen: Agent_c.ALS
Suche spuckt dazu nichts aus, deshalb poste ich meine logfiles:


defogger:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:16 on 03/11/2015 (Greg)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...


-=E.O.F=-
         
GMER
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-11-03 22:25:51
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Samsung_SSD_840_Series rev.DXT08B0Q 232,89GB
Running: Gmer-19357.exe; Driver: C:\Users\Greg\AppData\Local\Temp\pwlcqpow.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                            0000000077071401 2 bytes JMP 76aeb21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                              0000000077071419 2 bytes JMP 76aeb346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                            0000000077071431 2 bytes JMP 76b68fd1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                            000000007707144a 2 bytes CALL 76ac489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                             * 9
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                               00000000770714dd 2 bytes JMP 76b688c4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                        00000000770714f5 2 bytes JMP 76b68aa0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                               000000007707150d 2 bytes JMP 76b687ba C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                        0000000077071525 2 bytes JMP 76b68b8a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                              000000007707153d 2 bytes JMP 76adfca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                   0000000077071555 2 bytes JMP 76ae68ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                            000000007707156d 2 bytes JMP 76b69089 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                              0000000077071585 2 bytes JMP 76b68bea C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                 000000007707159d 2 bytes JMP 76b6877e C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                              00000000770715b5 2 bytes JMP 76adfd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                            00000000770715cd 2 bytes JMP 76aeb2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                        00000000770716b2 2 bytes JMP 76b68f4c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\AVG\Framework\Common\avguix.exe[2984] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                        00000000770716bd 2 bytes JMP 76b68713 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17      0000000077071401 2 bytes JMP 76aeb21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17        0000000077071419 2 bytes JMP 76aeb346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17      0000000077071431 2 bytes JMP 76b68fd1 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42      000000007707144a 2 bytes CALL 76ac489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                             * 9
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17         00000000770714dd 2 bytes JMP 76b688c4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17  00000000770714f5 2 bytes JMP 76b68aa0 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17         000000007707150d 2 bytes JMP 76b687ba C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17  0000000077071525 2 bytes JMP 76b68b8a C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17        000000007707153d 2 bytes JMP 76adfca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17             0000000077071555 2 bytes JMP 76ae68ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17      000000007707156d 2 bytes JMP 76b69089 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17        0000000077071585 2 bytes JMP 76b68bea C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17           000000007707159d 2 bytes JMP 76b6877e C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17        00000000770715b5 2 bytes JMP 76adfd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17      00000000770715cd 2 bytes JMP 76aeb2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20  00000000770716b2 2 bytes JMP 76b68f4c C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe[4224] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31  00000000770716bd 2 bytes JMP 76b68713 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\system32\svchost.exe[5168] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                                          00000000778ddc30 5 bytes JMP 0000000177880128
.text  C:\Windows\system32\svchost.exe[5168] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                                        00000000778ddd50 5 bytes JMP 0000000177880018
.text  C:\Windows\system32\svchost.exe[5168] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent                                                                               00000000778dde30 5 bytes JMP 00000001778801b0
.text  C:\Windows\system32\svchost.exe[5168] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant                                                                              00000000778de380 5 bytes JMP 0000000177880238
.text  C:\Windows\system32\svchost.exe[5168] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore                                                                           00000000778de410 5 bytes JMP 00000001778802c0
.text  C:\Windows\system32\svchost.exe[5168] C:\Windows\system32\kernel32.dll!CreateProcessInternalW                                                                   000000007768db10 1 byte JMP 00000000778800a0
.text  C:\Windows\system32\svchost.exe[5168] C:\Windows\system32\kernel32.dll!CreateProcessInternalW + 2                                                               000000007768db12 3 bytes {JMP 0x1f2590}
.text  C:\Windows\system32\svchost.exe[5168] C:\Windows\system32\KERNELBASE.dll!ResumeThread                                                                           000007fefc356f00 5 bytes JMP 000007ffed811f50
.text  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5724] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection                                  0000000077a8fc90 5 bytes JMP 0000000161521c00
.text  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5724] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory                                0000000077a8fe54 5 bytes JMP 0000000161521820
.text  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5724] C:\Windows\SysWOW64\ntdll.dll!NtCreateEvent                                       0000000077a8ffb4 5 bytes JMP 0000000161521ec0
.text  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5724] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant                                      0000000077a907dc 5 bytes JMP 0000000161521ee0
.text  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5724] C:\Windows\SysWOW64\ntdll.dll!NtCreateSemaphore                                   0000000077a908b4 5 bytes JMP 0000000161521f00
.text  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5724] C:\Windows\syswow64\kernel32.dll!CreateProcessInternalW                           0000000076ad3bab 5 bytes JMP 0000000161521990
.text  C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5724] C:\Windows\syswow64\KERNELBASE.dll!ResumeThread                                   00000000772b3b49 5 bytes JMP 0000000161521de0
.text  C:\Windows\system32\SearchIndexer.exe[5764] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                                    00000000778ddc30 5 bytes JMP 0000000077a40128
.text  C:\Windows\system32\SearchIndexer.exe[5764] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                                  00000000778ddd50 5 bytes JMP 0000000077a40018
.text  C:\Windows\system32\SearchIndexer.exe[5764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent                                                                         00000000778dde30 5 bytes JMP 0000000077a401b0
.text  C:\Windows\system32\SearchIndexer.exe[5764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant                                                                        00000000778de380 5 bytes JMP 0000000077a40238
.text  C:\Windows\system32\SearchIndexer.exe[5764] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore                                                                     00000000778de410 5 bytes JMP 0000000077a402c0
.text  C:\Windows\system32\SearchIndexer.exe[5764] C:\Windows\system32\KERNELBASE.dll!ResumeThread                                                                     000007fefc356f00 5 bytes JMP 000007ffed811f50
.text  C:\Windows\sysWOW64\wbem\wmiprvse.exe[5924] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection                                                                    0000000077a8fc90 5 bytes JMP 0000000161521c00
.text  C:\Windows\sysWOW64\wbem\wmiprvse.exe[5924] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory                                                                  0000000077a8fe54 5 bytes JMP 0000000161521820
.text  C:\Windows\sysWOW64\wbem\wmiprvse.exe[5924] C:\Windows\SysWOW64\ntdll.dll!NtCreateEvent                                                                         0000000077a8ffb4 5 bytes JMP 0000000161521ec0
.text  C:\Windows\sysWOW64\wbem\wmiprvse.exe[5924] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant                                                                        0000000077a907dc 5 bytes JMP 0000000161521ee0
.text  C:\Windows\sysWOW64\wbem\wmiprvse.exe[5924] C:\Windows\SysWOW64\ntdll.dll!NtCreateSemaphore                                                                     0000000077a908b4 5 bytes JMP 0000000161521f00
.text  C:\Windows\sysWOW64\wbem\wmiprvse.exe[5924] C:\Windows\syswow64\kernel32.dll!CreateProcessInternalW                                                             0000000076ad3bab 5 bytes JMP 0000000161521990
.text  C:\Windows\sysWOW64\wbem\wmiprvse.exe[5924] C:\Windows\syswow64\KERNELBASE.dll!ResumeThread                                                                     00000000772b3b49 5 bytes JMP 0000000161521de0
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[6068] C:\Windows\system32\kernel32.dll!CreateProcessInternalW                                                000000007768db10 1 byte JMP 0000000077a400a0
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[6068] C:\Windows\system32\kernel32.dll!CreateProcessInternalW + 2                                            000000007768db12 3 bytes {JMP 0x3b2590}
.text  C:\Program Files\Windows Media Player\wmpnetwk.exe[6068] C:\Windows\system32\KERNELBASE.dll!ResumeThread                                                        000007fefc356f00 5 bytes JMP 000007ffed811f50
.text  C:\Windows\system32\svchost.exe[5608] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                                          00000000778ddc30 5 bytes JMP 0000000177880128
.text  C:\Windows\system32\svchost.exe[5608] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                                        00000000778ddd50 5 bytes JMP 0000000177880018
.text  C:\Windows\system32\svchost.exe[5608] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent                                                                               00000000778dde30 5 bytes JMP 00000001778801b0
.text  C:\Windows\system32\svchost.exe[5608] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant                                                                              00000000778de380 5 bytes JMP 0000000177880238
.text  C:\Windows\system32\svchost.exe[5608] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore                                                                           00000000778de410 5 bytes JMP 00000001778802c0
.text  C:\Windows\system32\svchost.exe[5608] C:\Windows\system32\kernel32.dll!CreateProcessInternalW                                                                   000000007768db10 1 byte JMP 00000000778800a0
.text  C:\Windows\system32\svchost.exe[5608] C:\Windows\system32\kernel32.dll!CreateProcessInternalW + 2                                                               000000007768db12 3 bytes {JMP 0x1f2590}
.text  C:\Windows\system32\svchost.exe[5608] C:\Windows\system32\KERNELBASE.dll!ResumeThread                                                                           000007fefc356f00 5 bytes JMP 000007ffed811f50
.text  C:\Windows\system32\svchost.exe[5716] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                                          00000000778ddc30 5 bytes JMP 0000000177880128
.text  C:\Windows\system32\svchost.exe[5716] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                                        00000000778ddd50 5 bytes JMP 0000000177880018
.text  C:\Windows\system32\svchost.exe[5716] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent                                                                               00000000778dde30 5 bytes JMP 00000001778801b0
.text  C:\Windows\system32\svchost.exe[5716] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant                                                                              00000000778de380 5 bytes JMP 0000000177880238
.text  C:\Windows\system32\svchost.exe[5716] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore                                                                           00000000778de410 5 bytes JMP 00000001778802c0
.text  C:\Windows\system32\svchost.exe[5716] C:\Windows\system32\kernel32.dll!CreateProcessInternalW                                                                   000000007768db10 1 byte JMP 00000000778800a0
.text  C:\Windows\system32\svchost.exe[5716] C:\Windows\system32\kernel32.dll!CreateProcessInternalW + 2                                                               000000007768db12 3 bytes {JMP 0x1f2590}
.text  C:\Windows\system32\svchost.exe[5716] C:\Windows\system32\KERNELBASE.dll!ResumeThread                                                                           000007fefc356f00 5 bytes JMP 000007ffed811f50
.text  C:\Windows\system32\taskeng.exe[2384] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                                          00000000778ddc30 5 bytes JMP 0000000077a40128
.text  C:\Windows\system32\taskeng.exe[2384] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                                        00000000778ddd50 5 bytes JMP 0000000077a40018
.text  C:\Windows\system32\taskeng.exe[2384] C:\Windows\SYSTEM32\ntdll.dll!NtCreateEvent                                                                               00000000778dde30 5 bytes JMP 0000000077a401b0
.text  C:\Windows\system32\taskeng.exe[2384] C:\Windows\SYSTEM32\ntdll.dll!NtCreateMutant                                                                              00000000778de380 5 bytes JMP 0000000077a40238
.text  C:\Windows\system32\taskeng.exe[2384] C:\Windows\SYSTEM32\ntdll.dll!NtCreateSemaphore                                                                           00000000778de410 5 bytes JMP 0000000077a402c0
.text  C:\Windows\system32\taskeng.exe[2384] C:\Windows\system32\kernel32.dll!CreateProcessInternalW                                                                   000000007768db10 1 byte JMP 0000000077a400a0
.text  C:\Windows\system32\taskeng.exe[2384] C:\Windows\system32\kernel32.dll!CreateProcessInternalW + 2                                                               000000007768db12 3 bytes {JMP 0x3b2590}
.text  C:\Windows\system32\taskeng.exe[2384] C:\Windows\system32\KERNELBASE.dll!ResumeThread                                                                           000007fefc356f00 5 bytes JMP 000007ffed811f50

---- EOF - GMER 2.1 ----
         
Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-10-2015
durchgeführt von Greg (2015-11-03 22:18:12)
Gestartet von C:\Users\Greg\Desktop\AV
Windows 7 Ultimate Service Pack 1 (X64) (2015-10-09 20:14:16)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3584333090-1227493546-4216794361-500 - Administrator - Disabled)
Gast (S-1-5-21-3584333090-1227493546-4216794361-501 - Limited - Disabled)
Greg (S-1-5-21-3584333090-1227493546-4216794361-1001 - Administrator - Enabled) => C:\Users\Greg
HomeGroupUser$ (S-1-5-21-3584333090-1227493546-4216794361-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-3584333090-1227493546-4216794361-1002 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: AVG AntiVirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
AVG (Version: 16.4.7161 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4455 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.4.7161 - AVG Technologies)
CheVolume 0.3.0.0 (HKLM-x32\...\CheVolume_0) (Version: 0.3.0.0 - WellWeWeb)
CheVolume 0.4.0.2 (HKLM-x32\...\CheVolume 0.4.0.2) (Version:  - WellWeWeb)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
Equalify v2.1.2 (admin setup) (HKLM-x32\...\{7424809B-AA4A-4B2F-88A8-865F15F778B6}) (Version: 2.1.2.3 - Equalify)
FMW 1 (Version: 1.12.3 - AVG Technologies) Hidden
Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)
Freenet version 0.7.5 build 1470 (HKU\S-1-5-21-3584333090-1227493546-4216794361-1001\...\{3196C62F-9C7B-4392-88B4-05C037D05518}_is1) (Version: 0.7.5 build 1470 - freenetproject.org)
GrabIt 1.7.3 Beta (build 1010) (HKLM-x32\...\GrabIt_is1) (Version:  - Ilan Shemes)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mozilla Thunderbird 17.0.7 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.7 (x86 de)) (Version: 17.0.7 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKU\S-1-5-21-3584333090-1227493546-4216794361-1001\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
NVIDIA Grafiktreiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Update 4.11.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 4.11.9 - NVIDIA Corporation)
Opera Stable 15.0.1147.153 (HKLM-x32\...\Opera 15.0.1147.153) (Version: 15.0.1147.153 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7599 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Spotify (HKU\S-1-5-21-3584333090-1227493546-4216794361-1001\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version:  - Microsoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows7FirewallControl (x64) 5.2.18.33 (HKLM\...\Windows7FirewallControl_is1) (Version: 5.2.18.33 - Sphinx Software)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3584333090-1227493546-4216794361-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Wiederherstellungspunkte =========================

19-10-2015 13:43:40 Installed Microsoft Office Professional Plus 2013
19-10-2015 13:43:55 PROPLUS
26-10-2015 16:24:58 Revo Uninstaller's restore point - CheVolume 0.4.0.2
26-10-2015 16:29:14 Installed CheVolume 0.4.0.2 (Wrapped using MSI Wrapper from www.exemsi.com)
03-11-2015 04:25:59 Geplanter Prüfpunkt
03-11-2015 22:07:18 Revo Uninstaller's restore point - Prison Architect

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-11-03 22:12 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {4112E1D2-BB2E-498C-B032-57A85D28303C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {453826B5-A9E7-4BCF-945E-4B7181137889} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {4D49ECF7-B130-4919-B425-FA8C512A470C} - System32\Tasks\AdobeAAMUpdater-1.0-G-Machine-Greg => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
Task: {549DF541-843A-477A-ACC7-593CDF3736CC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-10] (Dropbox, Inc.)
Task: {603032C0-393F-4CC4-9FFB-F642A4AAEA06} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-10] (Dropbox, Inc.)
Task: {DD4C34DF-FF6E-46E4-AA13-BF86380C66D4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-09 21:22 - 2013-06-21 11:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-11 18:02 - 2015-09-11 18:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-09-11 18:01 - 2015-09-11 18:01 - 31958688 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-11-03 22:15 - 2015-11-03 22:15 - 00050477 _____ () C:\Users\Greg\Desktop\AV\Defogger.exe
2015-10-09 22:27 - 2015-10-09 22:27 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-09-15 07:08 - 2015-09-15 07:08 - 40523440 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-11-03 21:57 - 2015-11-03 21:57 - 00071168 _____ () c:\users\greg\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvs7gnt.dll
2015-10-10 13:25 - 2015-09-24 00:07 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-10-10 13:25 - 2015-09-24 00:07 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-10-10 13:25 - 2015-09-24 00:07 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-10-10 13:25 - 2015-09-24 00:07 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-09-15 07:08 - 2015-09-15 07:08 - 01365680 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2015-09-15 07:08 - 2015-09-15 07:08 - 00219312 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
2015-10-25 22:17 - 2015-10-25 22:17 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-10-25 22:17 - 2015-10-25 22:17 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3584333090-1227493546-4216794361-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{37176150-7F58-4596-AD44-DAAE2622D1DC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{876395BE-AA2D-45D3-A643-3F77C30E2132}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5AD61CA7-CEF9-472F-BF78-47561B54A785}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0295A949-EC8F-4E61-BAAC-2C679771C19F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A371A956-B1C1-4621-9770-7E6016CBABA8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{25BD2027-05DF-4687-BF4E-07561236E28A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{4567F28E-5D35-466F-8B22-F260680072A3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{2CE85302-4878-46CE-83BB-F08096D141CF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [TCP Query User{3F1BF662-F986-465E-A3C0-DE72A459D696}C:\users\greg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\greg\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E5F2AD2D-0471-4FC2-B99D-4B56E2D8D30E}C:\users\greg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\greg\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{05A6DD26-2095-4E0A-AA1D-AA8204ECD753}C:\users\greg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\greg\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8AA9C425-8E6C-4924-B1CB-96C359BB950E}C:\users\greg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\greg\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0E0F9C0A-2E32-4EDC-AE74-47F7114A7805}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DF3DC14-BAA2-4F97-8BD7-4E29A61D6442}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0939932F-4894-4592-9347-468648440955}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5B802C6F-36ED-45E6-B668-86FF1060352B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{481CD87F-F287-4C66-8A7C-5960D87C4EB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{95FD0566-D036-466C-90FA-D66FF4DEFD6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{B4A2A744-B6A6-4FD1-ADCA-BF8CF6B9BBEC}C:\program files (x86)\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
FirewallRules: [UDP Query User{AD7EAF9D-CB4D-4B2B-88FC-82269A4BFCEB}C:\program files (x86)\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
FirewallRules: [{82A8EAA0-D3AC-43E4-A597-1E068A8CA3C2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{41C634C6-9B7F-4097-8AC4-5BA053C3424F}] => (Allow) LPort=1688
FirewallRules: [{CC2CA0AE-DAAB-4E52-AC25-805C46100A00}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B27E58ED-7554-4945-B491-A75DBFD9462C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/03/2015 09:59:27 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (11/03/2015 02:59:16 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (11/02/2015 02:20:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (11/02/2015 01:10:34 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (11/01/2015 10:18:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x55ce3d41
Name des fehlerhaften Moduls: nvd3dum.dll, Version: 9.18.13.2049, Zeitstempel: 0x51c40fa2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x005e1f4d
ID des fehlerhaften Prozesses: 0x1d2c
Startzeit der fehlerhaften Anwendung: 0xcsgo.exe0
Pfad der fehlerhaften Anwendung: csgo.exe1
Pfad des fehlerhaften Moduls: csgo.exe2
Berichtskennung: csgo.exe3

Error: (11/01/2015 10:11:25 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (11/01/2015 09:42:28 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (10/31/2015 02:12:11 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (10/30/2015 07:32:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (10/30/2015 06:21:55 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.


Systemfehler:
=============
Error: (11/03/2015 05:14:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.

Error: (11/03/2015 05:14:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.

Error: (11/02/2015 10:07:49 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "DANIELS-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{44A352C1-26B0-49E8-89DD-A52F90FB5223}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (10/31/2015 08:17:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.

Error: (10/31/2015 08:17:21 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.

Error: (10/29/2015 04:52:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.

Error: (10/29/2015 04:52:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.

Error: (10/23/2015 10:59:36 AM) (Source: Schannel) (EventID: 4108) (User: G-Machine)
Description: Das vom Remoteserver erhaltene Zertifikat wurde falsch verifiziert. Fehlercode: 0x80092013. Fehler bei der SSL-Zertifikatanforderung. Die angefügten Daten enthalten das Serverzertifikat.

Error: (10/23/2015 10:59:36 AM) (Source: Schannel) (EventID: 4120) (User: G-Machine)
Description: Es wurde eine schwerwiegende Warnung generiert: 43. Der interne Fehlerstatus lautet: 552.

Error: (10/23/2015 10:59:34 AM) (Source: Schannel) (EventID: 4108) (User: G-Machine)
Description: Das vom Remoteserver erhaltene Zertifikat wurde falsch verifiziert. Fehlercode: 0x80092013. Fehler bei der SSL-Zertifikatanforderung. Die angefügten Daten enthalten das Serverzertifikat.


CodeIntegrity:
===================================
  Date: 2012-12-13 10:29:15.841
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 10:23:12.616
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 10:23:12.257
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 10:23:12.148
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 10:23:12.023
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 10:20:10.908
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 10:15:21.549
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 10:03:42.638
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 08:48:30.951
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-13 08:33:55.490
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16326.52 MB
Verfügbarer physikalischer RAM: 13214.13 MB
Summe virtueller Speicher: 32651.25 MB
Verfügbarer virtueller Speicher: 29402.5 MB

==================== Laufwerke ================================

Drive a: (Data) (Fixed) (Total:465.64 GB) (Free:357.89 GB) NTFS
Drive c: () (Fixed) (Total:232.79 GB) (Free:133.99 GB) NTFS
Drive d: (Intenso Vid) (Fixed) (Total:2794.51 GB) (Free:403.51 GB) NTFS
Drive f: (NIKON D7100) (Removable) (Total:14.72 GB) (Free:12.69 GB) FAT32
Drive u: (Intenso All ) (Fixed) (Total:931.51 GB) (Free:198.63 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 5E4F4AE7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (Size: 14.7 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 5.

========================================================
Disk: 6 (Size: 931.5 GB) (Disk ID: A100F003)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Die FRST.txt muss ich als Anhang dazu tun, weil der post zu lang wird.

Mir wurde schon mehrfach hier geholfen, ihr seid ein super Team und ich bedanke mich im Voraus für die Hilfe!!

Beste Grüße
Gregor

Alt 04.11.2015, 07:44   #2
schrauber
/// the machine
/// TB-Ausbilder
 

AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 04.11.2015, 10:36   #3
zabbn
 
AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



Hallo schrauber,

danke für deine Antwort!
Hier der FRST-Log, erster Teil, da es sonst immer noch zu lang ist:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von Greg (Administrator) auf G-MACHINE (03-11-2015 22:17:44)
Gestartet von C:\Users\Greg\Desktop\AV
Geladene Profile: Greg & UpdatusUser (Verfügbare Profile: Greg & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Spotify Ltd) C:\Users\Greg\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Setup\avgsetupx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Greg\Desktop\AV\Defogger.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8521472 2015-09-03] (Realtek Semiconductor)
HKLM\...\Run: [Windows7FirewallControl] => C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1143296 2013-04-16] (Sphinx Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1125800 2015-09-22] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3812264 2015-09-30] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-3584333090-1227493546-4216794361-1001\...\Run: [Spotify Web Helper] => C:\Users\Greg\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030912 2015-10-20] (Spotify Ltd)
HKU\S-1-5-21-3584333090-1227493546-4216794361-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3584333090-1227493546-4216794361-1001\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{44A352C1-26B0-49E8-89DD-A52F90FB5223}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-20] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-20] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-06-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default
FF DefaultSearchEngine: Ecosia
FF Homepage: hxxp://new.ecosia.org/
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co, .stealthy.co"
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-22] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-22] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF SearchPlugin: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\searchplugins\dictcc-deen.xml [2015-10-17]
FF SearchPlugin: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\searchplugins\dictcc-dees.xml [2015-10-17]
FF SearchPlugin: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\searchplugins\ecosia.xml [2015-10-17]
FF SearchPlugin: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\searchplugins\google-deutschland.xml [2015-10-17]
FF SearchPlugin: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\searchplugins\google-images-2mp-no-filtering.xml [2015-10-17]
FF SearchPlugin: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\searchplugins\google-maps-deutschland.xml [2015-10-17]
FF SearchPlugin: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\searchplugins\linguee-de-en.xml [2015-10-17]
FF SearchPlugin: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\searchplugins\openstreetmap-ssl.xml [2015-10-17]
FF SearchPlugin: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\searchplugins\wikipedia-deutsch.xml [2015-10-17]
FF SearchPlugin: C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\searchplugins\wikipedia-english.xml [2015-10-17]
FF Extension: Customizable Shortcuts - C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\Extensions\customizable-shortcuts@timtaubert.de.xpi [2015-10-09]
FF Extension: Dict.cc Translation - C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\Extensions\searchdictcc@roughael.xpi [2015-10-09]
FF Extension: stealthy - C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\Extensions\stealthyextension@gmail.com.xpi [2015-10-09]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2015-11-03]
FF Extension: Ecosia — The search engine that plants trees! - C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2015-10-17]
FF Extension: Adblock Plus - C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-09]
FF Extension: QuickJava - C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\f9fk8pbd.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2015-10-09]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604712 2015-09-30] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3792880 2015-09-30] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1042344 2015-09-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [596344 2015-09-30] (AVG Technologies CZ, s.r.o.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-10] (Dropbox, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [778752 2013-04-16] (Sphinx Software) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312752 2015-09-11] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [293296 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [251312 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2015-10-09] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2014-10-31] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 iusb3hub; system32\DRIVERS\iusb3hub.sys [X]
S3 iusb3xhc; system32\DRIVERS\iusb3xhc.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-03 22:17 - 2015-11-03 22:17 - 00000000 ____D C:\FRST
2015-11-03 22:16 - 2015-11-03 22:16 - 00000168 _____ C:\Users\Greg\defogger_reenable
2015-11-03 22:15 - 2015-11-03 22:17 - 00000000 ____D C:\Users\Greg\Desktop\AV
2015-10-31 17:03 - 2015-10-31 17:03 - 00000000 ____D C:\Users\Greg\AppData\Roaming\dvdcss
2015-10-29 20:11 - 2015-10-29 20:11 - 00000000 ____D C:\Users\Greg\AppData\Roaming\MPC-HC
2015-10-26 16:29 - 2015-10-26 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WellWeWeb
2015-10-26 16:27 - 2015-10-26 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CheVolume
2015-10-26 16:17 - 2015-10-26 16:29 - 00000000 ____D C:\Program Files (x86)\CheVolume
2015-10-26 16:17 - 2015-10-26 16:17 - 00000000 ____D C:\Users\Greg\AppData\Local\WellWeWeb
2015-10-26 16:17 - 2015-10-26 16:17 - 00000000 ____D C:\Users\Greg\AppData\Local\Chevolume.com
2015-10-25 22:17 - 2015-10-25 22:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-10-20 14:07 - 2015-10-20 14:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-19 20:13 - 2015-10-19 20:13 - 00000000 ____D C:\Users\Greg\AppData\Local\Introversion
2015-10-19 20:13 - 2015-10-19 20:13 - 00000000 ____D C:\ProgramData\SkidRow
2015-10-19 19:14 - 2015-10-26 16:23 - 00000000 ____D C:\Users\Greg\AppData\Local\QuickPar
2015-10-19 13:45 - 2015-10-19 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-19 13:45 - 2015-10-19 13:45 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-10-19 13:45 - 2015-10-19 13:45 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-10-19 13:45 - 2015-10-19 13:45 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-10-19 13:44 - 2015-10-19 13:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-19 13:44 - 2015-10-19 13:45 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-10-19 13:44 - 2015-10-19 13:44 - 00000000 ____D C:\Windows\PCHEALTH
2015-10-19 13:44 - 2015-10-19 13:44 - 00000000 ____D C:\Users\Greg\AppData\Local\Microsoft Help
2015-10-19 13:44 - 2015-10-19 13:44 - 00000000 ____D C:\Program Files\Microsoft Office
2015-10-19 13:44 - 2015-10-19 13:44 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-10-19 13:44 - 2015-10-19 13:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-10-19 13:44 - 2015-10-19 13:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-10-19 13:43 - 2015-10-19 13:43 - 00000000 __RHD C:\MSOCache
2015-10-19 13:41 - 2010-12-06 03:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2015-10-19 01:29 - 2015-10-19 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock
2015-10-19 01:29 - 2015-10-19 01:29 - 00000000 ____D C:\Program Files (x86)\FreeAlarmClock
2015-10-17 15:47 - 2015-10-17 15:47 - 00000000 ____D C:\Users\Greg\Documents\Adobe
2015-10-14 14:11 - 2015-10-14 14:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-10-14 13:30 - 2015-10-14 13:30 - 00000000 ____D C:\temp
2015-10-14 08:31 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 08:31 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 08:31 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 08:31 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 08:31 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 08:31 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 08:31 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 08:31 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 08:31 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 08:31 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 08:31 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 08:31 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 08:31 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 08:31 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 08:31 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 08:31 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 08:31 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 08:31 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 08:31 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 08:31 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 08:31 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 08:31 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 08:31 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 08:31 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 08:31 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 08:31 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 08:31 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 08:31 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 08:31 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 08:31 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 08:31 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 08:31 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 08:31 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 08:31 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 08:31 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 08:31 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 08:31 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 08:31 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 08:31 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 08:31 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 08:31 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 08:31 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 08:31 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 08:31 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 08:31 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 08:31 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 08:31 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 08:31 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 08:31 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 08:31 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 08:31 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 08:31 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 08:31 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 08:31 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 08:31 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 08:31 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 08:31 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 08:31 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 08:31 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 08:31 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 08:31 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 08:31 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 08:31 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 08:31 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 08:31 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 08:31 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 08:31 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 08:31 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 08:31 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 08:31 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 08:31 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 08:31 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 08:31 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-14 08:31 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 08:31 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 08:31 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 08:31 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 08:31 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 08:31 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 08:31 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 08:31 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 08:31 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 08:31 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 08:31 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 08:31 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 08:31 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 08:31 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 08:31 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 08:31 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 08:31 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 08:31 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 08:31 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 08:31 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 08:31 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 08:31 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 08:31 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 08:31 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 08:31 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 08:31 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 08:31 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 08:31 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 08:31 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 08:31 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 08:31 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-14 08:31 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-14 08:31 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 08:31 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 08:31 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 08:31 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 08:31 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 08:31 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 08:31 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 08:31 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 08:31 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 08:31 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-14 08:31 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 08:31 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 08:31 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 08:31 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 08:31 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 08:31 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 08:31 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 08:31 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 08:31 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-14 08:31 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 08:31 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 08:31 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 08:31 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-14 08:31 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 08:31 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 08:31 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 08:31 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 08:31 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 08:31 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 08:31 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 08:31 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 08:31 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 08:31 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 08:31 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 08:31 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 08:31 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 08:31 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 08:31 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 08:31 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 08:31 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 08:31 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 08:31 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 08:31 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 08:31 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 08:31 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 08:31 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 08:31 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 08:31 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 08:31 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 08:31 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-13 22:22 - 2015-10-13 22:22 - 00115592 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2015-10-13 22:22 - 2015-10-13 22:22 - 00000000 ____D C:\Users\Greg\AppData\Roaming\pdfforge
2015-10-13 22:22 - 2015-10-13 22:22 - 00000000 ____D C:\Users\Greg\AppData\Local\PDFCreator
2015-10-13 22:22 - 2015-10-13 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-10-13 22:22 - 2015-10-13 22:22 - 00000000 ____D C:\Program Files\PDFCreator
2015-10-13 07:17 - 2015-10-20 21:21 - 00000000 ____D C:\Users\Greg\.oracle_jre_usage
2015-10-13 07:17 - 2015-10-13 07:17 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Sun
2015-10-13 07:17 - 2015-10-13 07:17 - 00000000 ____D C:\Users\Greg\AppData\LocalLow\Oracle
2015-10-11 08:24 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-10-11 08:24 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-11 08:18 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-10-11 08:18 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-10-11 08:18 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-10-11 08:18 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-10-11 08:18 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-10-11 08:18 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-10-11 08:18 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-10-11 08:18 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-10-11 08:18 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-10-11 08:09 - 2015-10-11 08:09 - 00001425 _____ C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-10 23:43 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-10 23:43 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-10 23:40 - 2013-10-14 17:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-10-10 23:35 - 2015-10-10 23:35 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-10-10 23:35 - 2015-10-10 23:35 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-10-10 23:35 - 2015-10-10 23:35 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-10-10 23:35 - 2015-10-10 23:35 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-10-10 23:35 - 2015-10-10 23:35 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-10-10 23:35 - 2015-10-10 23:35 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-10-10 23:35 - 2015-10-10 23:35 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-10-10 23:35 - 2015-10-10 23:35 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-10-10 23:35 - 2015-10-10 23:35 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-10-10 23:35 - 2015-10-10 23:35 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-10-10 23:35 - 2015-10-10 23:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-10-10 23:35 - 2015-10-10 23:35 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-10-10 23:35 - 2015-10-10 23:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-10-10 23:35 - 2015-10-10 23:35 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-10 23:35 - 2015-10-10 23:35 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-10-10 23:35 - 2015-10-10 23:35 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-10 23:35 - 2015-10-10 23:35 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-10-10 23:34 - 2015-10-10 23:34 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-10 23:34 - 2015-10-10 23:34 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-10-10 23:34 - 2015-10-10 23:34 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-10 23:34 - 2015-10-10 23:34 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-10-10 23:33 - 2015-10-10 23:33 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-10-10 23:33 - 2015-10-10 23:33 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-10-10 23:32 - 2015-10-10 23:32 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-10-10 23:31 - 2015-10-10 23:40 - 00013721 _____ C:\Windows\IE11_main.log
2015-10-10 23:31 - 2015-10-10 23:31 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-10-10 23:31 - 2015-10-10 23:31 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-10-10 22:52 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-10-10 22:52 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-10-10 22:52 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-10-10 22:52 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-10-10 22:52 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-10-10 22:52 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-10-10 22:52 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-10-10 22:52 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-10-10 22:33 - 2015-10-10 22:50 - 00000000 ____D C:\Users\Greg\Desktop\frost
2015-10-10 22:24 - 2015-10-10 22:24 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freenet
2015-10-10 22:23 - 2015-10-20 22:23 - 00000000 ____D C:\ProgramData\Oracle
2015-10-10 22:23 - 2015-10-20 21:21 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-10 22:23 - 2015-10-20 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-10 22:23 - 2015-10-20 21:21 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-10 22:23 - 2015-10-10 22:23 - 00000000 ____D C:\ProgramData\Sun
2015-10-10 22:22 - 2015-10-10 22:22 - 00000000 ____D C:\Users\Greg\AppData\LocalLow\Sun
2015-10-10 15:21 - 2015-10-10 15:21 - 00009971 _____ C:\Windows\DirectX.log
2015-10-10 15:21 - 2010-06-02 03:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-10-10 15:21 - 2010-06-02 03:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-10-10 15:21 - 2010-06-02 03:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-10-10 15:21 - 2010-06-02 03:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-10-10 15:21 - 2010-06-02 03:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-10-10 15:21 - 2010-06-02 03:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-10-10 15:21 - 2010-05-26 10:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-10-10 15:21 - 2010-05-26 10:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-10-10 15:21 - 2010-05-26 10:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-10-10 15:21 - 2010-05-26 10:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-10-10 15:21 - 2010-05-26 10:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-10-10 15:21 - 2010-05-26 10:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-10-10 15:21 - 2010-05-26 10:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-10-10 15:21 - 2010-05-26 10:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-10-10 15:21 - 2010-05-26 10:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-10-10 15:21 - 2010-05-26 10:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-10-10 15:21 - 2010-02-04 09:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-10-10 15:21 - 2010-02-04 09:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-10-10 15:21 - 2010-02-04 09:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-10-10 15:21 - 2010-02-04 09:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-10-10 15:21 - 2010-02-04 09:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-10-10 15:21 - 2010-02-04 09:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-10-10 15:21 - 2010-02-04 09:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-10-10 15:21 - 2010-02-04 09:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-10-10 15:21 - 2009-09-04 16:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-10-10 15:21 - 2009-09-04 16:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-10-10 15:21 - 2009-09-04 16:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-10-10 15:21 - 2009-09-04 16:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-10-10 15:21 - 2009-09-04 16:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-10-10 15:21 - 2009-09-04 16:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-10-10 15:21 - 2009-09-04 16:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-10-10 15:21 - 2009-09-04 16:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-10-10 15:21 - 2009-09-04 16:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-10-10 15:21 - 2009-09-04 16:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-10-10 15:21 - 2009-09-04 16:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-10-10 15:21 - 2009-09-04 16:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-10-10 15:21 - 2009-09-04 16:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-10-10 15:21 - 2009-09-04 16:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-10-10 15:21 - 2009-09-04 16:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-10-10 15:21 - 2009-09-04 16:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-10-10 15:21 - 2009-03-16 13:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-10-10 15:21 - 2009-03-16 13:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-10-10 15:21 - 2009-03-16 13:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-10-10 15:21 - 2009-03-16 13:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-10-10 15:21 - 2009-03-16 13:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-10-10 15:21 - 2009-03-16 13:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-10-10 15:21 - 2009-03-09 14:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-10-10 15:21 - 2009-03-09 14:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-10-10 15:21 - 2009-03-09 14:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-10-10 15:21 - 2009-03-09 14:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-10-10 15:21 - 2009-03-09 14:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-10-10 15:21 - 2009-03-09 14:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-10-10 15:21 - 2008-10-27 09:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-10-10 15:21 - 2008-10-27 09:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-10-10 15:21 - 2008-10-27 09:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-10-10 15:21 - 2008-10-27 09:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-10-10 15:21 - 2008-10-27 09:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-10-10 15:21 - 2008-10-27 09:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-10-10 15:21 - 2008-10-27 09:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-10-10 15:21 - 2008-10-27 09:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-10-10 15:21 - 2008-10-15 05:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-10-10 15:21 - 2008-10-15 05:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-10-10 15:21 - 2008-10-15 05:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-10-10 15:21 - 2008-10-15 05:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-10-10 15:21 - 2008-10-15 05:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-10-10 15:21 - 2008-10-15 05:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-10-10 15:21 - 2008-07-31 09:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-10-10 15:21 - 2008-07-31 09:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-10-10 15:21 - 2008-07-31 09:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-10-10 15:21 - 2008-07-31 09:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-10-10 15:21 - 2008-07-31 09:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-10-10 15:21 - 2008-07-31 09:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-10-10 15:21 - 2008-07-10 10:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-10-10 15:21 - 2008-07-10 10:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-10-10 15:21 - 2008-07-10 10:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-10-10 15:21 - 2008-07-10 10:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-10-10 15:21 - 2008-07-10 10:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-10-10 15:21 - 2008-07-10 10:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-10-10 15:21 - 2008-05-30 13:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-10-10 15:21 - 2008-05-30 13:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-10-10 15:21 - 2008-05-30 13:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-10-10 15:21 - 2008-05-30 13:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-10-10 15:21 - 2008-05-30 13:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-10-10 15:21 - 2008-05-30 13:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-10-10 15:21 - 2008-05-30 13:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-10-10 15:21 - 2008-05-30 13:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-10-10 15:21 - 2008-05-30 13:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-10-10 15:21 - 2008-05-30 13:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-10-10 15:21 - 2008-05-30 13:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-10-10 15:21 - 2008-05-30 13:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-10-10 15:21 - 2008-05-30 13:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-10-10 15:21 - 2008-05-30 13:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-10-10 15:21 - 2008-03-05 15:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-10-10 15:21 - 2008-03-05 15:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-10-10 15:21 - 2008-03-05 15:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-10-10 15:21 - 2008-03-05 15:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-10-10 15:21 - 2008-03-05 15:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-10-10 15:21 - 2008-03-05 15:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-10-10 15:21 - 2008-03-05 14:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-10-10 15:21 - 2008-03-05 14:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-10-10 15:21 - 2008-03-05 14:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-10-10 15:21 - 2008-03-05 14:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-10-10 15:21 - 2008-02-05 22:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-10-10 15:21 - 2008-02-05 22:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-10-10 15:21 - 2007-10-22 02:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-10-10 15:21 - 2007-10-22 02:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-10-10 15:21 - 2007-10-22 02:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-10-10 15:21 - 2007-10-22 02:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-10-10 15:21 - 2007-10-12 14:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-10-10 15:21 - 2007-10-12 14:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-10-10 15:21 - 2007-10-12 14:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-10-10 15:21 - 2007-10-12 14:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-10-10 15:21 - 2007-10-02 08:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-10-10 15:21 - 2007-10-02 08:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-10-10 15:21 - 2007-07-19 23:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-10-10 15:21 - 2007-07-19 23:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-10-10 15:21 - 2007-07-19 17:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-10-10 15:21 - 2007-07-19 17:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-10-10 15:21 - 2007-07-19 17:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-10-10 15:21 - 2007-07-19 17:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-10-10 15:21 - 2007-07-19 17:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-10-10 15:21 - 2007-07-19 17:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-10-10 15:21 - 2007-06-20 19:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-10-10 15:21 - 2007-06-20 19:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-10-10 15:21 - 2007-05-16 15:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-10-10 15:21 - 2007-05-16 15:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-10-10 15:21 - 2007-05-16 15:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-10-10 15:21 - 2007-05-16 15:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-10-10 15:21 - 2007-05-16 15:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-10-10 15:21 - 2007-05-16 15:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-10-10 15:21 - 2007-04-04 17:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-10-10 15:21 - 2007-04-04 17:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-10-10 15:21 - 2007-04-04 17:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-10-10 15:21 - 2007-04-04 17:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-10-10 15:21 - 2007-03-15 15:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-10-10 15:21 - 2007-03-15 15:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-10-10 15:21 - 2007-03-12 15:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-10-10 15:21 - 2007-03-12 15:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-10-10 15:21 - 2007-03-12 15:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-10-10 15:21 - 2007-03-12 15:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-10-10 15:21 - 2007-03-05 11:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-10-10 15:21 - 2007-03-05 11:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-10-10 15:21 - 2007-01-24 14:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-10-10 15:21 - 2007-01-24 14:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-10-10 15:21 - 2006-12-08 11:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-10-10 15:21 - 2006-12-08 11:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-10-10 15:21 - 2006-11-29 12:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-10-10 15:21 - 2006-11-29 12:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-10-10 15:21 - 2006-11-29 12:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-10-10 15:21 - 2006-11-29 12:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-10-10 15:21 - 2006-09-28 15:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-10-10 15:21 - 2006-09-28 15:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-10-10 15:21 - 2006-09-28 15:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-10-10 15:21 - 2006-09-28 15:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-10-10 15:21 - 2006-07-28 08:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-10-10 15:21 - 2006-07-28 08:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-10-10 15:21 - 2006-07-28 08:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-10-10 15:21 - 2006-07-28 08:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-10-10 15:21 - 2006-05-31 06:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-10-10 15:21 - 2006-05-31 06:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-10-10 15:21 - 2006-03-31 11:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-10-10 15:21 - 2006-03-31 11:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-10-10 15:21 - 2006-03-31 11:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-10-10 15:21 - 2006-03-31 11:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-10-10 15:21 - 2006-03-31 11:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-10-10 15:21 - 2006-03-31 11:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-10-10 15:21 - 2006-02-03 07:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-10-10 15:21 - 2006-02-03 07:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-10-10 15:21 - 2006-02-03 07:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-10-10 15:21 - 2006-02-03 07:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-10-10 15:21 - 2006-02-03 07:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-10-10 15:21 - 2006-02-03 07:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-10-10 15:21 - 2005-12-05 17:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-10-10 15:21 - 2005-12-05 17:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-10-10 15:21 - 2005-07-22 18:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-10-10 15:21 - 2005-07-22 18:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-10-10 15:21 - 2005-05-26 14:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-10-10 15:21 - 2005-05-26 14:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-10-10 15:21 - 2005-03-18 16:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-10-10 15:21 - 2005-03-18 16:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-10-10 15:21 - 2005-02-05 18:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-10-10 15:21 - 2005-02-05 18:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-10-10 14:19 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-10-10 14:19 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-10-10 14:19 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-10-10 14:19 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-10-10 14:19 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-10-10 14:19 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-10-10 14:19 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-10-10 14:19 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-10-10 14:19 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-10-10 14:19 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-10-10 14:19 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-10-10 14:19 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-10-10 14:19 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-10-10 14:19 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-10-10 14:19 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-10-10 14:19 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-10-10 14:19 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-10-10 14:19 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-10-10 14:19 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-10-10 14:19 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-10-10 14:19 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-10 14:19 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-10-10 14:19 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-10-10 14:19 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-10-10 14:19 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation)
         
__________________

Alt 04.11.2015, 10:37   #4
zabbn
 
AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



Und der zweite Teil:
Code:
ATTFilter
C:\Windows\system32\AudioSes.dll
2015-10-10 14:19 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-10-10 14:19 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-10-10 14:19 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-10-10 14:19 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-10-10 14:19 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-10-10 14:19 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-10-10 14:19 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-10-10 14:19 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-10-10 14:19 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-10-10 14:19 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-10-10 14:19 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-10-10 14:19 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-10-10 14:19 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-10-10 14:19 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-10-10 14:19 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-10-10 14:19 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-10-10 14:19 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-10-10 14:18 - 2015-08-05 18:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-10-10 14:18 - 2015-08-05 18:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-10-10 14:18 - 2015-08-05 18:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-10-10 14:18 - 2015-06-02 01:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-10-10 14:18 - 2015-06-02 00:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-10-10 14:18 - 2015-04-18 04:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-10-10 14:18 - 2015-04-18 03:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-10-10 14:17 - 2015-08-05 18:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-10-10 14:17 - 2015-04-13 04:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-10-10 14:16 - 2015-04-29 19:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-10-10 14:16 - 2015-04-29 19:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-10-10 14:16 - 2015-04-29 19:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-10-10 14:16 - 2015-04-29 19:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-10-10 14:16 - 2015-04-29 19:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-10-10 14:16 - 2015-04-29 19:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-10-10 14:16 - 2015-04-29 19:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-10-10 14:16 - 2015-04-29 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-10-10 14:16 - 2015-04-29 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-10-10 14:16 - 2015-04-29 19:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-10-10 14:10 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-10-10 14:10 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-10-10 13:59 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-10-10 13:57 - 2015-06-09 19:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-10-10 13:57 - 2015-06-09 19:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-10-10 13:57 - 2015-06-03 21:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-10-10 13:53 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-10-10 13:53 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-10-10 13:53 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-10-10 13:53 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-10-10 13:53 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-10-10 13:53 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-10-10 13:53 - 2013-04-12 15:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-10-10 13:50 - 2015-07-15 04:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-10-10 13:50 - 2015-07-15 03:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-10-10 13:49 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-10-10 13:49 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-10-10 13:49 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-10-10 13:49 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-10-10 13:49 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-10-10 13:49 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-10-10 13:49 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-10-10 13:42 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-10-10 13:39 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-10-10 13:33 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-10-10 13:33 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-10-10 13:33 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-10-10 13:31 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-10-10 13:31 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-10-10 13:31 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-10-10 13:31 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-10-10 13:29 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-10-10 13:26 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-10-10 13:26 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-10-10 13:25 - 2015-07-15 04:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-10 13:25 - 2015-07-15 04:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-10 13:25 - 2015-07-15 04:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-10-10 13:25 - 2015-07-15 04:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-10 13:25 - 2015-07-15 03:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-10-10 13:25 - 2015-07-15 03:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-10-10 13:25 - 2015-07-15 03:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-10-10 13:25 - 2015-07-15 03:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-10-10 13:25 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-10-10 13:25 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-10-10 13:25 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-10-10 13:25 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-10-10 13:23 - 2015-10-10 13:23 - 00000000 ____D C:\Users\Greg\AppData\Local\Macromedia
2015-10-10 13:23 - 2015-06-17 18:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-10-10 13:23 - 2015-06-17 18:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-10-10 13:23 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-10-10 13:23 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-10-10 13:23 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-10-10 13:23 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-10-10 13:23 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-10-10 13:23 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-10-10 13:23 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-10-10 13:22 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-10-10 13:22 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-10-10 13:21 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-10-10 13:21 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-10-10 13:20 - 2015-10-22 19:36 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-10 13:20 - 2015-10-22 19:36 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-10 13:20 - 2015-10-10 13:20 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-10-10 13:20 - 2015-10-10 13:20 - 00000000 ____D C:\Windows\system32\Macromed
2015-10-10 13:19 - 2015-04-24 19:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-10-10 13:19 - 2015-04-24 18:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-10-10 13:18 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-10-10 13:17 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-10-10 13:16 - 2015-11-03 21:57 - 00001206 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-10 13:16 - 2015-11-03 16:21 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-10 13:16 - 2015-10-10 13:16 - 00004206 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-10-10 13:16 - 2015-10-10 13:16 - 00003954 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-10-10 13:16 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-10-10 13:14 - 2015-07-04 19:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-10-10 13:14 - 2015-07-04 18:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-10-10 13:14 - 2015-06-03 21:17 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-10-10 13:14 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-10-10 13:14 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-10-10 13:14 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-10-10 13:14 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-10-10 13:13 - 2015-07-16 20:12 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-10-10 13:13 - 2015-07-16 20:12 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-10-10 13:13 - 2015-07-16 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-10-10 13:13 - 2015-07-16 20:11 - 05779456 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-10-10 13:13 - 2015-07-16 20:11 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-10-10 13:13 - 2015-07-16 20:11 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-10-10 13:13 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-10-10 13:13 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-10-10 13:13 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-10-10 13:13 - 2015-06-15 22:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-10 13:13 - 2015-06-15 22:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-10-10 13:13 - 2015-06-15 22:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-10 13:13 - 2015-06-15 22:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-10-10 13:13 - 2015-06-15 22:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-10 13:13 - 2015-06-15 22:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-10-10 13:13 - 2015-06-15 22:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-10-10 13:13 - 2015-06-15 22:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-10-10 13:13 - 2015-06-15 22:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-10-10 13:13 - 2015-06-15 22:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-10-10 13:13 - 2015-06-15 22:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-10-10 13:13 - 2015-06-15 22:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-10-10 13:13 - 2015-06-03 21:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-10-10 13:13 - 2015-06-03 21:16 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-10 13:13 - 2015-06-03 21:16 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-10-10 13:13 - 2015-02-25 04:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-10-10 13:13 - 2015-02-18 08:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-10-10 13:13 - 2015-02-18 08:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-10-10 13:13 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-10-10 13:13 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-10-10 13:13 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-10-10 13:13 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-10-10 13:13 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-10-10 13:13 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-10-10 13:13 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-10-10 13:13 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-10-10 13:13 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-10-10 13:13 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-10-10 13:13 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-10-10 13:13 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-10-10 13:13 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-10-10 13:13 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-10-10 13:13 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-10-10 13:13 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-10-10 13:13 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-10-10 13:13 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-10-10 13:13 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-10-10 13:13 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-10-10 13:13 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-10-10 13:13 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-10-10 13:13 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-10-10 13:13 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-10-10 13:13 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-10-10 13:12 - 2015-09-02 04:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-10-10 13:12 - 2015-09-02 04:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-10-10 13:12 - 2015-09-02 04:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-10-10 13:12 - 2015-09-02 04:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-10-10 13:12 - 2015-09-02 03:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-10-10 13:12 - 2015-09-02 03:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-10-10 13:12 - 2015-09-02 03:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-10-10 13:12 - 2015-09-02 03:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-10-10 13:12 - 2015-09-02 02:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-10 13:12 - 2015-09-02 02:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-10-10 13:12 - 2015-09-02 02:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-10-10 13:12 - 2015-03-04 05:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-10-10 13:12 - 2015-03-04 05:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-10-10 13:12 - 2015-03-04 05:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-10-10 13:12 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-10-10 13:12 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-10-10 13:12 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-10-10 13:12 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-10-10 13:12 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-10-10 13:12 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-10-10 13:12 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-10-10 13:12 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-10-10 13:12 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-10-10 13:12 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-10-10 13:12 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-10-10 13:12 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-10-10 13:12 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-10-10 13:12 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-10-10 13:12 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-10-10 13:12 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-10-10 13:12 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-10-10 13:12 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-10-10 13:12 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-10-10 13:12 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-10-10 13:12 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-10-10 13:12 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-10-10 13:12 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-10-10 13:12 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-10-10 13:12 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-10-10 13:12 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-10-10 13:12 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-10-10 13:12 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-10-10 13:12 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-10-10 13:12 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-10-10 13:12 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-10-10 13:12 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-10-10 13:12 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-10-10 13:12 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-10-10 13:12 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-10-10 13:12 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-10-10 13:11 - 2015-10-10 13:11 - 00000000 ____D C:\Users\Greg\AppData\Local\Steam
2015-10-10 13:10 - 2015-11-03 16:23 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-10 13:10 - 2015-10-10 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-10 11:33 - 2015-11-01 20:23 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-10 11:33 - 2015-10-29 17:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-10 11:21 - 2015-10-10 11:21 - 00000000 ____D C:\Users\Greg\.android
2015-10-10 10:55 - 2015-10-10 10:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xhcdrv_01011.Wdf
2015-10-10 10:55 - 2015-10-10 10:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ViaHub3_01011.Wdf
2015-10-10 10:55 - 2015-10-10 10:55 - 00000000 ____D C:\Program Files\VIA XHCI UASP Utility
2015-10-10 10:55 - 2014-10-31 09:44 - 00225792 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\ViaHub3.sys
2015-10-10 10:55 - 2013-01-18 02:11 - 00086064 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\vusbstor.sys
2015-10-10 10:54 - 2015-10-10 10:54 - 00000000 ____D C:\Program Files (x86)\VIA
2015-10-10 10:54 - 2014-10-31 09:44 - 00305664 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\xhcdrv.sys
2015-10-10 10:54 - 2012-08-17 09:57 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-10-10 10:49 - 2015-10-20 14:07 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-10 09:53 - 2015-10-10 09:53 - 00001097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk
2015-10-10 09:53 - 2015-10-10 09:53 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-10-10 09:53 - 2015-10-10 09:53 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-10-10 09:46 - 2015-11-03 21:57 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-10-10 09:45 - 2015-10-10 11:33 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-10 09:45 - 2015-10-10 09:45 - 00001225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-10-10 09:39 - 2015-11-01 10:44 - 00000034 _____ C:\Users\Greg\AppData\Roaming\AdobeWLCMCache.dat
2015-10-10 09:37 - 2015-10-10 09:37 - 00001483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2014.lnk
2015-10-10 09:37 - 2015-10-10 09:37 - 00000000 ____D C:\ProgramData\ALM
2015-10-10 09:35 - 2015-10-10 11:42 - 00000000 ____D C:\Users\Greg\AppData\LocalLow\Adobe
2015-10-10 09:32 - 2015-10-10 09:32 - 00001028 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2014.lnk
2015-10-10 09:29 - 2015-10-10 09:29 - 00003502 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-G-Machine-Greg
2015-10-10 09:29 - 2015-10-10 09:29 - 00000000 ____D C:\Users\Greg\AppData\Roaming\NVIDIA
2015-10-10 09:28 - 2015-10-10 09:39 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-10-10 09:28 - 2015-10-10 09:28 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
2015-10-10 09:24 - 2015-10-10 09:24 - 00001030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC (64bit).lnk
2015-10-10 09:23 - 2015-10-10 09:52 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-10-10 09:23 - 2015-10-10 09:52 - 00000000 ____D C:\Program Files\Adobe
2015-10-10 09:22 - 2015-11-03 17:14 - 00000000 ____D C:\Users\Greg\AppData\Local\Spotify
2015-10-10 09:22 - 2015-10-10 09:22 - 00001748 _____ C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-10-10 09:22 - 2015-10-10 09:22 - 00000000 ____D C:\Users\Greg\AppData\Local\CEF
2015-10-10 09:21 - 2015-11-03 17:06 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Spotify
2015-10-10 09:21 - 2015-11-03 02:00 - 00000000 ____D C:\Users\Greg\AppData\Local\Adobe
2015-10-10 09:21 - 2015-10-17 15:47 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Adobe
2015-10-10 09:21 - 2015-10-10 11:44 - 00000000 ____D C:\ProgramData\Adobe
2015-10-10 09:21 - 2015-10-10 09:21 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Macromedia
2015-10-10 07:54 - 2015-10-10 07:54 - 00000000 ____D C:\Users\Greg\AppData\Roaming\WinRAR
2015-10-09 22:46 - 2015-11-03 21:57 - 00000000 ____D C:\Users\Greg\AppData\Local\Dropbox
2015-10-09 22:46 - 2015-10-09 22:46 - 00000000 ____D C:\ProgramData\Dropbox
2015-10-09 22:43 - 2015-10-26 22:02 - 00000000 ____D C:\Users\Greg\AppData\Local\Thunderbird
2015-10-09 22:43 - 2015-10-09 22:43 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Thunderbird
2015-10-09 22:42 - 2015-10-09 22:42 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-09 22:42 - 2015-10-09 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-09 22:42 - 2015-10-09 22:42 - 00000000 ____D C:\Program Files\WinRAR
2015-10-09 22:40 - 2015-10-09 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows7FirewallControl
2015-10-09 22:40 - 2015-10-09 22:40 - 00000000 ____D C:\Program Files\Windows7FirewallControl
2015-10-09 22:38 - 2015-10-19 19:13 - 00001011 _____ C:\Users\UpdatusUser\Desktop\QuickPar.lnk
2015-10-09 22:38 - 2015-10-09 22:38 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Opera Software
2015-10-09 22:38 - 2015-10-09 22:38 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2015-10-09 22:38 - 2015-10-09 22:38 - 00000000 ____D C:\Users\Greg\AppData\Local\Opera Software
2015-10-09 22:38 - 2015-10-09 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2015-10-09 22:38 - 2015-10-09 22:38 - 00000000 ____D C:\Program Files (x86)\QuickPar
2015-10-09 22:38 - 2015-10-09 22:38 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-09 22:36 - 2015-10-19 19:04 - 00000000 ____D C:\Users\Greg\AppData\Roaming\GrabIt
2015-10-09 22:34 - 2015-10-09 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt
2015-10-09 22:34 - 2015-10-09 22:36 - 00000000 ____D C:\Program Files (x86)\GrabIt
2015-10-09 22:31 - 2015-10-10 13:25 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Dropbox
2015-10-09 22:30 - 2015-10-09 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-10-09 22:29 - 2015-10-19 13:40 - 00000000 ____D C:\Users\Greg\AppData\Roaming\DAEMON Tools Lite
2015-10-09 22:29 - 2015-10-09 22:30 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2015-10-09 22:29 - 2015-10-09 22:29 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2015-10-09 22:28 - 2015-10-09 22:28 - 00000000 ___HD C:\$AVG
2015-10-09 22:28 - 2015-10-09 22:28 - 00000000 ____D C:\Users\Greg\AppData\Roaming\TuneUp Software
2015-10-09 22:28 - 2015-10-09 22:28 - 00000000 ____D C:\Users\Greg\AppData\Roaming\AVG
2015-10-09 22:28 - 2015-10-09 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-10-09 22:28 - 2015-10-09 22:28 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-09 22:27 - 2015-10-19 13:40 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-10-09 22:27 - 2015-10-09 22:28 - 00000000 ____D C:\ProgramData\Avg
2015-10-09 22:27 - 2015-10-09 22:28 - 00000000 ____D C:\Program Files (x86)\AVG
2015-10-09 22:26 - 2015-11-03 22:00 - 00000000 ____D C:\ProgramData\MFAData
2015-10-09 22:26 - 2015-10-09 22:28 - 00000000 ____D C:\Users\Greg\AppData\Local\Avg
2015-10-09 22:26 - 2015-10-09 22:27 - 00000000 ____D C:\Users\Greg\AppData\Local\AvgSetupLog
2015-10-09 22:26 - 2015-10-09 22:26 - 00000000 ____D C:\Users\Greg\AppData\Local\MFAData
2015-10-09 22:26 - 2015-10-09 22:26 - 00000000 ____D C:\Users\Greg\AppData\Local\Avg2015
2015-10-09 22:23 - 2015-10-09 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-10-09 22:23 - 2015-10-09 22:23 - 00000000 ____D C:\Program Files\7-Zip
2015-10-09 22:18 - 2015-11-03 16:07 - 00000000 ____D C:\Users\Greg\AppData\Roaming\vlc
2015-10-09 22:12 - 2015-10-19 14:04 - 00086816 _____ C:\Users\Greg\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-09 22:12 - 2015-10-09 22:23 - 00000000 ____D C:\Users\Greg\AppData\Roaming\TrueCrypt
2015-10-09 22:11 - 2015-10-09 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2015-10-09 22:11 - 2015-10-09 22:11 - 00000000 ____D C:\Program Files\MPC-HC
2015-10-09 22:10 - 2015-10-09 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-10-09 22:10 - 2015-10-09 22:10 - 00000000 ____D C:\Program Files\VideoLAN
2015-10-09 22:07 - 2015-10-09 22:07 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2015-10-09 22:07 - 2015-10-09 22:07 - 00000000 ____D C:\Program Files\TrueCrypt
2015-10-09 21:34 - 2015-11-03 21:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-09 21:34 - 2015-11-03 15:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-09 21:34 - 2015-10-10 09:45 - 00000000 ____D C:\Users\Greg\AppData\Local\Mozilla
2015-10-09 21:34 - 2015-10-09 21:34 - 00000000 ____D C:\Users\Greg\AppData\Roaming\Mozilla
2015-10-09 21:34 - 2015-10-09 21:34 - 00000000 ____D C:\ProgramData\Mozilla
2015-10-09 21:22 - 2015-10-09 21:23 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-09 21:22 - 2015-10-09 21:22 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-09 21:22 - 2015-10-09 21:22 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-10-09 21:22 - 2013-07-19 18:36 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-09 21:22 - 2013-07-19 18:36 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 01059560 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 00432928 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 00372000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-10-09 21:22 - 2013-07-19 18:36 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2015-10-09 21:22 - 2013-06-21 11:23 - 06496544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-10-09 21:22 - 2013-06-21 11:23 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-10-09 21:22 - 2013-06-21 11:23 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-10-09 21:22 - 2013-06-21 11:23 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-10-09 21:22 - 2013-06-21 11:23 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-10-09 21:22 - 2013-06-21 11:23 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-10-09 21:22 - 2013-06-20 05:17 - 03253909 _____ C:\Windows\system32\nvcoproc.bin
2015-10-09 21:22 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-09 21:22 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-09 21:21 - 2015-10-09 21:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-10-09 21:21 - 2015-10-09 21:21 - 00000000 ____D C:\ProgramData\Downloaded Installations
2015-10-09 21:19 - 2015-10-10 09:45 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-09 21:19 - 2015-10-09 21:19 - 00000000 ____D C:\Program Files\Intel
2015-10-09 21:18 - 2015-10-09 21:18 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-10-09 21:18 - 2015-10-09 21:18 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-10-09 21:18 - 2015-10-09 21:18 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-10-09 21:18 - 2015-10-09 21:18 - 00000000 ____D C:\Windows\system32\DAX2
2015-10-09 21:18 - 2015-10-09 21:18 - 00000000 ____D C:\Program Files\Realtek
2015-10-09 21:18 - 2015-09-03 07:45 - 03301344 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 02192504 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 01436672 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 01383768 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 00890000 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 00874984 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 00597640 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 00533904 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 00468680 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 00382936 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 00341152 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 00341152 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 00225776 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 00211056 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 00174096 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 00167728 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 00160224 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-10-09 21:18 - 2015-09-03 07:45 - 00077064 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 03273424 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 01123384 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 00966552 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 00963368 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 00646984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 00570960 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2015-10-09 21:18 - 2015-09-03 07:44 - 00450112 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 00388840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 00345232 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 00216360 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 00196704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 00112512 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 00092448 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 00089848 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-10-09 21:18 - 2015-09-03 07:44 - 00085152 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-10-09 21:18 - 2015-09-03 07:43 - 05776664 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2015-10-09 21:18 - 2015-09-03 07:43 - 05291464 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-10-09 21:18 - 2015-09-03 07:43 - 02988288 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-10-09 21:18 - 2015-09-03 07:43 - 02633952 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2015-10-09 21:18 - 2015-09-03 07:43 - 01351976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-10-09 21:18 - 2015-09-03 07:43 - 00925264 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-10-09 21:18 - 2015-09-03 07:43 - 00447720 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-10-09 21:18 - 2015-09-03 07:43 - 00323240 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-10-09 21:18 - 2015-09-03 07:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-10-09 21:18 - 2015-09-03 07:43 - 00153312 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-10-09 21:18 - 2015-09-03 07:43 - 00134200 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-10-09 21:18 - 2015-09-03 07:43 - 00086144 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-10-09 21:18 - 2015-09-03 07:42 - 13122272 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-10-09 21:18 - 2015-09-03 07:42 - 12986520 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2015-10-09 21:18 - 2015-09-03 07:42 - 02824800 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2015-10-09 21:18 - 2015-09-03 07:42 - 01335904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2015-10-09 21:18 - 2015-09-03 07:42 - 00999552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-10-09 21:18 - 2015-09-03 07:42 - 00677672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-10-09 21:18 - 2015-09-03 07:41 - 05408744 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2015-10-09 21:18 - 2015-09-03 07:41 - 03234984 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-10-09 21:18 - 2015-09-03 07:41 - 01397288 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-10-09 21:18 - 2015-09-03 07:41 - 01211832 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-10-09 21:18 - 2015-09-03 07:41 - 01164336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-10-09 21:18 - 2015-09-03 07:41 - 00678184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-10-09 21:18 - 2015-09-03 07:41 - 00618192 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-10-09 21:18 - 2015-09-03 07:41 - 00428232 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-10-09 21:18 - 2015-09-03 07:41 - 00340648 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-10-09 21:18 - 2015-09-03 07:41 - 00332080 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 02493672 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 02423480 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 01961128 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 01603472 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 00745488 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 00514528 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 00502080 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 00446920 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 00327456 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 00311952 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 00253864 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-10-09 21:18 - 2015-09-03 07:40 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-10-09 21:18 - 2015-09-03 07:39 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-10-09 21:18 - 2015-09-03 07:39 - 00120120 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-10-09 21:18 - 2015-09-03 07:33 - 02997504 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-10-09 21:18 - 2015-09-03 07:33 - 02711296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-10-09 21:18 - 2015-09-03 07:33 - 02110600 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-10-09 21:18 - 2015-09-03 07:33 - 00258504 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-10-09 21:18 - 2015-09-03 07:32 - 72121872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-10-09 21:18 - 2015-09-03 07:32 - 04595968 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-10-09 21:18 - 2015-09-03 07:32 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-10-09 21:18 - 2015-09-03 07:30 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-10-09 21:18 - 2015-09-03 07:30 - 01839360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-10-09 21:18 - 2015-09-03 07:28 - 14057256 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-10-09 21:18 - 2015-09-03 07:28 - 01003864 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-10-09 21:18 - 2015-09-03 07:26 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-10-09 21:18 - 2015-09-03 07:26 - 01175408 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2015-10-09 21:18 - 2015-09-03 07:26 - 00931624 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-10-09 21:18 - 2015-09-03 07:26 - 00358272 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2015-10-09 21:18 - 2015-09-03 07:25 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-10-09 21:18 - 2015-09-03 07:25 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2015-10-09 21:18 - 2015-09-03 07:25 - 00953728 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2015-10-09 21:18 - 2015-09-03 07:25 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-10-09 21:18 - 2015-09-03 07:24 - 00118592 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2015-10-09 21:18 - 2015-09-03 07:24 - 00105312 _____ C:\Windows\system32\audioLibVc.dll
2015-10-09 21:18 - 2015-09-03 07:23 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-10-09 21:18 - 2015-09-03 07:23 - 00876248 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2015-10-09 21:18 - 2015-09-03 07:23 - 00750520 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-10-09 21:18 - 2015-09-03 07:23 - 00708312 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-10-09 21:18 - 2015-09-03 07:23 - 00700592 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2015-10-09 21:18 - 2015-09-03 07:23 - 00223496 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-10-09 21:18 - 2015-09-03 05:24 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2015-10-09 21:18 - 2015-09-03 05:24 - 03730142 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-10-09 21:18 - 2015-09-03 05:24 - 03200501 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2015-10-09 21:18 - 2015-06-08 09:13 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-10-09 21:17 - 2015-10-10 10:55 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-09 21:17 - 2015-10-09 21:18 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-10-09 21:17 - 2015-01-15 07:42 - 00977624 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-10-09 21:17 - 2015-01-15 07:42 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-10-09 21:17 - 2015-01-15 07:42 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-10-09 21:16 - 2015-10-09 21:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2015-10-09 21:16 - 2015-10-09 21:16 - 00000000 ____D C:\Intel
2015-10-09 21:14 - 2015-11-03 22:16 - 00000000 ____D C:\Users\Greg
2015-10-09 21:14 - 2015-11-03 22:00 - 01942071 _____ C:\Windows\WindowsUpdate.log
2015-10-09 21:14 - 2015-10-14 14:15 - 00000000 ____D C:\Users\Greg\AppData\Local\VirtualStore
2015-10-09 21:14 - 2015-10-09 21:14 - 00000020 ___SH C:\Users\Greg\ntuser.ini
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Greg\Vorlagen
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Greg\Startmenü
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Greg\Netzwerkumgebung
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Greg\Lokale Einstellungen
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Greg\Eigene Dateien
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Greg\Druckumgebung
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Greg\Documents\Eigene Musik
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Greg\Documents\Eigene Bilder
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Greg\AppData\Local\Verlauf
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Greg\AppData\Local\Anwendungsdaten
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Greg\Anwendungsdaten
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Programme
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\ProgramData\Favoriten
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-10-09 21:14 - 2015-10-09 21:14 - 00000000 __SHD C:\Recovery
2015-10-09 21:14 - 2009-07-14 05:54 - 00000000 ___RD C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-09 21:14 - 2009-07-14 05:49 - 00000000 ___RD C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-09 21:12 - 2015-10-09 21:12 - 00000000 ____D C:\Windows\CSC

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-03 22:12 - 2009-07-14 05:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-03 22:12 - 2009-07-14 05:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-03 22:01 - 2011-04-12 08:43 - 00696620 _____ C:\Windows\system32\perfh007.dat
2015-11-03 22:01 - 2011-04-12 08:43 - 00147916 _____ C:\Windows\system32\perfc007.dat
2015-11-03 22:01 - 2009-07-14 06:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-03 21:57 - 2012-12-13 10:36 - 00028435 _____ C:\Windows\setupact.log
2015-11-03 21:57 - 2010-11-21 04:47 - 00007512 _____ C:\Windows\PFRO.log
2015-11-03 21:57 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-20 07:54 - 2009-07-14 05:45 - 00388496 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-19 13:45 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-10-19 13:44 - 2011-04-12 08:54 - 00000000 ____D C:\Windows\ShellNew
2015-10-16 13:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-10-13 08:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-11 10:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-10-11 08:08 - 2009-07-14 04:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-11 08:05 - 2011-04-12 08:54 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-11 08:05 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-10-11 08:05 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-10-11 08:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2015-10-11 08:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2015-10-11 08:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-10-11 08:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\zh-HK
2015-10-11 08:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\tr-TR
2015-10-11 08:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2015-10-10 23:43 - 2012-12-13 08:42 - 01589442 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-10-10 11:55 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-10-09 22:11 - 2009-07-14 06:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2015-10-09 22:11 - 2009-07-14 06:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-10-09 22:11 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\Setup
2015-10-09 21:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2015-10-09 21:17 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\restore
2015-10-09 21:14 - 2012-12-13 08:17 - 00000000 ____D C:\Windows\Panther
2015-10-09 21:14 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2015-10-09 21:14 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Windows NT
2015-10-09 21:13 - 2012-12-13 08:29 - 00003652 _____ C:\Windows\TSSysprep.log
2015-10-09 21:13 - 2009-07-14 05:46 - 00003806 _____ C:\Windows\DtcInstall.log

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-10 09:39 - 2015-11-01 10:44 - 0000034 _____ () C:\Users\Greg\AppData\Roaming\AdobeWLCMCache.dat
2015-10-09 21:18 - 2015-10-09 21:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Greg\AppData\Local\Temp\AAMHelper.exe
C:\Users\Greg\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Greg\AppData\Local\Temp\avg-41106a68-2b08-4c07-89ce-d752df658e0c.exe
C:\Users\Greg\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvs7gnt.dll
C:\Users\Greg\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Greg\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Greg\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-31 00:28

==================== Ende von FRST.txt ============================
         
Viele Grüße,
Gregor

Alt 04.11.2015, 20:35   #5
schrauber
/// the machine
/// TB-Ausbilder
 

AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.11.2015, 23:24   #6
zabbn
 
AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



Hallo!

Beide scans haben nichts ergeben:

MBAR:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.11.04.08
  rootkit: v2015.11.04.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18059
Greg :: G-MACHINE [administrator]

04.11.2015 23:00:35
mbar-log-2015-11-04 (23-00-35).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 360725
Time elapsed: 5 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
TDSSKiller:
Code:
ATTFilter
23:22:27.0120 0x1858  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
23:22:28.0472 0x1858  ============================================================
23:22:28.0472 0x1858  Current date / time: 2015/11/04 23:22:28.0472
23:22:28.0472 0x1858  SystemInfo:
23:22:28.0472 0x1858  
23:22:28.0472 0x1858  OS Version: 6.1.7601 ServicePack: 1.0
23:22:28.0472 0x1858  Product type: Workstation
23:22:28.0473 0x1858  ComputerName: G-MACHINE
23:22:28.0473 0x1858  UserName: Greg
23:22:28.0473 0x1858  Windows directory: C:\Windows
23:22:28.0473 0x1858  System windows directory: C:\Windows
23:22:28.0473 0x1858  Running under WOW64
23:22:28.0473 0x1858  Processor architecture: Intel x64
23:22:28.0473 0x1858  Number of processors: 4
23:22:28.0473 0x1858  Page size: 0x1000
23:22:28.0473 0x1858  Boot type: Normal boot
23:22:28.0473 0x1858  ============================================================
23:22:28.0904 0x1858  KLMD registered as C:\Windows\system32\drivers\31549914.sys
23:22:29.0100 0x1858  System UUID: {F9BCD8FA-FFD5-E67F-D369-4E4EE15749EE}
23:22:29.0312 0x1858  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:22:29.0326 0x1858  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:22:29.0334 0x1858  Drive \Device\Harddisk3\DR3 - Size: 0x3AED00000 ( 14.73 Gb ), SectorSize: 0x200, Cylinders: 0x783, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:22:29.0340 0x1858  Drive \Device\Harddisk5\DR5 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:22:29.0340 0x1858  Drive \Device\Harddisk6\DR6 - Size: 0xE8E0DB5800 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:22:31.0757 0x1858  ============================================================
23:22:31.0757 0x1858  \Device\Harddisk0\DR0:
23:22:31.0758 0x1858  MBR partitions:
23:22:31.0758 0x1858  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:22:31.0758 0x1858  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
23:22:31.0758 0x1858  \Device\Harddisk1\DR1:
23:22:31.0758 0x1858  GPT partitions:
23:22:31.0759 0x1858  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {816F3404-3DE4-400F-B12E-650990633D94}, Name: Microsoft reserved partition, StartLBA 0x800, BlocksNum 0x40000
23:22:31.0759 0x1858  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0E0C42FB-9ADF-4E6F-82B5-2B33C838BE5F}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x3A345800
23:22:31.0759 0x1858  MBR partitions:
23:22:31.0759 0x1858  \Device\Harddisk3\DR3:
23:22:31.0760 0x1858  MBR partitions:
23:22:31.0760 0x1858  \Device\Harddisk3\DR3\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x1D74800
23:22:31.0760 0x1858  \Device\Harddisk5\DR5:
23:22:31.0760 0x1858  MBR partitions:
23:22:31.0760 0x1858  \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x2BAA0920
23:22:31.0760 0x1858  \Device\Harddisk6\DR6:
23:22:31.0760 0x1858  MBR partitions:
23:22:31.0760 0x1858  \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x747051C1
23:22:31.0760 0x1858  ============================================================
23:22:31.0762 0x1858  C: <-> \Device\Harddisk0\DR0\Partition2
23:22:31.0764 0x1858  U: <-> \Device\Harddisk6\DR6\Partition1
23:22:31.0789 0x1858  A: <-> \Device\Harddisk1\DR1\Partition2
23:22:31.0793 0x1858  D: <-> \Device\Harddisk5\DR5\Partition1
23:22:31.0793 0x1858  ============================================================
23:22:31.0793 0x1858  Initialize success
23:22:31.0793 0x1858  ============================================================
23:22:36.0156 0x0db4  ============================================================
23:22:36.0156 0x0db4  Scan started
23:22:36.0156 0x0db4  Mode: Manual; SigCheck; TDLFS; 
23:22:36.0156 0x0db4  ============================================================
23:22:36.0156 0x0db4  KSN ping started
23:22:38.0482 0x0db4  KSN ping finished: true
23:22:38.0865 0x0db4  ================ Scan system memory ========================
23:22:38.0866 0x0db4  System memory - ok
23:22:38.0866 0x0db4  ================ Scan services =============================
23:22:38.0900 0x0db4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:22:38.0926 0x0db4  1394ohci - ok
23:22:38.0935 0x0db4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:22:38.0945 0x0db4  ACPI - ok
23:22:38.0948 0x0db4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:22:38.0956 0x0db4  AcpiPmi - ok
23:22:38.0961 0x0db4  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:22:38.0967 0x0db4  AdobeARMservice - ok
23:22:38.0980 0x0db4  [ 0D19026AB5812D3A7B9DBB386F8334D8, 3FF22476D621ECFC2C80EF63D1A90C45F672CE299DC92A874E049779EF96AB4A ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
23:22:38.0993 0x0db4  AdobeUpdateService - ok
23:22:39.0004 0x0db4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:22:39.0017 0x0db4  adp94xx - ok
23:22:39.0024 0x0db4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:22:39.0034 0x0db4  adpahci - ok
23:22:39.0039 0x0db4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:22:39.0046 0x0db4  adpu320 - ok
23:22:39.0050 0x0db4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:22:39.0069 0x0db4  AeLookupSvc - ok
23:22:39.0079 0x0db4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
23:22:39.0092 0x0db4  AFD - ok
23:22:39.0095 0x0db4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
23:22:39.0101 0x0db4  agp440 - ok
23:22:39.0102 0x0db4  AGSService - ok
23:22:39.0106 0x0db4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
23:22:39.0114 0x0db4  ALG - ok
23:22:39.0116 0x0db4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:22:39.0121 0x0db4  aliide - ok
23:22:39.0124 0x0db4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:22:39.0129 0x0db4  amdide - ok
23:22:39.0132 0x0db4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:22:39.0139 0x0db4  AmdK8 - ok
23:22:39.0141 0x0db4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
23:22:39.0149 0x0db4  AmdPPM - ok
23:22:39.0152 0x0db4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:22:39.0159 0x0db4  amdsata - ok
23:22:39.0164 0x0db4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:22:39.0172 0x0db4  amdsbs - ok
23:22:39.0174 0x0db4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:22:39.0180 0x0db4  amdxata - ok
23:22:39.0183 0x0db4  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
23:22:39.0190 0x0db4  AppID - ok
23:22:39.0192 0x0db4  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:22:39.0199 0x0db4  AppIDSvc - ok
23:22:39.0202 0x0db4  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
23:22:39.0208 0x0db4  Appinfo - ok
23:22:39.0213 0x0db4  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:22:39.0222 0x0db4  AppMgmt - ok
23:22:39.0225 0x0db4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
23:22:39.0232 0x0db4  arc - ok
23:22:39.0235 0x0db4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:22:39.0241 0x0db4  arcsas - ok
23:22:39.0250 0x0db4  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:22:39.0256 0x0db4  aspnet_state - ok
23:22:39.0258 0x0db4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:22:39.0277 0x0db4  AsyncMac - ok
23:22:39.0280 0x0db4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:22:39.0285 0x0db4  atapi - ok
23:22:39.0287 0x0db4  athr - ok
23:22:39.0300 0x0db4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:22:39.0315 0x0db4  AudioEndpointBuilder - ok
23:22:39.0327 0x0db4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:22:39.0342 0x0db4  AudioSrv - ok
23:22:39.0356 0x0db4  [ 4B7DC49B8598EFB40B341D14866F2D68, DA2DF92FA7E5756E183B5DED095B5427215A2C4ED7218E54C23D87EBBD88855B ] AvgAMPS         C:\Program Files (x86)\AVG\Av\avgamps.exe
23:22:39.0373 0x0db4  AvgAMPS - ok
23:22:39.0378 0x0db4  [ 0047D8CDD760C85F0FCEE46FB10F7AF5, 312039D91C71819A58E1970330ED6443CFA462FAA0B2E00B55AC25D523C65722 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
23:22:39.0387 0x0db4  Avgdiska - ok
23:22:39.0444 0x0db4  [ FC65D4E2820FEB4E8C6AF1DB3F47A52E, AF11103251B7AA079B15CDF1638FB8CACE2E983E88F14CD1AAF192980767AE8C ] AVGIDSAgent     C:\Program Files (x86)\AVG\Av\avgidsagent.exe
23:22:39.0506 0x0db4  AVGIDSAgent - ok
23:22:39.0516 0x0db4  [ D670EA803C3D2B93A0FCC866ECF2CCD5, FC36588CFFEC063D2FEC1729815A6B918E7AFE06E42A5BE572BC982893526673 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
23:22:39.0526 0x0db4  AVGIDSDriver - ok
23:22:39.0532 0x0db4  [ E9796E2C69DC0D3AEE77EC82B80F83F3, E89011A5CC74AE9FDCCD094C50289E7875A014E537A05338EA6B0152B6E992F4 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
23:22:39.0542 0x0db4  AVGIDSHA - ok
23:22:39.0549 0x0db4  [ 063CA877621634E727E4F9A7B3B9EF59, BA25906837C602600545CC31FB4F7A45E7D621DFD608CBC147DDF632713C49D2 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
23:22:39.0558 0x0db4  Avgldx64 - ok
23:22:39.0567 0x0db4  [ 6BB3E78DE490503540DD93B9A733794D, 18832B066A10EF2CF0A02F0B834B91771DD95CC3FAB24CBACB7B60E46D280B25 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
23:22:39.0577 0x0db4  Avgloga - ok
23:22:39.0584 0x0db4  [ 9A557F44DB4545195089C976223BF671, 76FF15288AC06C417E37763FD1CA461132952AB14D574CDC5BC35FEB2349F131 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
23:22:39.0593 0x0db4  Avgmfx64 - ok
23:22:39.0595 0x0db4  [ B4551FA74295B9629B8F63B1D54EF4FB, 3C0C798D98AC8B50098ACE634ED4733A2A245D2C03B8C92397899767C11C24DD ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
23:22:39.0602 0x0db4  Avgrkx64 - ok
23:22:39.0619 0x0db4  [ 5FAEAF3F8CABB70984D1B55A91AAC006, 39B95F7D111B10312B4ADDF5696038805E29217DDD97A3E3B4017F41EDCE511D ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
23:22:39.0638 0x0db4  avgsvc - ok
23:22:39.0650 0x0db4  [ 29B8FDF5E026B2AC7E368BE8DC6A1423, 2921A307CB7A925FBC061E6867D3FF3B0E5A8A7606EED8F93298C035E6F81C2A ] avgwd           C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
23:22:39.0664 0x0db4  avgwd - ok
23:22:39.0668 0x0db4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:22:39.0679 0x0db4  AxInstSV - ok
23:22:39.0688 0x0db4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:22:39.0700 0x0db4  b06bdrv - ok
23:22:39.0706 0x0db4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:22:39.0717 0x0db4  b57nd60a - ok
23:22:39.0721 0x0db4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:22:39.0729 0x0db4  BDESVC - ok
23:22:39.0731 0x0db4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:22:39.0749 0x0db4  Beep - ok
23:22:39.0762 0x0db4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
23:22:39.0778 0x0db4  BFE - ok
23:22:39.0793 0x0db4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
23:22:39.0823 0x0db4  BITS - ok
23:22:39.0826 0x0db4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:22:39.0833 0x0db4  blbdrive - ok
23:22:39.0836 0x0db4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:22:39.0844 0x0db4  bowser - ok
23:22:39.0846 0x0db4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
23:22:39.0854 0x0db4  BrFiltLo - ok
23:22:39.0856 0x0db4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
23:22:39.0863 0x0db4  BrFiltUp - ok
23:22:39.0867 0x0db4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
23:22:39.0875 0x0db4  Browser - ok
23:22:39.0882 0x0db4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:22:39.0892 0x0db4  Brserid - ok
23:22:39.0895 0x0db4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:22:39.0903 0x0db4  BrSerWdm - ok
23:22:39.0905 0x0db4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:22:39.0913 0x0db4  BrUsbMdm - ok
23:22:39.0916 0x0db4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:22:39.0922 0x0db4  BrUsbSer - ok
23:22:39.0925 0x0db4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:22:39.0933 0x0db4  BTHMODEM - ok
23:22:39.0937 0x0db4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
23:22:39.0957 0x0db4  bthserv - ok
23:22:39.0960 0x0db4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:22:39.0981 0x0db4  cdfs - ok
23:22:39.0985 0x0db4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:22:39.0993 0x0db4  cdrom - ok
23:22:39.0996 0x0db4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:22:40.0015 0x0db4  CertPropSvc - ok
23:22:40.0018 0x0db4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
23:22:40.0026 0x0db4  circlass - ok
23:22:40.0033 0x0db4  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
23:22:40.0043 0x0db4  CLFS - ok
23:22:40.0049 0x0db4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:22:40.0055 0x0db4  clr_optimization_v2.0.50727_32 - ok
23:22:40.0059 0x0db4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:22:40.0066 0x0db4  clr_optimization_v2.0.50727_64 - ok
23:22:40.0075 0x0db4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:22:40.0081 0x0db4  clr_optimization_v4.0.30319_32 - ok
23:22:40.0085 0x0db4  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:22:40.0091 0x0db4  clr_optimization_v4.0.30319_64 - ok
23:22:40.0093 0x0db4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
23:22:40.0100 0x0db4  CmBatt - ok
23:22:40.0103 0x0db4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:22:40.0108 0x0db4  cmdide - ok
23:22:40.0117 0x0db4  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
23:22:40.0131 0x0db4  CNG - ok
23:22:40.0133 0x0db4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
23:22:40.0139 0x0db4  Compbatt - ok
23:22:40.0141 0x0db4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:22:40.0150 0x0db4  CompositeBus - ok
23:22:40.0151 0x0db4  COMSysApp - ok
23:22:40.0154 0x0db4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:22:40.0159 0x0db4  crcdisk - ok
23:22:40.0164 0x0db4  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:22:40.0173 0x0db4  CryptSvc - ok
23:22:40.0184 0x0db4  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
23:22:40.0197 0x0db4  CSC - ok
23:22:40.0209 0x0db4  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
23:22:40.0224 0x0db4  CscService - ok
23:22:40.0227 0x0db4  dbupdate - ok
23:22:40.0229 0x0db4  dbupdatem - ok
23:22:40.0240 0x0db4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:22:40.0265 0x0db4  DcomLaunch - ok
23:22:40.0272 0x0db4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:22:40.0294 0x0db4  defragsvc - ok
23:22:40.0298 0x0db4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:22:40.0317 0x0db4  DfsC - ok
23:22:40.0323 0x0db4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:22:40.0334 0x0db4  Dhcp - ok
23:22:40.0337 0x0db4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
23:22:40.0355 0x0db4  discache - ok
23:22:40.0358 0x0db4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
23:22:40.0365 0x0db4  Disk - ok
23:22:40.0368 0x0db4  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
23:22:40.0375 0x0db4  dmvsc - ok
23:22:40.0380 0x0db4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:22:40.0389 0x0db4  Dnscache - ok
23:22:40.0395 0x0db4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:22:40.0416 0x0db4  dot3svc - ok
23:22:40.0420 0x0db4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
23:22:40.0441 0x0db4  DPS - ok
23:22:40.0443 0x0db4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:22:40.0450 0x0db4  drmkaud - ok
23:22:40.0456 0x0db4  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:22:40.0465 0x0db4  dtsoftbus01 - ok
23:22:40.0482 0x0db4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:22:40.0500 0x0db4  DXGKrnl - ok
23:22:40.0504 0x0db4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
23:22:40.0524 0x0db4  EapHost - ok
23:22:40.0574 0x0db4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:22:40.0624 0x0db4  ebdrv - ok
23:22:40.0629 0x0db4  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] EFS             C:\Windows\System32\lsass.exe
23:22:40.0636 0x0db4  EFS - ok
23:22:40.0649 0x0db4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:22:40.0665 0x0db4  ehRecvr - ok
23:22:40.0669 0x0db4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
23:22:40.0677 0x0db4  ehSched - ok
23:22:40.0687 0x0db4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:22:40.0699 0x0db4  elxstor - ok
23:22:40.0701 0x0db4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:22:40.0708 0x0db4  ErrDev - ok
23:22:40.0717 0x0db4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
23:22:40.0741 0x0db4  EventSystem - ok
23:22:40.0746 0x0db4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:22:40.0767 0x0db4  exfat - ok
23:22:40.0772 0x0db4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:22:40.0793 0x0db4  fastfat - ok
23:22:40.0806 0x0db4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
23:22:40.0821 0x0db4  Fax - ok
23:22:40.0824 0x0db4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
23:22:40.0831 0x0db4  fdc - ok
23:22:40.0834 0x0db4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
23:22:40.0852 0x0db4  fdPHost - ok
23:22:40.0855 0x0db4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:22:40.0874 0x0db4  FDResPub - ok
23:22:40.0877 0x0db4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:22:40.0883 0x0db4  FileInfo - ok
23:22:40.0885 0x0db4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:22:40.0904 0x0db4  Filetrace - ok
23:22:40.0907 0x0db4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
23:22:40.0914 0x0db4  flpydisk - ok
23:22:40.0920 0x0db4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:22:40.0929 0x0db4  FltMgr - ok
23:22:40.0950 0x0db4  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
23:22:40.0973 0x0db4  FontCache - ok
23:22:40.0976 0x0db4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:22:40.0981 0x0db4  FontCache3.0.0.0 - ok
23:22:40.0984 0x0db4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:22:40.0990 0x0db4  FsDepends - ok
23:22:40.0992 0x0db4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:22:40.0998 0x0db4  Fs_Rec - ok
23:22:41.0003 0x0db4  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:22:41.0013 0x0db4  fvevol - ok
23:22:41.0016 0x0db4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:22:41.0022 0x0db4  gagp30kx - ok
23:22:41.0035 0x0db4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:22:41.0063 0x0db4  gpsvc - ok
23:22:41.0066 0x0db4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:22:41.0073 0x0db4  hcw85cir - ok
23:22:41.0080 0x0db4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:22:41.0092 0x0db4  HdAudAddService - ok
23:22:41.0096 0x0db4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:22:41.0106 0x0db4  HDAudBus - ok
23:22:41.0108 0x0db4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
23:22:41.0115 0x0db4  HidBatt - ok
23:22:41.0118 0x0db4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:22:41.0127 0x0db4  HidBth - ok
23:22:41.0130 0x0db4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:22:41.0138 0x0db4  HidIr - ok
23:22:41.0141 0x0db4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
23:22:41.0160 0x0db4  hidserv - ok
23:22:41.0163 0x0db4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:22:41.0169 0x0db4  HidUsb - ok
23:22:41.0173 0x0db4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:22:41.0192 0x0db4  hkmsvc - ok
23:22:41.0197 0x0db4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:22:41.0207 0x0db4  HomeGroupListener - ok
23:22:41.0212 0x0db4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:22:41.0221 0x0db4  HomeGroupProvider - ok
23:22:41.0224 0x0db4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:22:41.0230 0x0db4  HpSAMD - ok
23:22:41.0244 0x0db4  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:22:41.0260 0x0db4  HTTP - ok
23:22:41.0262 0x0db4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:22:41.0268 0x0db4  hwpolicy - ok
23:22:41.0271 0x0db4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:22:41.0279 0x0db4  i8042prt - ok
23:22:41.0287 0x0db4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:22:41.0298 0x0db4  iaStorV - ok
23:22:41.0313 0x0db4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:22:41.0329 0x0db4  idsvc - ok
23:22:41.0332 0x0db4  IEEtwCollectorService - ok
23:22:41.0423 0x0db4  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:22:41.0513 0x0db4  igfx - ok
23:22:41.0521 0x0db4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:22:41.0527 0x0db4  iirsp - ok
23:22:41.0542 0x0db4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
23:22:41.0560 0x0db4  IKEEXT - ok
23:22:41.0632 0x0db4  [ FC2D7F4568CCA29B0D9BAD5C7C3A7DBC, AB60AE60C4A1131B5B9E83BBC5F5721AD1862857D3E4672ED4D749F525BAC0AF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:22:41.0699 0x0db4  IntcAzAudAddService - ok
23:22:41.0705 0x0db4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:22:41.0710 0x0db4  intelide - ok
23:22:41.0713 0x0db4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:22:41.0720 0x0db4  intelppm - ok
23:22:41.0724 0x0db4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:22:41.0744 0x0db4  IPBusEnum - ok
23:22:41.0747 0x0db4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:22:41.0766 0x0db4  IpFilterDriver - ok
23:22:41.0777 0x0db4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:22:41.0791 0x0db4  iphlpsvc - ok
23:22:41.0794 0x0db4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:22:41.0802 0x0db4  IPMIDRV - ok
23:22:41.0806 0x0db4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:22:41.0826 0x0db4  IPNAT - ok
23:22:41.0828 0x0db4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:22:41.0838 0x0db4  IRENUM - ok
23:22:41.0840 0x0db4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:22:41.0845 0x0db4  isapnp - ok
23:22:41.0851 0x0db4  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:22:41.0860 0x0db4  iScsiPrt - ok
23:22:41.0862 0x0db4  iusb3hub - ok
23:22:41.0863 0x0db4  iusb3xhc - ok
23:22:41.0866 0x0db4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:22:41.0873 0x0db4  kbdclass - ok
23:22:41.0875 0x0db4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:22:41.0882 0x0db4  kbdhid - ok
23:22:41.0884 0x0db4  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] KeyIso          C:\Windows\system32\lsass.exe
23:22:41.0891 0x0db4  KeyIso - ok
23:22:41.0894 0x0db4  [ 3A8C03156C3E31E70EF84E48CA179B46, E25E43D53BB6EE1B5F34C95B4FAD111B37A36367B8D047B10FC614DEE13658E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:22:41.0901 0x0db4  KSecDD - ok
23:22:41.0906 0x0db4  [ C6330F7C2E92A00E6773E82F79078AFC, D8B851BF4FCE85F2A269F0B46BC7EC5A118FCFDACE8460E7B54C1A7CE306774A ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:22:41.0913 0x0db4  KSecPkg - ok
23:22:41.0915 0x0db4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:22:41.0934 0x0db4  ksthunk - ok
23:22:41.0941 0x0db4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:22:41.0967 0x0db4  KtmRm - ok
23:22:41.0972 0x0db4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:22:41.0994 0x0db4  LanmanServer - ok
23:22:41.0998 0x0db4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:22:42.0018 0x0db4  LanmanWorkstation - ok
23:22:42.0022 0x0db4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:22:42.0041 0x0db4  lltdio - ok
23:22:42.0048 0x0db4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:22:42.0070 0x0db4  lltdsvc - ok
23:22:42.0073 0x0db4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:22:42.0091 0x0db4  lmhosts - ok
23:22:42.0096 0x0db4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:22:42.0102 0x0db4  LSI_FC - ok
23:22:42.0105 0x0db4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:22:42.0112 0x0db4  LSI_SAS - ok
23:22:42.0115 0x0db4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:22:42.0121 0x0db4  LSI_SAS2 - ok
23:22:42.0124 0x0db4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:22:42.0131 0x0db4  LSI_SCSI - ok
23:22:42.0135 0x0db4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:22:42.0155 0x0db4  luafv - ok
23:22:42.0158 0x0db4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:22:42.0166 0x0db4  Mcx2Svc - ok
23:22:42.0169 0x0db4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
23:22:42.0175 0x0db4  megasas - ok
23:22:42.0182 0x0db4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
23:22:42.0190 0x0db4  MegaSR - ok
23:22:42.0194 0x0db4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
23:22:42.0214 0x0db4  MMCSS - ok
23:22:42.0216 0x0db4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
23:22:42.0235 0x0db4  Modem - ok
23:22:42.0238 0x0db4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:22:42.0247 0x0db4  monitor - ok
23:22:42.0250 0x0db4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:22:42.0255 0x0db4  mouclass - ok
23:22:42.0258 0x0db4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:22:42.0265 0x0db4  mouhid - ok
23:22:42.0268 0x0db4  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:22:42.0274 0x0db4  mountmgr - ok
23:22:42.0278 0x0db4  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:22:42.0286 0x0db4  MozillaMaintenance - ok
23:22:42.0290 0x0db4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:22:42.0297 0x0db4  mpio - ok
23:22:42.0300 0x0db4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:22:42.0320 0x0db4  mpsdrv - ok
23:22:42.0335 0x0db4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:22:42.0364 0x0db4  MpsSvc - ok
23:22:42.0369 0x0db4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:22:42.0376 0x0db4  MRxDAV - ok
23:22:42.0381 0x0db4  [ ACB6782973BD93760D597FC7BB37E692, 9B6EC2858D236DCE61FD5E0247F4D947A5DC484C9C0AABFDAF8270ABA392E787 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:22:42.0389 0x0db4  mrxsmb - ok
23:22:42.0396 0x0db4  [ 262BF7BB7D0E44CFAA9B12A1E0A6EDF1, CCC3A4CE929C7C8B07C1038BBE8425590CE14F5C37E1D5608978A3AD2F41519C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:22:42.0406 0x0db4  mrxsmb10 - ok
23:22:42.0410 0x0db4  [ 8C0376974AA28398FF501E78C04ACB30, 81CE67BE933F67F760A72BF9B581F33BC151D98970765FE4425450A2EF450409 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:22:42.0418 0x0db4  mrxsmb20 - ok
23:22:42.0421 0x0db4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:22:42.0426 0x0db4  msahci - ok
23:22:42.0430 0x0db4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:22:42.0437 0x0db4  msdsm - ok
23:22:42.0441 0x0db4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
23:22:42.0450 0x0db4  MSDTC - ok
23:22:42.0454 0x0db4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:22:42.0473 0x0db4  Msfs - ok
23:22:42.0475 0x0db4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:22:42.0494 0x0db4  mshidkmdf - ok
23:22:42.0496 0x0db4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:22:42.0502 0x0db4  msisadrv - ok
23:22:42.0506 0x0db4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:22:42.0527 0x0db4  MSiSCSI - ok
23:22:42.0529 0x0db4  msiserver - ok
23:22:42.0531 0x0db4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:22:42.0549 0x0db4  MSKSSRV - ok
23:22:42.0551 0x0db4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:22:42.0570 0x0db4  MSPCLOCK - ok
23:22:42.0572 0x0db4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:22:42.0591 0x0db4  MSPQM - ok
23:22:42.0598 0x0db4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:22:42.0608 0x0db4  MsRPC - ok
23:22:42.0612 0x0db4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:22:42.0617 0x0db4  mssmbios - ok
23:22:42.0619 0x0db4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:22:42.0639 0x0db4  MSTEE - ok
23:22:42.0641 0x0db4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
23:22:42.0648 0x0db4  MTConfig - ok
23:22:42.0650 0x0db4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
23:22:42.0656 0x0db4  Mup - ok
23:22:42.0665 0x0db4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
23:22:42.0690 0x0db4  napagent - ok
23:22:42.0697 0x0db4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:22:42.0711 0x0db4  NativeWifiP - ok
23:22:42.0727 0x0db4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:22:42.0745 0x0db4  NDIS - ok
23:22:42.0749 0x0db4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:22:42.0768 0x0db4  NdisCap - ok
23:22:42.0770 0x0db4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:22:42.0789 0x0db4  NdisTapi - ok
23:22:42.0792 0x0db4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:22:42.0811 0x0db4  Ndisuio - ok
23:22:42.0815 0x0db4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:22:42.0835 0x0db4  NdisWan - ok
23:22:42.0838 0x0db4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:22:42.0856 0x0db4  NDProxy - ok
23:22:42.0859 0x0db4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:22:42.0878 0x0db4  NetBIOS - ok
23:22:42.0884 0x0db4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:22:42.0905 0x0db4  NetBT - ok
23:22:42.0908 0x0db4  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] Netlogon        C:\Windows\system32\lsass.exe
23:22:42.0915 0x0db4  Netlogon - ok
23:22:42.0922 0x0db4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
23:22:42.0946 0x0db4  Netman - ok
23:22:42.0949 0x0db4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:22:42.0957 0x0db4  NetMsmqActivator - ok
23:22:42.0960 0x0db4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:22:42.0966 0x0db4  NetPipeActivator - ok
23:22:42.0975 0x0db4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
23:22:43.0000 0x0db4  netprofm - ok
23:22:43.0004 0x0db4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:22:43.0010 0x0db4  NetTcpActivator - ok
23:22:43.0013 0x0db4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:22:43.0019 0x0db4  NetTcpPortSharing - ok
23:22:43.0022 0x0db4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:22:43.0027 0x0db4  nfrd960 - ok
23:22:43.0034 0x0db4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:22:43.0044 0x0db4  NlaSvc - ok
23:22:43.0047 0x0db4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:22:43.0066 0x0db4  Npfs - ok
23:22:43.0068 0x0db4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
23:22:43.0088 0x0db4  nsi - ok
23:22:43.0090 0x0db4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:22:43.0108 0x0db4  nsiproxy - ok
23:22:43.0135 0x0db4  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:22:43.0163 0x0db4  Ntfs - ok
23:22:43.0166 0x0db4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
23:22:43.0185 0x0db4  Null - ok
23:22:43.0373 0x0db4  [ EE6B7B6A54BCAFF516E30B1C15467495, 85D5E22593549C7980AA3523F0C9C4391E0D147B29F07500A8DA68F49D80A84F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:22:43.0527 0x0db4  nvlddmkm - ok
23:22:43.0539 0x0db4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:22:43.0546 0x0db4  nvraid - ok
23:22:43.0551 0x0db4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:22:43.0558 0x0db4  nvstor - ok
23:22:43.0574 0x0db4  [ 25626309AD2F81D47C829CCB5E46E478, D23F9F72C064B5D2A7979674703585345A78F7BE88887794FC9CA2971818B3DC ] nvsvc           C:\Windows\system32\nvvsvc.exe
23:22:43.0591 0x0db4  nvsvc - ok
23:22:43.0620 0x0db4  [ A9AFE5B0648C8D7A411A72D8222F7F6E, A58AF8C615D97C769DA778D56F7E6999AAEB577C82C65455D3B2A8ED5B742777 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:22:43.0648 0x0db4  nvUpdatusService - ok
23:22:43.0653 0x0db4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:22:43.0660 0x0db4  nv_agp - ok
23:22:43.0663 0x0db4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:22:43.0670 0x0db4  ohci1394 - ok
23:22:43.0676 0x0db4  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:22:43.0683 0x0db4  ose64 - ok
23:22:43.0761 0x0db4  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:22:43.0834 0x0db4  osppsvc - ok
23:22:43.0844 0x0db4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:22:43.0856 0x0db4  p2pimsvc - ok
23:22:43.0865 0x0db4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
23:22:43.0877 0x0db4  p2psvc - ok
23:22:43.0881 0x0db4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:22:43.0888 0x0db4  Parport - ok
23:22:43.0891 0x0db4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:22:43.0898 0x0db4  partmgr - ok
23:22:43.0903 0x0db4  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:22:43.0912 0x0db4  PcaSvc - ok
23:22:43.0917 0x0db4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
23:22:43.0924 0x0db4  pci - ok
23:22:43.0926 0x0db4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:22:43.0932 0x0db4  pciide - ok
23:22:43.0937 0x0db4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:22:43.0945 0x0db4  pcmcia - ok
23:22:43.0948 0x0db4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:22:43.0954 0x0db4  pcw - ok
23:22:43.0966 0x0db4  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:22:43.0981 0x0db4  PEAUTH - ok
23:22:44.0005 0x0db4  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:22:44.0030 0x0db4  PeerDistSvc - ok
23:22:44.0053 0x0db4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:22:44.0060 0x0db4  PerfHost - ok
23:22:44.0086 0x0db4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
23:22:44.0122 0x0db4  pla - ok
23:22:44.0132 0x0db4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:22:44.0144 0x0db4  PlugPlay - ok
23:22:44.0146 0x0db4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:22:44.0154 0x0db4  PNRPAutoReg - ok
23:22:44.0160 0x0db4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:22:44.0171 0x0db4  PNRPsvc - ok
23:22:44.0181 0x0db4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:22:44.0206 0x0db4  PolicyAgent - ok
23:22:44.0211 0x0db4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
23:22:44.0233 0x0db4  Power - ok
23:22:44.0236 0x0db4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:22:44.0256 0x0db4  PptpMiniport - ok
23:22:44.0258 0x0db4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
23:22:44.0266 0x0db4  Processor - ok
23:22:44.0271 0x0db4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:22:44.0280 0x0db4  ProfSvc - ok
23:22:44.0283 0x0db4  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:22:44.0290 0x0db4  ProtectedStorage - ok
23:22:44.0293 0x0db4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:22:44.0313 0x0db4  Psched - ok
23:22:44.0338 0x0db4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:22:44.0364 0x0db4  ql2300 - ok
23:22:44.0369 0x0db4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:22:44.0376 0x0db4  ql40xx - ok
23:22:44.0382 0x0db4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
23:22:44.0396 0x0db4  QWAVE - ok
23:22:44.0399 0x0db4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:22:44.0409 0x0db4  QWAVEdrv - ok
23:22:44.0411 0x0db4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:22:44.0430 0x0db4  RasAcd - ok
23:22:44.0433 0x0db4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:22:44.0452 0x0db4  RasAgileVpn - ok
23:22:44.0456 0x0db4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
23:22:44.0476 0x0db4  RasAuto - ok
23:22:44.0480 0x0db4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:22:44.0500 0x0db4  Rasl2tp - ok
23:22:44.0507 0x0db4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
23:22:44.0530 0x0db4  RasMan - ok
23:22:44.0534 0x0db4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:22:44.0554 0x0db4  RasPppoe - ok
23:22:44.0557 0x0db4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:22:44.0576 0x0db4  RasSstp - ok
23:22:44.0583 0x0db4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:22:44.0605 0x0db4  rdbss - ok
23:22:44.0607 0x0db4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:22:44.0616 0x0db4  rdpbus - ok
23:22:44.0618 0x0db4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:22:44.0636 0x0db4  RDPCDD - ok
23:22:44.0641 0x0db4  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:22:44.0650 0x0db4  RDPDR - ok
23:22:44.0652 0x0db4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:22:44.0670 0x0db4  RDPENCDD - ok
23:22:44.0673 0x0db4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:22:44.0692 0x0db4  RDPREFMP - ok
23:22:44.0695 0x0db4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:22:44.0701 0x0db4  RdpVideoMiniport - ok
23:22:44.0707 0x0db4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:22:44.0715 0x0db4  RDPWD - ok
23:22:44.0721 0x0db4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:22:44.0729 0x0db4  rdyboost - ok
23:22:44.0732 0x0db4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:22:44.0752 0x0db4  RemoteAccess - ok
23:22:44.0757 0x0db4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:22:44.0778 0x0db4  RemoteRegistry - ok
23:22:44.0782 0x0db4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:22:44.0802 0x0db4  RpcEptMapper - ok
23:22:44.0804 0x0db4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
23:22:44.0811 0x0db4  RpcLocator - ok
23:22:44.0820 0x0db4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
23:22:44.0845 0x0db4  RpcSs - ok
23:22:44.0849 0x0db4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:22:44.0868 0x0db4  rspndr - ok
23:22:44.0886 0x0db4  [ DCF7221D6588EDA8CD77CB27AE9B1844, 7741A4F513952CC3C4D5056958D0D50F8F2A9D3142C7478707F73A83D3CDE01C ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:22:44.0904 0x0db4  RTL8167 - ok
23:22:44.0907 0x0db4  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
23:22:44.0913 0x0db4  s3cap - ok
23:22:44.0915 0x0db4  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] SamSs           C:\Windows\system32\lsass.exe
23:22:44.0922 0x0db4  SamSs - ok
23:22:44.0925 0x0db4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:22:44.0932 0x0db4  sbp2port - ok
23:22:44.0937 0x0db4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:22:44.0959 0x0db4  SCardSvr - ok
23:22:44.0961 0x0db4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:22:44.0980 0x0db4  scfilter - ok
23:22:44.0998 0x0db4  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
23:22:45.0020 0x0db4  Schedule - ok
23:22:45.0024 0x0db4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:22:45.0043 0x0db4  SCPolicySvc - ok
23:22:45.0047 0x0db4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:22:45.0056 0x0db4  SDRSVC - ok
23:22:45.0059 0x0db4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:22:45.0065 0x0db4  secdrv - ok
23:22:45.0068 0x0db4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
23:22:45.0086 0x0db4  seclogon - ok
23:22:45.0089 0x0db4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
23:22:45.0109 0x0db4  SENS - ok
23:22:45.0111 0x0db4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:22:45.0119 0x0db4  SensrSvc - ok
23:22:45.0121 0x0db4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:22:45.0127 0x0db4  Serenum - ok
23:22:45.0131 0x0db4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:22:45.0139 0x0db4  Serial - ok
23:22:45.0141 0x0db4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:22:45.0148 0x0db4  sermouse - ok
23:22:45.0164 0x0db4  [ AB38ABED6BA5A0BB2269525D87F284A9, 6ACA5EAB10EAFFE33CD72E5546E7E34A3D2FE5B1AE0C80802994BEACC5E9B8DF ] Service KMSELDI C:\Program Files\KMSpico\Service_KMS.exe
23:22:45.0184 0x0db4  Service KMSELDI - detected UnsignedFile.Multi.Generic ( 1 )
23:22:47.0597 0x0db4  Service KMSELDI ( UnsignedFile.Multi.Generic ) - warning
23:22:49.0974 0x0db4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
23:22:50.0020 0x0db4  SessionEnv - ok
23:22:50.0024 0x0db4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:22:50.0037 0x0db4  sffdisk - ok
23:22:50.0040 0x0db4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:22:50.0051 0x0db4  sffp_mmc - ok
23:22:50.0053 0x0db4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:22:50.0063 0x0db4  sffp_sd - ok
23:22:50.0066 0x0db4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:22:50.0073 0x0db4  sfloppy - ok
23:22:50.0081 0x0db4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:22:50.0104 0x0db4  SharedAccess - ok
23:22:50.0112 0x0db4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:22:50.0136 0x0db4  ShellHWDetection - ok
23:22:50.0139 0x0db4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:22:50.0144 0x0db4  SiSRaid2 - ok
23:22:50.0147 0x0db4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:22:50.0154 0x0db4  SiSRaid4 - ok
23:22:50.0157 0x0db4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:22:50.0177 0x0db4  Smb - ok
23:22:50.0181 0x0db4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:22:50.0189 0x0db4  SNMPTRAP - ok
23:22:50.0191 0x0db4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:22:50.0196 0x0db4  spldr - ok
23:22:50.0207 0x0db4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
23:22:50.0221 0x0db4  Spooler - ok
23:22:50.0275 0x0db4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:22:50.0340 0x0db4  sppsvc - ok
23:22:50.0346 0x0db4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:22:50.0366 0x0db4  sppuinotify - ok
23:22:50.0375 0x0db4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:22:50.0387 0x0db4  srv - ok
23:22:50.0395 0x0db4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:22:50.0407 0x0db4  srv2 - ok
23:22:50.0411 0x0db4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:22:50.0419 0x0db4  srvnet - ok
23:22:50.0425 0x0db4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:22:50.0446 0x0db4  SSDPSRV - ok
23:22:50.0449 0x0db4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:22:50.0470 0x0db4  SstpSvc - ok
23:22:50.0485 0x0db4  [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:22:50.0500 0x0db4  Steam Client Service - ok
23:22:50.0503 0x0db4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:22:50.0508 0x0db4  stexstor - ok
23:22:50.0519 0x0db4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
23:22:50.0536 0x0db4  stisvc - ok
23:22:50.0539 0x0db4  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:22:50.0545 0x0db4  storflt - ok
23:22:50.0548 0x0db4  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:22:50.0553 0x0db4  storvsc - ok
23:22:50.0555 0x0db4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:22:50.0560 0x0db4  swenum - ok
23:22:50.0570 0x0db4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
23:22:50.0597 0x0db4  swprv - ok
23:22:50.0600 0x0db4  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\Synth3dVsc.sys
23:22:50.0606 0x0db4  Synth3dVsc - ok
23:22:50.0635 0x0db4  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
23:22:50.0665 0x0db4  SysMain - ok
23:22:50.0669 0x0db4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:22:50.0680 0x0db4  TabletInputService - ok
23:22:50.0687 0x0db4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:22:50.0710 0x0db4  TapiSrv - ok
23:22:50.0713 0x0db4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
23:22:50.0733 0x0db4  TBS - ok
23:22:50.0763 0x0db4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:22:50.0794 0x0db4  Tcpip - ok
23:22:50.0826 0x0db4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:22:50.0856 0x0db4  TCPIP6 - ok
23:22:50.0861 0x0db4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:22:50.0868 0x0db4  tcpipreg - ok
23:22:50.0870 0x0db4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:22:50.0877 0x0db4  TDPIPE - ok
23:22:50.0879 0x0db4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:22:50.0885 0x0db4  TDTCP - ok
23:22:50.0889 0x0db4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:22:50.0908 0x0db4  tdx - ok
23:22:50.0911 0x0db4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:22:50.0917 0x0db4  TermDD - ok
23:22:50.0919 0x0db4  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
23:22:50.0925 0x0db4  terminpt - ok
23:22:50.0938 0x0db4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
23:22:50.0954 0x0db4  TermService - ok
23:22:50.0957 0x0db4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
23:22:50.0968 0x0db4  Themes - ok
23:22:50.0971 0x0db4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
23:22:50.0991 0x0db4  THREADORDER - ok
23:22:50.0995 0x0db4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
23:22:51.0016 0x0db4  TrkWks - ok
23:22:51.0021 0x0db4  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
23:22:51.0029 0x0db4  truecrypt - ok
23:22:51.0034 0x0db4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:22:51.0054 0x0db4  TrustedInstaller - ok
23:22:51.0058 0x0db4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:22:51.0064 0x0db4  tssecsrv - ok
23:22:51.0067 0x0db4  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:22:51.0074 0x0db4  TsUsbFlt - ok
23:22:51.0076 0x0db4  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
23:22:51.0083 0x0db4  TsUsbGD - ok
23:22:51.0087 0x0db4  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
23:22:51.0094 0x0db4  tsusbhub - ok
23:22:51.0098 0x0db4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:22:51.0118 0x0db4  tunnel - ok
23:22:51.0120 0x0db4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:22:51.0126 0x0db4  uagp35 - ok
23:22:51.0133 0x0db4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:22:51.0155 0x0db4  udfs - ok
23:22:51.0159 0x0db4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:22:51.0167 0x0db4  UI0Detect - ok
23:22:51.0170 0x0db4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:22:51.0176 0x0db4  uliagpkx - ok
23:22:51.0179 0x0db4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:22:51.0186 0x0db4  umbus - ok
23:22:51.0188 0x0db4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
23:22:51.0196 0x0db4  UmPass - ok
23:22:51.0201 0x0db4  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:22:51.0210 0x0db4  UmRdpService - ok
23:22:51.0218 0x0db4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
23:22:51.0241 0x0db4  upnphost - ok
23:22:51.0245 0x0db4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:22:51.0252 0x0db4  usbccgp - ok
23:22:51.0256 0x0db4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:22:51.0263 0x0db4  usbcir - ok
23:22:51.0266 0x0db4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:22:51.0273 0x0db4  usbehci - ok
23:22:51.0280 0x0db4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:22:51.0291 0x0db4  usbhub - ok
23:22:51.0293 0x0db4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:22:51.0300 0x0db4  usbohci - ok
23:22:51.0302 0x0db4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:22:51.0310 0x0db4  usbprint - ok
23:22:51.0313 0x0db4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:22:51.0321 0x0db4  USBSTOR - ok
23:22:51.0323 0x0db4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:22:51.0333 0x0db4  usbuhci - ok
23:22:51.0341 0x0db4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
23:22:51.0349 0x0db4  usbvideo - ok
23:22:51.0352 0x0db4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
23:22:51.0373 0x0db4  UxSms - ok
23:22:51.0375 0x0db4  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] VaultSvc        C:\Windows\system32\lsass.exe
23:22:51.0382 0x0db4  VaultSvc - ok
23:22:51.0384 0x0db4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:22:51.0390 0x0db4  vdrvroot - ok
23:22:51.0400 0x0db4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
23:22:51.0425 0x0db4  vds - ok
23:22:51.0428 0x0db4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:22:51.0436 0x0db4  vga - ok
23:22:51.0439 0x0db4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:22:51.0457 0x0db4  VgaSave - ok
23:22:51.0459 0x0db4  VGPU - ok
23:22:51.0465 0x0db4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:22:51.0473 0x0db4  vhdmp - ok
23:22:51.0475 0x0db4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:22:51.0481 0x0db4  viaide - ok
23:22:51.0486 0x0db4  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:22:51.0493 0x0db4  vmbus - ok
23:22:51.0496 0x0db4  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
23:22:51.0502 0x0db4  VMBusHID - ok
23:22:51.0505 0x0db4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:22:51.0511 0x0db4  volmgr - ok
23:22:51.0519 0x0db4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:22:51.0529 0x0db4  volmgrx - ok
23:22:51.0535 0x0db4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:22:51.0544 0x0db4  volsnap - ok
23:22:51.0549 0x0db4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:22:51.0556 0x0db4  vsmraid - ok
23:22:51.0582 0x0db4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
23:22:51.0621 0x0db4  VSS - ok
23:22:51.0628 0x0db4  [ 9B84E527379C3F4482F7F6A218B5751F, E00DAC7252D675F9E9F9531364CC74D02D72CE82B2C06DFCF70D8882DC6B3BF4 ] VUSB3HUB        C:\Windows\system32\DRIVERS\ViaHub3.sys
23:22:51.0637 0x0db4  VUSB3HUB - ok
23:22:51.0640 0x0db4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:22:51.0648 0x0db4  vwifibus - ok
23:22:51.0651 0x0db4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:22:51.0660 0x0db4  vwififlt - ok
23:22:51.0668 0x0db4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
23:22:51.0692 0x0db4  W32Time - ok
23:22:51.0696 0x0db4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:22:51.0702 0x0db4  WacomPen - ok
23:22:51.0706 0x0db4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:22:51.0725 0x0db4  WANARP - ok
23:22:51.0728 0x0db4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:22:51.0747 0x0db4  Wanarpv6 - ok
23:22:51.0771 0x0db4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
23:22:51.0798 0x0db4  wbengine - ok
23:22:51.0804 0x0db4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:22:51.0817 0x0db4  WbioSrvc - ok
23:22:51.0824 0x0db4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:22:51.0839 0x0db4  wcncsvc - ok
23:22:51.0841 0x0db4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:22:51.0849 0x0db4  WcsPlugInService - ok
23:22:51.0851 0x0db4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
23:22:51.0856 0x0db4  Wd - ok
23:22:51.0870 0x0db4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:22:51.0886 0x0db4  Wdf01000 - ok
23:22:51.0890 0x0db4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:22:51.0901 0x0db4  WdiServiceHost - ok
23:22:51.0904 0x0db4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:22:51.0915 0x0db4  WdiSystemHost - ok
23:22:51.0921 0x0db4  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
23:22:51.0931 0x0db4  WebClient - ok
23:22:51.0937 0x0db4  [ D5BA7D43FA2EF656BF7E98A188391E40, 56CF132B7C43A0F9C7C4D070730315FE7AFD2E87E94014DFC3D7107BB52B9C64 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:22:51.0946 0x0db4  Wecsvc - ok
23:22:51.0950 0x0db4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:22:51.0971 0x0db4  wercplsupport - ok
23:22:51.0974 0x0db4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:22:51.0995 0x0db4  WerSvc - ok
23:22:51.0997 0x0db4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:22:52.0016 0x0db4  WfpLwf - ok
23:22:52.0018 0x0db4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:22:52.0023 0x0db4  WIMMount - ok
23:22:52.0025 0x0db4  WinDefend - ok
23:22:52.0040 0x0db4  [ 0F35DFA67833ECA9B4AC97BF7D1ADEF5, 71D567CC63624E15989F7E8E4942378E5FB365383BFCD976125875C20C551F80 ] Windows7FirewallService C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
23:22:52.0054 0x0db4  Windows7FirewallService - detected UnsignedFile.Multi.Generic ( 1 )
23:22:54.0394 0x0db4  Detect skipped due to KSN trusted
23:22:54.0394 0x0db4  Windows7FirewallService - ok
23:22:54.0399 0x0db4  WinHttpAutoProxySvc - ok
23:22:54.0422 0x0db4  [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:22:54.0441 0x0db4  Winmgmt - ok
23:22:54.0501 0x0db4  [ 3BB6B401A780BF434C8F58137DE10BF7, 1A377C39B78B92A1A1FED699EE5E5ED0271A6FFAC143F1D29FC1FDF4D726A522 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:22:54.0546 0x0db4  WinRM - ok
23:22:54.0554 0x0db4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:22:54.0563 0x0db4  WinUsb - ok
23:22:54.0578 0x0db4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:22:54.0600 0x0db4  Wlansvc - ok
23:22:54.0603 0x0db4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
23:22:54.0610 0x0db4  WmiAcpi - ok
23:22:54.0615 0x0db4  [ 4DF841632B62A7CF19A79A05046A8AB1, D80F28FD7FEB95DB83976EAFECB2E9AE1423DA4D34EC5D820FC39A33444B82DA ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:22:54.0625 0x0db4  wmiApSrv - ok
23:22:54.0626 0x0db4  WMPNetworkSvc - ok
23:22:54.0629 0x0db4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:22:54.0636 0x0db4  WPCSvc - ok
23:22:54.0640 0x0db4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:22:54.0649 0x0db4  WPDBusEnum - ok
23:22:54.0651 0x0db4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:22:54.0670 0x0db4  ws2ifsl - ok
23:22:54.0674 0x0db4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
23:22:54.0685 0x0db4  wscsvc - ok
23:22:54.0687 0x0db4  WSearch - ok
23:22:54.0728 0x0db4  [ 291778E1A36716182AFBC1731B2DFEAB, C0B928CCCE8C496C90C42E0D294BAB51DC67C02B0D20CFB6A16B0AE1F51CC497 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:22:54.0769 0x0db4  wuauserv - ok
23:22:54.0774 0x0db4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:22:54.0782 0x0db4  WudfPf - ok
23:22:54.0787 0x0db4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:22:54.0796 0x0db4  WUDFRd - ok
23:22:54.0799 0x0db4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:22:54.0807 0x0db4  wudfsvc - ok
23:22:54.0813 0x0db4  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:22:54.0825 0x0db4  WwanSvc - ok
23:22:54.0832 0x0db4  [ 05E47B40CE30DEEF07E49B41178B3273, 1504C086E46ADC020D2C600393F5A58656BBC8885FA8777F307F0A9F2F1E8465 ] xhcdrv          C:\Windows\system32\DRIVERS\xhcdrv.sys
23:22:54.0842 0x0db4  xhcdrv - ok
23:22:54.0845 0x0db4  ================ Scan global ===============================
23:22:54.0848 0x0db4  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
23:22:54.0853 0x0db4  [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
23:22:54.0860 0x0db4  [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
23:22:54.0866 0x0db4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:22:54.0873 0x0db4  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
23:22:54.0877 0x0db4  [ Global ] - ok
23:22:54.0877 0x0db4  ================ Scan MBR ==================================
23:22:54.0878 0x0db4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:22:55.0036 0x0db4  \Device\Harddisk0\DR0 - ok
23:22:55.0037 0x0db4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
23:22:55.0823 0x0db4  \Device\Harddisk1\DR1 - ok
23:22:55.0829 0x0db4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
23:22:55.0948 0x0db4  \Device\Harddisk3\DR3 - ok
23:22:56.0002 0x0db4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
23:22:56.0033 0x0db4  \Device\Harddisk5\DR5 - ok
23:22:56.0034 0x0db4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR6
23:22:56.0050 0x0db4  \Device\Harddisk6\DR6 - ok
23:22:56.0050 0x0db4  ================ Scan VBR ==================================
23:22:56.0051 0x0db4  [ A9F13C0014A86565607D8D9ED801A924 ] \Device\Harddisk0\DR0\Partition1
23:22:56.0052 0x0db4  \Device\Harddisk0\DR0\Partition1 - ok
23:22:56.0053 0x0db4  [ B4AA1954BC783C4E4DBEB159808C931D ] \Device\Harddisk0\DR0\Partition2
23:22:56.0054 0x0db4  \Device\Harddisk0\DR0\Partition2 - ok
23:22:56.0055 0x0db4  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
23:22:56.0055 0x0db4  \Device\Harddisk1\DR1\Partition1 - ok
23:22:56.0057 0x0db4  [ C8A04A5519118313D3EC9A0F28C30A7D ] \Device\Harddisk1\DR1\Partition2
23:22:56.0058 0x0db4  \Device\Harddisk1\DR1\Partition2 - ok
23:22:56.0059 0x0db4  [ 11E4A9A53424F1F8F8EF7FE1896C35F0 ] \Device\Harddisk3\DR3\Partition1
23:22:56.0060 0x0db4  \Device\Harddisk3\DR3\Partition1 - ok
23:22:56.0061 0x0db4  [ 99492081BB9F53BFFD47B29B9893D267 ] \Device\Harddisk5\DR5\Partition1
23:22:56.0062 0x0db4  \Device\Harddisk5\DR5\Partition1 - ok
23:22:56.0064 0x0db4  [ BA257838FE24CDEC21AF58EB033598E8 ] \Device\Harddisk6\DR6\Partition1
23:22:56.0065 0x0db4  \Device\Harddisk6\DR6\Partition1 - ok
23:22:56.0065 0x0db4  ================ Scan generic autorun ======================
23:22:56.0192 0x0db4  [ BDAE75747CF1369601B95092F183ADFD, E70D76197E856AA83F4EF9538A88BE67625F837F78906FE84AE8A8F029C4E533 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
23:22:56.0308 0x0db4  RTHDVCPL - ok
23:22:56.0344 0x0db4  [ FFC5E7EDA6ACDA6C0DD9508A8F0E359C, 7EE9CA904B416E653862167DE4A5A42027A0F1F448DE020E3B2F1C4F38EE7C6D ] C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
23:22:56.0362 0x0db4  Windows7FirewallControl - detected UnsignedFile.Multi.Generic ( 1 )
23:22:58.0707 0x0db4  Detect skipped due to KSN trusted
23:22:58.0707 0x0db4  Windows7FirewallControl - ok
23:22:58.0739 0x0db4  [ 5A9CDFF0CEDFA8061D0DE6B6C2547F51, 76CDEF7A94D90D79CFA105E492E53350F7545900FEF651CD0D18B3163B812AD2 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
23:22:58.0762 0x0db4  AdobeAAMUpdater-1.0 - ok
23:22:58.0764 0x0db4  VIAxHCUtl - ok
23:22:58.0786 0x0db4  [ 8AFBBB9B03A6457D1B1D35DEC1D73BF5, 66801EAD01AFFA1E4C8220FD4CCE66503D2B8AD9323D2C1C38DC9A1A39742E29 ] C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
23:22:58.0807 0x0db4  AvgUi - ok
23:22:58.0867 0x0db4  [ 0959C96E471602632DA7EEB71F79148A, 2797B465076E3406FCC64D293C3F5046103E60DE584D5EB95C8960BB974A1828 ] C:\Program Files (x86)\AVG\Av\avgui.exe
23:22:58.0921 0x0db4  AVG_UI - ok
23:22:58.0959 0x0db4  [ 3D1D33DE714636AEAB4AC18291D254F6, 8C9ECD5818F48B90FAEFBEC896F795DDE45CCE73BB11901E90E035F179037117 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
23:22:58.0993 0x0db4  Adobe Creative Cloud - ok
23:22:58.0997 0x0db4  Dropbox - ok
23:22:59.0009 0x0db4  [ FCEC6F664FA7E5FE323165FBC9314470, 4E5AB1E6C3D2881D95E74F2F28649A7DBC4919CA249829A0E4CD9804E401A025 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
23:22:59.0021 0x0db4  SunJavaUpdateSched - ok
23:22:59.0041 0x0db4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:22:59.0063 0x0db4  Sidebar - ok
23:22:59.0066 0x0db4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:22:59.0077 0x0db4  mctadmin - ok
23:22:59.0096 0x0db4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:22:59.0118 0x0db4  Sidebar - ok
23:22:59.0122 0x0db4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:22:59.0132 0x0db4  mctadmin - ok
23:22:59.0167 0x0db4  [ 9D0D72B696B8CDF9AE368E542FD042CE, 8CD19E8B609041A6C226D57D40509175827C75DEF93378B53A814060BB7A9E0B ] C:\Users\Greg\AppData\Roaming\Spotify\SpotifyWebHelper.exe
23:22:59.0197 0x0db4  Spotify Web Helper - ok
23:22:59.0224 0x0db4  [ 7A60DCF0B0F2521A7F505F8A56E5AB68, 7F23D55D4BC55ACACA9E4F94DA2439539FD2AA96D1DCA6FF58C8469F7F9C622F ] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
23:22:59.0249 0x0db4  FreeAC - ok
23:22:59.0269 0x0db4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:22:59.0291 0x0db4  Sidebar - ok
23:22:59.0294 0x0db4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:22:59.0305 0x0db4  mctadmin - ok
23:22:59.0305 0x0db4  Waiting for KSN requests completion. In queue: 132
23:23:00.0305 0x0db4  Waiting for KSN requests completion. In queue: 132
23:23:01.0305 0x0db4  Waiting for KSN requests completion. In queue: 132
23:23:02.0329 0x0db4  AV detected via SS2: AVG AntiVirus, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( 16.4.0.7161 ), 0x41000 ( enabled : updated )
23:23:02.0337 0x0db4  Win FW state via NFP2: enabled ( trusted )
23:23:04.0699 0x0db4  ============================================================
23:23:04.0699 0x0db4  Scan finished
23:23:04.0699 0x0db4  ============================================================
23:23:04.0718 0x1690  Detected object count: 1
23:23:04.0718 0x1690  Actual detected object count: 1
23:23:06.0812 0x1690  Service KMSELDI ( UnsignedFile.Multi.Generic ) - skipped by user
23:23:06.0813 0x1690  Service KMSELDI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:23:22.0619 0x0838  ============================================================
23:23:22.0619 0x0838  Scan started
23:23:22.0619 0x0838  Mode: Manual; SigCheck; TDLFS; 
23:23:22.0619 0x0838  ============================================================
23:23:22.0619 0x0838  KSN ping started
23:23:35.0948 0x0838  KSN ping finished: true
23:23:36.0765 0x0838  ================ Scan system memory ========================
23:23:36.0766 0x0838  Scan was interrupted by user!
23:23:36.0768 0x0838  AV detected via SS2: AVG AntiVirus, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( 16.4.0.7161 ), 0x41000 ( enabled : updated )
23:23:36.0769 0x0838  Win FW state via NFP2: enabled ( trusted )
23:23:39.0131 0x0838  ============================================================
23:23:39.0131 0x0838  Scan finished
23:23:39.0131 0x0838  ============================================================
23:23:39.0140 0x1aa0  Detected object count: 0
23:23:39.0140 0x1aa0  Actual detected object count: 0
23:23:41.0874 0x0a0c  ============================================================
23:23:41.0874 0x0a0c  Scan started
23:23:41.0874 0x0a0c  Mode: Manual; SigCheck; TDLFS; 
23:23:41.0874 0x0a0c  ============================================================
23:23:41.0874 0x0a0c  KSN ping started
23:23:44.0194 0x0a0c  KSN ping finished: true
23:23:44.0545 0x0a0c  ================ Scan system memory ========================
23:23:44.0545 0x0a0c  System memory - ok
23:23:44.0545 0x0a0c  ================ Scan services =============================
23:23:44.0581 0x0a0c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:23:44.0594 0x0a0c  1394ohci - ok
23:23:44.0602 0x0a0c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:23:44.0612 0x0a0c  ACPI - ok
23:23:44.0614 0x0a0c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:23:44.0623 0x0a0c  AcpiPmi - ok
23:23:44.0627 0x0a0c  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:23:44.0634 0x0a0c  AdobeARMservice - ok
23:23:44.0646 0x0a0c  [ 0D19026AB5812D3A7B9DBB386F8334D8, 3FF22476D621ECFC2C80EF63D1A90C45F672CE299DC92A874E049779EF96AB4A ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
23:23:44.0659 0x0a0c  AdobeUpdateService - ok
23:23:44.0669 0x0a0c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:23:44.0681 0x0a0c  adp94xx - ok
23:23:44.0689 0x0a0c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:23:44.0698 0x0a0c  adpahci - ok
23:23:44.0703 0x0a0c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:23:44.0711 0x0a0c  adpu320 - ok
23:23:44.0715 0x0a0c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:23:44.0735 0x0a0c  AeLookupSvc - ok
23:23:44.0745 0x0a0c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
23:23:44.0758 0x0a0c  AFD - ok
23:23:44.0762 0x0a0c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
23:23:44.0768 0x0a0c  agp440 - ok
23:23:44.0770 0x0a0c  AGSService - ok
23:23:44.0773 0x0a0c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
23:23:44.0781 0x0a0c  ALG - ok
23:23:44.0783 0x0a0c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:23:44.0788 0x0a0c  aliide - ok
23:23:44.0791 0x0a0c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:23:44.0797 0x0a0c  amdide - ok
23:23:44.0799 0x0a0c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:23:44.0807 0x0a0c  AmdK8 - ok
23:23:44.0810 0x0a0c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
23:23:44.0816 0x0a0c  AmdPPM - ok
23:23:44.0820 0x0a0c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
         

Alt 04.11.2015, 23:25   #7
zabbn
 
AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



TDSSKiller 2. Teil:
Code:
ATTFilter
23:23:44.0827 0x0a0c  amdsata - ok
23:23:44.0832 0x0a0c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:23:44.0840 0x0a0c  amdsbs - ok
23:23:44.0842 0x0a0c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:23:44.0848 0x0a0c  amdxata - ok
23:23:44.0851 0x0a0c  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
23:23:44.0858 0x0a0c  AppID - ok
23:23:44.0861 0x0a0c  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:23:44.0867 0x0a0c  AppIDSvc - ok
23:23:44.0870 0x0a0c  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
23:23:44.0877 0x0a0c  Appinfo - ok
23:23:44.0882 0x0a0c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:23:44.0890 0x0a0c  AppMgmt - ok
23:23:44.0894 0x0a0c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
23:23:44.0900 0x0a0c  arc - ok
23:23:44.0904 0x0a0c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:23:44.0910 0x0a0c  arcsas - ok
23:23:44.0921 0x0a0c  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:23:44.0926 0x0a0c  aspnet_state - ok
23:23:44.0929 0x0a0c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:23:44.0947 0x0a0c  AsyncMac - ok
23:23:44.0950 0x0a0c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:23:44.0956 0x0a0c  atapi - ok
23:23:44.0958 0x0a0c  athr - ok
23:23:44.0970 0x0a0c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:23:44.0986 0x0a0c  AudioEndpointBuilder - ok
23:23:44.0998 0x0a0c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:23:45.0014 0x0a0c  AudioSrv - ok
23:23:45.0027 0x0a0c  [ 4B7DC49B8598EFB40B341D14866F2D68, DA2DF92FA7E5756E183B5DED095B5427215A2C4ED7218E54C23D87EBBD88855B ] AvgAMPS         C:\Program Files (x86)\AVG\Av\avgamps.exe
23:23:45.0043 0x0a0c  AvgAMPS - ok
23:23:45.0048 0x0a0c  [ 0047D8CDD760C85F0FCEE46FB10F7AF5, 312039D91C71819A58E1970330ED6443CFA462FAA0B2E00B55AC25D523C65722 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
23:23:45.0057 0x0a0c  Avgdiska - ok
23:23:45.0115 0x0a0c  [ FC65D4E2820FEB4E8C6AF1DB3F47A52E, AF11103251B7AA079B15CDF1638FB8CACE2E983E88F14CD1AAF192980767AE8C ] AVGIDSAgent     C:\Program Files (x86)\AVG\Av\avgidsagent.exe
23:23:45.0176 0x0a0c  AVGIDSAgent - ok
23:23:45.0186 0x0a0c  [ D670EA803C3D2B93A0FCC866ECF2CCD5, FC36588CFFEC063D2FEC1729815A6B918E7AFE06E42A5BE572BC982893526673 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
23:23:45.0196 0x0a0c  AVGIDSDriver - ok
23:23:45.0204 0x0a0c  [ E9796E2C69DC0D3AEE77EC82B80F83F3, E89011A5CC74AE9FDCCD094C50289E7875A014E537A05338EA6B0152B6E992F4 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
23:23:45.0214 0x0a0c  AVGIDSHA - ok
23:23:45.0220 0x0a0c  [ 063CA877621634E727E4F9A7B3B9EF59, BA25906837C602600545CC31FB4F7A45E7D621DFD608CBC147DDF632713C49D2 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
23:23:45.0230 0x0a0c  Avgldx64 - ok
23:23:45.0238 0x0a0c  [ 6BB3E78DE490503540DD93B9A733794D, 18832B066A10EF2CF0A02F0B834B91771DD95CC3FAB24CBACB7B60E46D280B25 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
23:23:45.0249 0x0a0c  Avgloga - ok
23:23:45.0256 0x0a0c  [ 9A557F44DB4545195089C976223BF671, 76FF15288AC06C417E37763FD1CA461132952AB14D574CDC5BC35FEB2349F131 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
23:23:45.0265 0x0a0c  Avgmfx64 - ok
23:23:45.0268 0x0a0c  [ B4551FA74295B9629B8F63B1D54EF4FB, 3C0C798D98AC8B50098ACE634ED4733A2A245D2C03B8C92397899767C11C24DD ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
23:23:45.0274 0x0a0c  Avgrkx64 - ok
23:23:45.0291 0x0a0c  [ 5FAEAF3F8CABB70984D1B55A91AAC006, 39B95F7D111B10312B4ADDF5696038805E29217DDD97A3E3B4017F41EDCE511D ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
23:23:45.0310 0x0a0c  avgsvc - ok
23:23:45.0322 0x0a0c  [ 29B8FDF5E026B2AC7E368BE8DC6A1423, 2921A307CB7A925FBC061E6867D3FF3B0E5A8A7606EED8F93298C035E6F81C2A ] avgwd           C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
23:23:45.0336 0x0a0c  avgwd - ok
23:23:45.0341 0x0a0c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:23:45.0351 0x0a0c  AxInstSV - ok
23:23:45.0360 0x0a0c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:23:45.0373 0x0a0c  b06bdrv - ok
23:23:45.0380 0x0a0c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:23:45.0390 0x0a0c  b57nd60a - ok
23:23:45.0394 0x0a0c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:23:45.0402 0x0a0c  BDESVC - ok
23:23:45.0404 0x0a0c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:23:45.0422 0x0a0c  Beep - ok
23:23:45.0435 0x0a0c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
23:23:45.0451 0x0a0c  BFE - ok
23:23:45.0466 0x0a0c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
23:23:45.0496 0x0a0c  BITS - ok
23:23:45.0499 0x0a0c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:23:45.0506 0x0a0c  blbdrive - ok
23:23:45.0510 0x0a0c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:23:45.0517 0x0a0c  bowser - ok
23:23:45.0520 0x0a0c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
23:23:45.0527 0x0a0c  BrFiltLo - ok
23:23:45.0530 0x0a0c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
23:23:45.0538 0x0a0c  BrFiltUp - ok
23:23:45.0542 0x0a0c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
23:23:45.0551 0x0a0c  Browser - ok
23:23:45.0557 0x0a0c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:23:45.0568 0x0a0c  Brserid - ok
23:23:45.0571 0x0a0c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:23:45.0579 0x0a0c  BrSerWdm - ok
23:23:45.0582 0x0a0c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:23:45.0590 0x0a0c  BrUsbMdm - ok
23:23:45.0592 0x0a0c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:23:45.0599 0x0a0c  BrUsbSer - ok
23:23:45.0602 0x0a0c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:23:45.0612 0x0a0c  BTHMODEM - ok
23:23:45.0616 0x0a0c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
23:23:45.0637 0x0a0c  bthserv - ok
23:23:45.0640 0x0a0c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:23:45.0661 0x0a0c  cdfs - ok
23:23:45.0666 0x0a0c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:23:45.0675 0x0a0c  cdrom - ok
23:23:45.0678 0x0a0c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:23:45.0697 0x0a0c  CertPropSvc - ok
23:23:45.0700 0x0a0c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
23:23:45.0708 0x0a0c  circlass - ok
23:23:45.0716 0x0a0c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
23:23:45.0727 0x0a0c  CLFS - ok
23:23:45.0733 0x0a0c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:23:45.0740 0x0a0c  clr_optimization_v2.0.50727_32 - ok
23:23:45.0744 0x0a0c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:23:45.0751 0x0a0c  clr_optimization_v2.0.50727_64 - ok
23:23:45.0760 0x0a0c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:23:45.0766 0x0a0c  clr_optimization_v4.0.30319_32 - ok
23:23:45.0770 0x0a0c  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:23:45.0777 0x0a0c  clr_optimization_v4.0.30319_64 - ok
23:23:45.0780 0x0a0c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
23:23:45.0786 0x0a0c  CmBatt - ok
23:23:45.0789 0x0a0c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:23:45.0794 0x0a0c  cmdide - ok
23:23:45.0803 0x0a0c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
23:23:45.0818 0x0a0c  CNG - ok
23:23:45.0821 0x0a0c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
23:23:45.0826 0x0a0c  Compbatt - ok
23:23:45.0828 0x0a0c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:23:45.0837 0x0a0c  CompositeBus - ok
23:23:45.0839 0x0a0c  COMSysApp - ok
23:23:45.0841 0x0a0c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:23:45.0848 0x0a0c  crcdisk - ok
23:23:45.0854 0x0a0c  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:23:45.0863 0x0a0c  CryptSvc - ok
23:23:45.0873 0x0a0c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
23:23:45.0886 0x0a0c  CSC - ok
23:23:45.0899 0x0a0c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
23:23:45.0915 0x0a0c  CscService - ok
23:23:45.0918 0x0a0c  dbupdate - ok
23:23:45.0919 0x0a0c  dbupdatem - ok
23:23:45.0930 0x0a0c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:23:45.0956 0x0a0c  DcomLaunch - ok
23:23:45.0963 0x0a0c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:23:45.0987 0x0a0c  defragsvc - ok
23:23:45.0990 0x0a0c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:23:46.0010 0x0a0c  DfsC - ok
23:23:46.0017 0x0a0c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:23:46.0028 0x0a0c  Dhcp - ok
23:23:46.0031 0x0a0c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
23:23:46.0052 0x0a0c  discache - ok
23:23:46.0055 0x0a0c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
23:23:46.0062 0x0a0c  Disk - ok
23:23:46.0065 0x0a0c  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
23:23:46.0072 0x0a0c  dmvsc - ok
23:23:46.0077 0x0a0c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:23:46.0086 0x0a0c  Dnscache - ok
23:23:46.0092 0x0a0c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:23:46.0114 0x0a0c  dot3svc - ok
23:23:46.0119 0x0a0c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
23:23:46.0139 0x0a0c  DPS - ok
23:23:46.0141 0x0a0c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:23:46.0148 0x0a0c  drmkaud - ok
23:23:46.0155 0x0a0c  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:23:46.0163 0x0a0c  dtsoftbus01 - ok
23:23:46.0181 0x0a0c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:23:46.0200 0x0a0c  DXGKrnl - ok
23:23:46.0205 0x0a0c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
23:23:46.0226 0x0a0c  EapHost - ok
23:23:46.0277 0x0a0c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:23:46.0328 0x0a0c  ebdrv - ok
23:23:46.0334 0x0a0c  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] EFS             C:\Windows\System32\lsass.exe
23:23:46.0341 0x0a0c  EFS - ok
23:23:46.0354 0x0a0c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:23:46.0371 0x0a0c  ehRecvr - ok
23:23:46.0374 0x0a0c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
23:23:46.0383 0x0a0c  ehSched - ok
23:23:46.0394 0x0a0c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:23:46.0406 0x0a0c  elxstor - ok
23:23:46.0408 0x0a0c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:23:46.0415 0x0a0c  ErrDev - ok
23:23:46.0425 0x0a0c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
23:23:46.0451 0x0a0c  EventSystem - ok
23:23:46.0457 0x0a0c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:23:46.0478 0x0a0c  exfat - ok
23:23:46.0484 0x0a0c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:23:46.0505 0x0a0c  fastfat - ok
23:23:46.0519 0x0a0c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
23:23:46.0534 0x0a0c  Fax - ok
23:23:46.0537 0x0a0c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
23:23:46.0544 0x0a0c  fdc - ok
23:23:46.0547 0x0a0c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
23:23:46.0567 0x0a0c  fdPHost - ok
23:23:46.0570 0x0a0c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:23:46.0590 0x0a0c  FDResPub - ok
23:23:46.0593 0x0a0c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:23:46.0599 0x0a0c  FileInfo - ok
23:23:46.0602 0x0a0c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:23:46.0621 0x0a0c  Filetrace - ok
23:23:46.0623 0x0a0c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
23:23:46.0631 0x0a0c  flpydisk - ok
23:23:46.0637 0x0a0c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:23:46.0647 0x0a0c  FltMgr - ok
23:23:46.0668 0x0a0c  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
23:23:46.0690 0x0a0c  FontCache - ok
23:23:46.0694 0x0a0c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:23:46.0700 0x0a0c  FontCache3.0.0.0 - ok
23:23:46.0702 0x0a0c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:23:46.0709 0x0a0c  FsDepends - ok
23:23:46.0711 0x0a0c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:23:46.0718 0x0a0c  Fs_Rec - ok
23:23:46.0723 0x0a0c  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:23:46.0733 0x0a0c  fvevol - ok
23:23:46.0736 0x0a0c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:23:46.0742 0x0a0c  gagp30kx - ok
23:23:46.0756 0x0a0c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:23:46.0786 0x0a0c  gpsvc - ok
23:23:46.0790 0x0a0c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:23:46.0796 0x0a0c  hcw85cir - ok
23:23:46.0804 0x0a0c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:23:46.0817 0x0a0c  HdAudAddService - ok
23:23:46.0821 0x0a0c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:23:46.0831 0x0a0c  HDAudBus - ok
23:23:46.0834 0x0a0c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
23:23:46.0840 0x0a0c  HidBatt - ok
23:23:46.0844 0x0a0c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:23:46.0853 0x0a0c  HidBth - ok
23:23:46.0856 0x0a0c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:23:46.0865 0x0a0c  HidIr - ok
23:23:46.0868 0x0a0c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
23:23:46.0888 0x0a0c  hidserv - ok
23:23:46.0890 0x0a0c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:23:46.0897 0x0a0c  HidUsb - ok
23:23:46.0901 0x0a0c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:23:46.0921 0x0a0c  hkmsvc - ok
23:23:46.0927 0x0a0c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:23:46.0936 0x0a0c  HomeGroupListener - ok
23:23:46.0941 0x0a0c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:23:46.0951 0x0a0c  HomeGroupProvider - ok
23:23:46.0954 0x0a0c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:23:46.0960 0x0a0c  HpSAMD - ok
23:23:46.0974 0x0a0c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:23:46.0991 0x0a0c  HTTP - ok
23:23:46.0994 0x0a0c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:23:46.0999 0x0a0c  hwpolicy - ok
23:23:47.0003 0x0a0c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:23:47.0011 0x0a0c  i8042prt - ok
23:23:47.0020 0x0a0c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:23:47.0031 0x0a0c  iaStorV - ok
23:23:47.0047 0x0a0c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:23:47.0064 0x0a0c  idsvc - ok
23:23:47.0067 0x0a0c  IEEtwCollectorService - ok
23:23:47.0161 0x0a0c  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:23:47.0254 0x0a0c  igfx - ok
23:23:47.0262 0x0a0c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:23:47.0268 0x0a0c  iirsp - ok
23:23:47.0283 0x0a0c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
23:23:47.0301 0x0a0c  IKEEXT - ok
23:23:47.0375 0x0a0c  [ FC2D7F4568CCA29B0D9BAD5C7C3A7DBC, AB60AE60C4A1131B5B9E83BBC5F5721AD1862857D3E4672ED4D749F525BAC0AF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:23:47.0443 0x0a0c  IntcAzAudAddService - ok
23:23:47.0450 0x0a0c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:23:47.0456 0x0a0c  intelide - ok
23:23:47.0459 0x0a0c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:23:47.0466 0x0a0c  intelppm - ok
23:23:47.0470 0x0a0c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:23:47.0490 0x0a0c  IPBusEnum - ok
23:23:47.0494 0x0a0c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:23:47.0513 0x0a0c  IpFilterDriver - ok
23:23:47.0524 0x0a0c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:23:47.0539 0x0a0c  iphlpsvc - ok
23:23:47.0543 0x0a0c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:23:47.0552 0x0a0c  IPMIDRV - ok
23:23:47.0556 0x0a0c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:23:47.0577 0x0a0c  IPNAT - ok
23:23:47.0580 0x0a0c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:23:47.0589 0x0a0c  IRENUM - ok
23:23:47.0591 0x0a0c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:23:47.0597 0x0a0c  isapnp - ok
23:23:47.0605 0x0a0c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:23:47.0614 0x0a0c  iScsiPrt - ok
23:23:47.0617 0x0a0c  iusb3hub - ok
23:23:47.0618 0x0a0c  iusb3xhc - ok
23:23:47.0622 0x0a0c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:23:47.0627 0x0a0c  kbdclass - ok
23:23:47.0630 0x0a0c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:23:47.0638 0x0a0c  kbdhid - ok
23:23:47.0640 0x0a0c  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] KeyIso          C:\Windows\system32\lsass.exe
23:23:47.0647 0x0a0c  KeyIso - ok
23:23:47.0651 0x0a0c  [ 3A8C03156C3E31E70EF84E48CA179B46, E25E43D53BB6EE1B5F34C95B4FAD111B37A36367B8D047B10FC614DEE13658E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:23:47.0658 0x0a0c  KSecDD - ok
23:23:47.0662 0x0a0c  [ C6330F7C2E92A00E6773E82F79078AFC, D8B851BF4FCE85F2A269F0B46BC7EC5A118FCFDACE8460E7B54C1A7CE306774A ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:23:47.0670 0x0a0c  KSecPkg - ok
23:23:47.0673 0x0a0c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:23:47.0692 0x0a0c  ksthunk - ok
23:23:47.0700 0x0a0c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:23:47.0725 0x0a0c  KtmRm - ok
23:23:47.0732 0x0a0c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:23:47.0754 0x0a0c  LanmanServer - ok
23:23:47.0758 0x0a0c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:23:47.0780 0x0a0c  LanmanWorkstation - ok
23:23:47.0784 0x0a0c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:23:47.0804 0x0a0c  lltdio - ok
23:23:47.0810 0x0a0c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:23:47.0834 0x0a0c  lltdsvc - ok
23:23:47.0836 0x0a0c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:23:47.0855 0x0a0c  lmhosts - ok
23:23:47.0860 0x0a0c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:23:47.0866 0x0a0c  LSI_FC - ok
23:23:47.0870 0x0a0c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:23:47.0877 0x0a0c  LSI_SAS - ok
23:23:47.0880 0x0a0c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:23:47.0887 0x0a0c  LSI_SAS2 - ok
23:23:47.0891 0x0a0c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:23:47.0898 0x0a0c  LSI_SCSI - ok
23:23:47.0902 0x0a0c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:23:47.0922 0x0a0c  luafv - ok
23:23:47.0925 0x0a0c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:23:47.0933 0x0a0c  Mcx2Svc - ok
23:23:47.0935 0x0a0c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
23:23:47.0941 0x0a0c  megasas - ok
23:23:47.0947 0x0a0c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
23:23:47.0958 0x0a0c  MegaSR - ok
23:23:47.0961 0x0a0c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
23:23:47.0982 0x0a0c  MMCSS - ok
23:23:47.0984 0x0a0c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
23:23:48.0004 0x0a0c  Modem - ok
23:23:48.0006 0x0a0c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:23:48.0014 0x0a0c  monitor - ok
23:23:48.0017 0x0a0c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:23:48.0023 0x0a0c  mouclass - ok
23:23:48.0025 0x0a0c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:23:48.0032 0x0a0c  mouhid - ok
23:23:48.0036 0x0a0c  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:23:48.0043 0x0a0c  mountmgr - ok
23:23:48.0047 0x0a0c  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:23:48.0055 0x0a0c  MozillaMaintenance - ok
23:23:48.0060 0x0a0c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:23:48.0068 0x0a0c  mpio - ok
23:23:48.0071 0x0a0c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:23:48.0090 0x0a0c  mpsdrv - ok
23:23:48.0105 0x0a0c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:23:48.0136 0x0a0c  MpsSvc - ok
23:23:48.0141 0x0a0c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:23:48.0149 0x0a0c  MRxDAV - ok
23:23:48.0153 0x0a0c  [ ACB6782973BD93760D597FC7BB37E692, 9B6EC2858D236DCE61FD5E0247F4D947A5DC484C9C0AABFDAF8270ABA392E787 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:23:48.0161 0x0a0c  mrxsmb - ok
23:23:48.0168 0x0a0c  [ 262BF7BB7D0E44CFAA9B12A1E0A6EDF1, CCC3A4CE929C7C8B07C1038BBE8425590CE14F5C37E1D5608978A3AD2F41519C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:23:48.0178 0x0a0c  mrxsmb10 - ok
23:23:48.0182 0x0a0c  [ 8C0376974AA28398FF501E78C04ACB30, 81CE67BE933F67F760A72BF9B581F33BC151D98970765FE4425450A2EF450409 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:23:48.0190 0x0a0c  mrxsmb20 - ok
23:23:48.0193 0x0a0c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:23:48.0199 0x0a0c  msahci - ok
23:23:48.0204 0x0a0c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:23:48.0211 0x0a0c  msdsm - ok
23:23:48.0215 0x0a0c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
23:23:48.0225 0x0a0c  MSDTC - ok
23:23:48.0229 0x0a0c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:23:48.0249 0x0a0c  Msfs - ok
23:23:48.0251 0x0a0c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:23:48.0271 0x0a0c  mshidkmdf - ok
23:23:48.0273 0x0a0c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:23:48.0279 0x0a0c  msisadrv - ok
23:23:48.0284 0x0a0c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:23:48.0306 0x0a0c  MSiSCSI - ok
23:23:48.0308 0x0a0c  msiserver - ok
23:23:48.0310 0x0a0c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:23:48.0330 0x0a0c  MSKSSRV - ok
23:23:48.0332 0x0a0c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:23:48.0351 0x0a0c  MSPCLOCK - ok
23:23:48.0353 0x0a0c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:23:48.0372 0x0a0c  MSPQM - ok
23:23:48.0380 0x0a0c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:23:48.0391 0x0a0c  MsRPC - ok
23:23:48.0395 0x0a0c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:23:48.0401 0x0a0c  mssmbios - ok
23:23:48.0404 0x0a0c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:23:48.0423 0x0a0c  MSTEE - ok
23:23:48.0425 0x0a0c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
23:23:48.0431 0x0a0c  MTConfig - ok
23:23:48.0434 0x0a0c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
23:23:48.0440 0x0a0c  Mup - ok
23:23:48.0450 0x0a0c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
23:23:48.0475 0x0a0c  napagent - ok
23:23:48.0483 0x0a0c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:23:48.0497 0x0a0c  NativeWifiP - ok
23:23:48.0513 0x0a0c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:23:48.0532 0x0a0c  NDIS - ok
23:23:48.0535 0x0a0c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:23:48.0556 0x0a0c  NdisCap - ok
23:23:48.0558 0x0a0c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:23:48.0578 0x0a0c  NdisTapi - ok
23:23:48.0581 0x0a0c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:23:48.0600 0x0a0c  Ndisuio - ok
23:23:48.0605 0x0a0c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:23:48.0626 0x0a0c  NdisWan - ok
23:23:48.0628 0x0a0c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:23:48.0648 0x0a0c  NDProxy - ok
23:23:48.0652 0x0a0c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:23:48.0671 0x0a0c  NetBIOS - ok
23:23:48.0677 0x0a0c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:23:48.0699 0x0a0c  NetBT - ok
23:23:48.0701 0x0a0c  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] Netlogon        C:\Windows\system32\lsass.exe
23:23:48.0709 0x0a0c  Netlogon - ok
23:23:48.0717 0x0a0c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
23:23:48.0741 0x0a0c  Netman - ok
23:23:48.0746 0x0a0c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:23:48.0752 0x0a0c  NetMsmqActivator - ok
23:23:48.0755 0x0a0c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:23:48.0761 0x0a0c  NetPipeActivator - ok
23:23:48.0771 0x0a0c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
23:23:48.0797 0x0a0c  netprofm - ok
23:23:48.0801 0x0a0c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:23:48.0807 0x0a0c  NetTcpActivator - ok
23:23:48.0810 0x0a0c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:23:48.0817 0x0a0c  NetTcpPortSharing - ok
23:23:48.0820 0x0a0c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:23:48.0825 0x0a0c  nfrd960 - ok
23:23:48.0832 0x0a0c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:23:48.0843 0x0a0c  NlaSvc - ok
23:23:48.0846 0x0a0c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:23:48.0866 0x0a0c  Npfs - ok
23:23:48.0868 0x0a0c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
23:23:48.0888 0x0a0c  nsi - ok
23:23:48.0890 0x0a0c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:23:48.0910 0x0a0c  nsiproxy - ok
23:23:48.0938 0x0a0c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:23:48.0966 0x0a0c  Ntfs - ok
23:23:48.0970 0x0a0c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
23:23:48.0989 0x0a0c  Null - ok
23:23:49.0178 0x0a0c  [ EE6B7B6A54BCAFF516E30B1C15467495, 85D5E22593549C7980AA3523F0C9C4391E0D147B29F07500A8DA68F49D80A84F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:23:49.0337 0x0a0c  nvlddmkm - ok
23:23:49.0352 0x0a0c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:23:49.0359 0x0a0c  nvraid - ok
23:23:49.0364 0x0a0c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:23:49.0372 0x0a0c  nvstor - ok
23:23:49.0388 0x0a0c  [ 25626309AD2F81D47C829CCB5E46E478, D23F9F72C064B5D2A7979674703585345A78F7BE88887794FC9CA2971818B3DC ] nvsvc           C:\Windows\system32\nvvsvc.exe
23:23:49.0406 0x0a0c  nvsvc - ok
23:23:49.0435 0x0a0c  [ A9AFE5B0648C8D7A411A72D8222F7F6E, A58AF8C615D97C769DA778D56F7E6999AAEB577C82C65455D3B2A8ED5B742777 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:23:49.0466 0x0a0c  nvUpdatusService - ok
23:23:49.0471 0x0a0c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:23:49.0478 0x0a0c  nv_agp - ok
23:23:49.0481 0x0a0c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:23:49.0489 0x0a0c  ohci1394 - ok
23:23:49.0494 0x0a0c  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:23:49.0502 0x0a0c  ose64 - ok
23:23:49.0581 0x0a0c  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:23:49.0656 0x0a0c  osppsvc - ok
23:23:49.0668 0x0a0c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:23:49.0679 0x0a0c  p2pimsvc - ok
23:23:49.0688 0x0a0c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
23:23:49.0701 0x0a0c  p2psvc - ok
23:23:49.0706 0x0a0c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:23:49.0714 0x0a0c  Parport - ok
23:23:49.0718 0x0a0c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:23:49.0724 0x0a0c  partmgr - ok
23:23:49.0729 0x0a0c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:23:49.0738 0x0a0c  PcaSvc - ok
23:23:49.0743 0x0a0c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
23:23:49.0751 0x0a0c  pci - ok
23:23:49.0753 0x0a0c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:23:49.0759 0x0a0c  pciide - ok
23:23:49.0764 0x0a0c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:23:49.0773 0x0a0c  pcmcia - ok
23:23:49.0776 0x0a0c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:23:49.0782 0x0a0c  pcw - ok
23:23:49.0795 0x0a0c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:23:49.0809 0x0a0c  PEAUTH - ok
23:23:49.0833 0x0a0c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:23:49.0858 0x0a0c  PeerDistSvc - ok
23:23:49.0882 0x0a0c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:23:49.0890 0x0a0c  PerfHost - ok
23:23:49.0916 0x0a0c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
23:23:49.0954 0x0a0c  pla - ok
23:23:49.0964 0x0a0c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:23:49.0977 0x0a0c  PlugPlay - ok
23:23:49.0980 0x0a0c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:23:49.0987 0x0a0c  PNRPAutoReg - ok
23:23:49.0994 0x0a0c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:23:50.0005 0x0a0c  PNRPsvc - ok
23:23:50.0015 0x0a0c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:23:50.0040 0x0a0c  PolicyAgent - ok
23:23:50.0047 0x0a0c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
23:23:50.0069 0x0a0c  Power - ok
23:23:50.0073 0x0a0c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:23:50.0092 0x0a0c  PptpMiniport - ok
23:23:50.0095 0x0a0c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
23:23:50.0103 0x0a0c  Processor - ok
23:23:50.0108 0x0a0c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:23:50.0118 0x0a0c  ProfSvc - ok
23:23:50.0121 0x0a0c  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:23:50.0127 0x0a0c  ProtectedStorage - ok
23:23:50.0131 0x0a0c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:23:50.0152 0x0a0c  Psched - ok
23:23:50.0178 0x0a0c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:23:50.0204 0x0a0c  ql2300 - ok
23:23:50.0210 0x0a0c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:23:50.0217 0x0a0c  ql40xx - ok
23:23:50.0223 0x0a0c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
23:23:50.0236 0x0a0c  QWAVE - ok
23:23:50.0239 0x0a0c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:23:50.0249 0x0a0c  QWAVEdrv - ok
23:23:50.0251 0x0a0c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:23:50.0270 0x0a0c  RasAcd - ok
23:23:50.0273 0x0a0c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:23:50.0292 0x0a0c  RasAgileVpn - ok
23:23:50.0296 0x0a0c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
23:23:50.0317 0x0a0c  RasAuto - ok
23:23:50.0321 0x0a0c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:23:50.0340 0x0a0c  Rasl2tp - ok
23:23:50.0347 0x0a0c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
23:23:50.0371 0x0a0c  RasMan - ok
23:23:50.0375 0x0a0c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:23:50.0396 0x0a0c  RasPppoe - ok
23:23:50.0399 0x0a0c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:23:50.0419 0x0a0c  RasSstp - ok
23:23:50.0426 0x0a0c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:23:50.0448 0x0a0c  rdbss - ok
23:23:50.0451 0x0a0c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:23:50.0459 0x0a0c  rdpbus - ok
23:23:50.0461 0x0a0c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:23:50.0480 0x0a0c  RDPCDD - ok
23:23:50.0486 0x0a0c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:23:50.0494 0x0a0c  RDPDR - ok
23:23:50.0496 0x0a0c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:23:50.0521 0x0a0c  RDPENCDD - ok
23:23:50.0544 0x0a0c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:23:50.0563 0x0a0c  RDPREFMP - ok
23:23:50.0567 0x0a0c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:23:50.0574 0x0a0c  RdpVideoMiniport - ok
23:23:50.0579 0x0a0c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:23:50.0588 0x0a0c  RDPWD - ok
23:23:50.0593 0x0a0c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:23:50.0601 0x0a0c  rdyboost - ok
23:23:50.0605 0x0a0c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:23:50.0626 0x0a0c  RemoteAccess - ok
23:23:50.0630 0x0a0c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:23:50.0652 0x0a0c  RemoteRegistry - ok
23:23:50.0655 0x0a0c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:23:50.0675 0x0a0c  RpcEptMapper - ok
23:23:50.0677 0x0a0c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
23:23:50.0685 0x0a0c  RpcLocator - ok
23:23:50.0695 0x0a0c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
23:23:50.0721 0x0a0c  RpcSs - ok
23:23:50.0725 0x0a0c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:23:50.0745 0x0a0c  rspndr - ok
23:23:50.0763 0x0a0c  [ DCF7221D6588EDA8CD77CB27AE9B1844, 7741A4F513952CC3C4D5056958D0D50F8F2A9D3142C7478707F73A83D3CDE01C ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:23:50.0782 0x0a0c  RTL8167 - ok
23:23:50.0785 0x0a0c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
23:23:50.0791 0x0a0c  s3cap - ok
23:23:50.0794 0x0a0c  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] SamSs           C:\Windows\system32\lsass.exe
23:23:50.0801 0x0a0c  SamSs - ok
23:23:50.0805 0x0a0c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:23:50.0811 0x0a0c  sbp2port - ok
23:23:50.0817 0x0a0c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:23:50.0839 0x0a0c  SCardSvr - ok
23:23:50.0842 0x0a0c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:23:50.0860 0x0a0c  scfilter - ok
23:23:50.0879 0x0a0c  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
23:23:50.0901 0x0a0c  Schedule - ok
23:23:50.0905 0x0a0c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:23:50.0924 0x0a0c  SCPolicySvc - ok
23:23:50.0929 0x0a0c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:23:50.0938 0x0a0c  SDRSVC - ok
23:23:50.0941 0x0a0c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:23:50.0948 0x0a0c  secdrv - ok
23:23:50.0950 0x0a0c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
23:23:50.0971 0x0a0c  seclogon - ok
23:23:50.0973 0x0a0c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
23:23:50.0993 0x0a0c  SENS - ok
23:23:50.0996 0x0a0c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:23:51.0003 0x0a0c  SensrSvc - ok
23:23:51.0006 0x0a0c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:23:51.0013 0x0a0c  Serenum - ok
23:23:51.0016 0x0a0c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:23:51.0024 0x0a0c  Serial - ok
23:23:51.0027 0x0a0c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:23:51.0034 0x0a0c  sermouse - ok
23:23:51.0035 0x0a0c  Service KMSELDI - ok
23:23:51.0041 0x0a0c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
23:23:51.0062 0x0a0c  SessionEnv - ok
23:23:51.0065 0x0a0c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:23:51.0073 0x0a0c  sffdisk - ok
23:23:51.0075 0x0a0c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:23:51.0083 0x0a0c  sffp_mmc - ok
23:23:51.0085 0x0a0c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:23:51.0093 0x0a0c  sffp_sd - ok
23:23:51.0096 0x0a0c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:23:51.0103 0x0a0c  sfloppy - ok
23:23:51.0110 0x0a0c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:23:51.0135 0x0a0c  SharedAccess - ok
23:23:51.0143 0x0a0c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:23:51.0168 0x0a0c  ShellHWDetection - ok
23:23:51.0171 0x0a0c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:23:51.0177 0x0a0c  SiSRaid2 - ok
23:23:51.0180 0x0a0c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:23:51.0186 0x0a0c  SiSRaid4 - ok
23:23:51.0190 0x0a0c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:23:51.0211 0x0a0c  Smb - ok
23:23:51.0215 0x0a0c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:23:51.0223 0x0a0c  SNMPTRAP - ok
23:23:51.0226 0x0a0c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:23:51.0232 0x0a0c  spldr - ok
23:23:51.0242 0x0a0c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
23:23:51.0256 0x0a0c  Spooler - ok
23:23:51.0313 0x0a0c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:23:51.0380 0x0a0c  sppsvc - ok
23:23:51.0386 0x0a0c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:23:51.0407 0x0a0c  sppuinotify - ok
23:23:51.0416 0x0a0c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:23:51.0428 0x0a0c  srv - ok
23:23:51.0437 0x0a0c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:23:51.0450 0x0a0c  srv2 - ok
23:23:51.0455 0x0a0c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:23:51.0464 0x0a0c  srvnet - ok
23:23:51.0469 0x0a0c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:23:51.0492 0x0a0c  SSDPSRV - ok
23:23:51.0495 0x0a0c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:23:51.0516 0x0a0c  SstpSvc - ok
23:23:51.0531 0x0a0c  [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:23:51.0548 0x0a0c  Steam Client Service - ok
23:23:51.0551 0x0a0c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:23:51.0557 0x0a0c  stexstor - ok
23:23:51.0568 0x0a0c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
23:23:51.0586 0x0a0c  stisvc - ok
23:23:51.0589 0x0a0c  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:23:51.0595 0x0a0c  storflt - ok
23:23:51.0598 0x0a0c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:23:51.0604 0x0a0c  storvsc - ok
23:23:51.0606 0x0a0c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:23:51.0611 0x0a0c  swenum - ok
23:23:51.0621 0x0a0c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
23:23:51.0649 0x0a0c  swprv - ok
23:23:51.0652 0x0a0c  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\Synth3dVsc.sys
23:23:51.0659 0x0a0c  Synth3dVsc - ok
23:23:51.0688 0x0a0c  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
23:23:51.0720 0x0a0c  SysMain - ok
23:23:51.0725 0x0a0c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:23:51.0736 0x0a0c  TabletInputService - ok
23:23:51.0743 0x0a0c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:23:51.0767 0x0a0c  TapiSrv - ok
23:23:51.0770 0x0a0c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
23:23:51.0792 0x0a0c  TBS - ok
23:23:51.0823 0x0a0c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:23:51.0855 0x0a0c  Tcpip - ok
23:23:51.0888 0x0a0c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:23:51.0920 0x0a0c  TCPIP6 - ok
23:23:51.0925 0x0a0c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:23:51.0932 0x0a0c  tcpipreg - ok
23:23:51.0935 0x0a0c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:23:51.0941 0x0a0c  TDPIPE - ok
23:23:51.0943 0x0a0c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:23:51.0950 0x0a0c  TDTCP - ok
23:23:51.0953 0x0a0c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:23:51.0973 0x0a0c  tdx - ok
23:23:51.0977 0x0a0c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:23:51.0983 0x0a0c  TermDD - ok
23:23:51.0986 0x0a0c  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
23:23:51.0992 0x0a0c  terminpt - ok
23:23:52.0004 0x0a0c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
23:23:52.0020 0x0a0c  TermService - ok
23:23:52.0024 0x0a0c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
23:23:52.0034 0x0a0c  Themes - ok
23:23:52.0037 0x0a0c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
23:23:52.0059 0x0a0c  THREADORDER - ok
23:23:52.0062 0x0a0c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
23:23:52.0083 0x0a0c  TrkWks - ok
23:23:52.0089 0x0a0c  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
23:23:52.0097 0x0a0c  truecrypt - ok
23:23:52.0102 0x0a0c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:23:52.0124 0x0a0c  TrustedInstaller - ok
23:23:52.0127 0x0a0c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:23:52.0134 0x0a0c  tssecsrv - ok
23:23:52.0137 0x0a0c  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:23:52.0143 0x0a0c  TsUsbFlt - ok
23:23:52.0146 0x0a0c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
23:23:52.0153 0x0a0c  TsUsbGD - ok
23:23:52.0157 0x0a0c  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
23:23:52.0164 0x0a0c  tsusbhub - ok
23:23:52.0169 0x0a0c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:23:52.0189 0x0a0c  tunnel - ok
23:23:52.0192 0x0a0c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:23:52.0198 0x0a0c  uagp35 - ok
23:23:52.0205 0x0a0c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:23:52.0228 0x0a0c  udfs - ok
23:23:52.0232 0x0a0c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:23:52.0241 0x0a0c  UI0Detect - ok
23:23:52.0243 0x0a0c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:23:52.0250 0x0a0c  uliagpkx - ok
23:23:52.0253 0x0a0c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:23:52.0259 0x0a0c  umbus - ok
23:23:52.0261 0x0a0c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
23:23:52.0268 0x0a0c  UmPass - ok
23:23:52.0273 0x0a0c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:23:52.0283 0x0a0c  UmRdpService - ok
23:23:52.0291 0x0a0c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
23:23:52.0316 0x0a0c  upnphost - ok
23:23:52.0320 0x0a0c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:23:52.0328 0x0a0c  usbccgp - ok
23:23:52.0331 0x0a0c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:23:52.0339 0x0a0c  usbcir - ok
23:23:52.0341 0x0a0c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:23:52.0348 0x0a0c  usbehci - ok
23:23:52.0356 0x0a0c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:23:52.0367 0x0a0c  usbhub - ok
23:23:52.0370 0x0a0c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:23:52.0377 0x0a0c  usbohci - ok
23:23:52.0380 0x0a0c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:23:52.0388 0x0a0c  usbprint - ok
23:23:52.0392 0x0a0c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:23:52.0399 0x0a0c  USBSTOR - ok
23:23:52.0402 0x0a0c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:23:52.0408 0x0a0c  usbuhci - ok
23:23:52.0413 0x0a0c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
23:23:52.0422 0x0a0c  usbvideo - ok
23:23:52.0424 0x0a0c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
23:23:52.0445 0x0a0c  UxSms - ok
23:23:52.0448 0x0a0c  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] VaultSvc        C:\Windows\system32\lsass.exe
23:23:52.0455 0x0a0c  VaultSvc - ok
23:23:52.0457 0x0a0c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:23:52.0463 0x0a0c  vdrvroot - ok
23:23:52.0473 0x0a0c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
23:23:52.0499 0x0a0c  vds - ok
23:23:52.0502 0x0a0c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:23:52.0511 0x0a0c  vga - ok
23:23:52.0513 0x0a0c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:23:52.0533 0x0a0c  VgaSave - ok
23:23:52.0535 0x0a0c  VGPU - ok
23:23:52.0540 0x0a0c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:23:52.0548 0x0a0c  vhdmp - ok
23:23:52.0551 0x0a0c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:23:52.0557 0x0a0c  viaide - ok
23:23:52.0561 0x0a0c  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:23:52.0570 0x0a0c  vmbus - ok
23:23:52.0573 0x0a0c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
23:23:52.0579 0x0a0c  VMBusHID - ok
23:23:52.0582 0x0a0c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:23:52.0589 0x0a0c  volmgr - ok
23:23:52.0596 0x0a0c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:23:52.0606 0x0a0c  volmgrx - ok
23:23:52.0614 0x0a0c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:23:52.0623 0x0a0c  volsnap - ok
23:23:52.0628 0x0a0c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:23:52.0635 0x0a0c  vsmraid - ok
23:23:52.0662 0x0a0c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
23:23:52.0702 0x0a0c  VSS - ok
23:23:52.0709 0x0a0c  [ 9B84E527379C3F4482F7F6A218B5751F, E00DAC7252D675F9E9F9531364CC74D02D72CE82B2C06DFCF70D8882DC6B3BF4 ] VUSB3HUB        C:\Windows\system32\DRIVERS\ViaHub3.sys
23:23:52.0719 0x0a0c  VUSB3HUB - ok
23:23:52.0721 0x0a0c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:23:52.0729 0x0a0c  vwifibus - ok
23:23:52.0733 0x0a0c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:23:52.0742 0x0a0c  vwififlt - ok
23:23:52.0750 0x0a0c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
23:23:52.0775 0x0a0c  W32Time - ok
23:23:52.0780 0x0a0c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:23:52.0787 0x0a0c  WacomPen - ok
23:23:52.0790 0x0a0c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:23:52.0810 0x0a0c  WANARP - ok
23:23:52.0813 0x0a0c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:23:52.0833 0x0a0c  Wanarpv6 - ok
23:23:52.0858 0x0a0c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
23:23:52.0885 0x0a0c  wbengine - ok
23:23:52.0891 0x0a0c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:23:52.0904 0x0a0c  WbioSrvc - ok
23:23:52.0912 0x0a0c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:23:52.0927 0x0a0c  wcncsvc - ok
23:23:52.0930 0x0a0c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:23:52.0938 0x0a0c  WcsPlugInService - ok
23:23:52.0940 0x0a0c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
23:23:52.0946 0x0a0c  Wd - ok
23:23:52.0960 0x0a0c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:23:52.0977 0x0a0c  Wdf01000 - ok
23:23:52.0982 0x0a0c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:23:52.0993 0x0a0c  WdiServiceHost - ok
23:23:52.0995 0x0a0c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:23:53.0006 0x0a0c  WdiSystemHost - ok
23:23:53.0013 0x0a0c  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
23:23:53.0023 0x0a0c  WebClient - ok
23:23:53.0029 0x0a0c  [ D5BA7D43FA2EF656BF7E98A188391E40, 56CF132B7C43A0F9C7C4D070730315FE7AFD2E87E94014DFC3D7107BB52B9C64 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:23:53.0039 0x0a0c  Wecsvc - ok
23:23:53.0042 0x0a0c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:23:53.0064 0x0a0c  wercplsupport - ok
23:23:53.0067 0x0a0c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:23:53.0088 0x0a0c  WerSvc - ok
23:23:53.0090 0x0a0c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:23:53.0110 0x0a0c  WfpLwf - ok
23:23:53.0112 0x0a0c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:23:53.0119 0x0a0c  WIMMount - ok
23:23:53.0120 0x0a0c  WinDefend - ok
23:23:53.0136 0x0a0c  [ 0F35DFA67833ECA9B4AC97BF7D1ADEF5, 71D567CC63624E15989F7E8E4942378E5FB365383BFCD976125875C20C551F80 ] Windows7FirewallService C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
23:23:53.0149 0x0a0c  Windows7FirewallService - detected UnsignedFile.Multi.Generic ( 1 )
23:23:53.0149 0x0a0c  Detect skipped due to KSN trusted
23:23:53.0149 0x0a0c  Windows7FirewallService - ok
23:23:53.0151 0x0a0c  WinHttpAutoProxySvc - ok
23:23:53.0159 0x0a0c  [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:23:53.0169 0x0a0c  Winmgmt - ok
23:23:53.0213 0x0a0c  [ 3BB6B401A780BF434C8F58137DE10BF7, 1A377C39B78B92A1A1FED699EE5E5ED0271A6FFAC143F1D29FC1FDF4D726A522 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:23:53.0263 0x0a0c  WinRM - ok
23:23:53.0270 0x0a0c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:23:53.0278 0x0a0c  WinUsb - ok
23:23:53.0294 0x0a0c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:23:53.0317 0x0a0c  Wlansvc - ok
23:23:53.0320 0x0a0c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
23:23:53.0326 0x0a0c  WmiAcpi - ok
23:23:53.0332 0x0a0c  [ 4DF841632B62A7CF19A79A05046A8AB1, D80F28FD7FEB95DB83976EAFECB2E9AE1423DA4D34EC5D820FC39A33444B82DA ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:23:53.0341 0x0a0c  wmiApSrv - ok
23:23:53.0343 0x0a0c  WMPNetworkSvc - ok
23:23:53.0345 0x0a0c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:23:53.0352 0x0a0c  WPCSvc - ok
23:23:53.0356 0x0a0c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:23:53.0366 0x0a0c  WPDBusEnum - ok
23:23:53.0368 0x0a0c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:23:53.0389 0x0a0c  ws2ifsl - ok
23:23:53.0392 0x0a0c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
23:23:53.0403 0x0a0c  wscsvc - ok
23:23:53.0405 0x0a0c  WSearch - ok
23:23:53.0447 0x0a0c  [ 291778E1A36716182AFBC1731B2DFEAB, C0B928CCCE8C496C90C42E0D294BAB51DC67C02B0D20CFB6A16B0AE1F51CC497 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:23:53.0489 0x0a0c  wuauserv - ok
23:23:53.0496 0x0a0c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:23:53.0503 0x0a0c  WudfPf - ok
23:23:53.0508 0x0a0c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:23:53.0517 0x0a0c  WUDFRd - ok
23:23:53.0521 0x0a0c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:23:53.0529 0x0a0c  wudfsvc - ok
23:23:53.0535 0x0a0c  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:23:53.0548 0x0a0c  WwanSvc - ok
23:23:53.0555 0x0a0c  [ 05E47B40CE30DEEF07E49B41178B3273, 1504C086E46ADC020D2C600393F5A58656BBC8885FA8777F307F0A9F2F1E8465 ] xhcdrv          C:\Windows\system32\DRIVERS\xhcdrv.sys
23:23:53.0566 0x0a0c  xhcdrv - ok
23:23:53.0569 0x0a0c  ================ Scan global ===============================
23:23:53.0571 0x0a0c  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
23:23:53.0577 0x0a0c  [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
23:23:53.0585 0x0a0c  [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
23:23:53.0590 0x0a0c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:23:53.0597 0x0a0c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
23:23:53.0602 0x0a0c  [ Global ] - ok
23:23:53.0602 0x0a0c  ================ Scan MBR ==================================
23:23:53.0603 0x0a0c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:23:53.0764 0x0a0c  \Device\Harddisk0\DR0 - ok
23:23:53.0766 0x0a0c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
23:23:53.0928 0x0a0c  \Device\Harddisk1\DR1 - ok
23:23:53.0932 0x0a0c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
23:23:54.0043 0x0a0c  \Device\Harddisk3\DR3 - ok
23:23:54.0047 0x0a0c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
23:23:54.0077 0x0a0c  \Device\Harddisk5\DR5 - ok
23:23:54.0079 0x0a0c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR6
23:23:54.0096 0x0a0c  \Device\Harddisk6\DR6 - ok
23:23:54.0096 0x0a0c  ================ Scan VBR ==================================
23:23:54.0097 0x0a0c  [ A9F13C0014A86565607D8D9ED801A924 ] \Device\Harddisk0\DR0\Partition1
23:23:54.0098 0x0a0c  \Device\Harddisk0\DR0\Partition1 - ok
23:23:54.0099 0x0a0c  [ B4AA1954BC783C4E4DBEB159808C931D ] \Device\Harddisk0\DR0\Partition2
23:23:54.0100 0x0a0c  \Device\Harddisk0\DR0\Partition2 - ok
23:23:54.0102 0x0a0c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
23:23:54.0102 0x0a0c  \Device\Harddisk1\DR1\Partition1 - ok
23:23:54.0103 0x0a0c  [ C8A04A5519118313D3EC9A0F28C30A7D ] \Device\Harddisk1\DR1\Partition2
23:23:54.0104 0x0a0c  \Device\Harddisk1\DR1\Partition2 - ok
23:23:54.0106 0x0a0c  [ 11E4A9A53424F1F8F8EF7FE1896C35F0 ] \Device\Harddisk3\DR3\Partition1
23:23:54.0107 0x0a0c  \Device\Harddisk3\DR3\Partition1 - ok
23:23:54.0108 0x0a0c  [ 99492081BB9F53BFFD47B29B9893D267 ] \Device\Harddisk5\DR5\Partition1
23:23:54.0109 0x0a0c  \Device\Harddisk5\DR5\Partition1 - ok
23:23:54.0110 0x0a0c  [ BA257838FE24CDEC21AF58EB033598E8 ] \Device\Harddisk6\DR6\Partition1
23:23:54.0112 0x0a0c  \Device\Harddisk6\DR6\Partition1 - ok
23:23:54.0112 0x0a0c  ================ Scan generic autorun ======================
23:23:54.0240 0x0a0c  [ BDAE75747CF1369601B95092F183ADFD, E70D76197E856AA83F4EF9538A88BE67625F837F78906FE84AE8A8F029C4E533 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
23:23:54.0357 0x0a0c  RTHDVCPL - ok
23:23:54.0381 0x0a0c  [ FFC5E7EDA6ACDA6C0DD9508A8F0E359C, 7EE9CA904B416E653862167DE4A5A42027A0F1F448DE020E3B2F1C4F38EE7C6D ] C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
23:23:54.0399 0x0a0c  Windows7FirewallControl - detected UnsignedFile.Multi.Generic ( 1 )
23:23:54.0399 0x0a0c  Detect skipped due to KSN trusted
23:23:54.0399 0x0a0c  Windows7FirewallControl - ok
23:23:54.0409 0x0a0c  [ 5A9CDFF0CEDFA8061D0DE6B6C2547F51, 76CDEF7A94D90D79CFA105E492E53350F7545900FEF651CD0D18B3163B812AD2 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
23:23:54.0421 0x0a0c  AdobeAAMUpdater-1.0 - ok
23:23:54.0422 0x0a0c  VIAxHCUtl - ok
23:23:54.0440 0x0a0c  [ 8AFBBB9B03A6457D1B1D35DEC1D73BF5, 66801EAD01AFFA1E4C8220FD4CCE66503D2B8AD9323D2C1C38DC9A1A39742E29 ] C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
23:23:54.0460 0x0a0c  AvgUi - ok
23:23:54.0521 0x0a0c  [ 0959C96E471602632DA7EEB71F79148A, 2797B465076E3406FCC64D293C3F5046103E60DE584D5EB95C8960BB974A1828 ] C:\Program Files (x86)\AVG\Av\avgui.exe
23:23:54.0578 0x0a0c  AVG_UI - ok
23:23:54.0618 0x0a0c  [ 3D1D33DE714636AEAB4AC18291D254F6, 8C9ECD5818F48B90FAEFBEC896F795DDE45CCE73BB11901E90E035F179037117 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
23:23:54.0653 0x0a0c  Adobe Creative Cloud - ok
23:23:54.0656 0x0a0c  Dropbox - ok
23:23:54.0667 0x0a0c  [ FCEC6F664FA7E5FE323165FBC9314470, 4E5AB1E6C3D2881D95E74F2F28649A7DBC4919CA249829A0E4CD9804E401A025 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
23:23:54.0680 0x0a0c  SunJavaUpdateSched - ok
23:23:54.0700 0x0a0c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:23:54.0722 0x0a0c  Sidebar - ok
23:23:54.0726 0x0a0c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:23:54.0737 0x0a0c  mctadmin - ok
23:23:54.0757 0x0a0c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:23:54.0780 0x0a0c  Sidebar - ok
23:23:54.0784 0x0a0c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:23:54.0794 0x0a0c  mctadmin - ok
23:23:54.0829 0x0a0c  [ 9D0D72B696B8CDF9AE368E542FD042CE, 8CD19E8B609041A6C226D57D40509175827C75DEF93378B53A814060BB7A9E0B ] C:\Users\Greg\AppData\Roaming\Spotify\SpotifyWebHelper.exe
23:23:54.0861 0x0a0c  Spotify Web Helper - ok
23:23:54.0890 0x0a0c  [ 7A60DCF0B0F2521A7F505F8A56E5AB68, 7F23D55D4BC55ACACA9E4F94DA2439539FD2AA96D1DCA6FF58C8469F7F9C622F ] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
23:23:54.0915 0x0a0c  FreeAC - ok
23:23:54.0936 0x0a0c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:23:54.0958 0x0a0c  Sidebar - ok
23:23:54.0962 0x0a0c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:23:54.0973 0x0a0c  mctadmin - ok
23:23:54.0975 0x0a0c  AV detected via SS2: AVG AntiVirus, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( 16.4.0.7161 ), 0x41000 ( enabled : updated )
23:23:54.0976 0x0a0c  Win FW state via NFP2: enabled ( trusted )
23:23:57.0324 0x0a0c  ============================================================
23:23:57.0324 0x0a0c  Scan finished
23:23:57.0324 0x0a0c  ============================================================
23:23:57.0328 0x09dc  Detected object count: 0
23:23:57.0328 0x09dc  Actual detected object count: 0
         
Kann sowas auch mal eine Falschmeldung von AVG gewesen sein?

Ich kann mich auch nur nochmal bedanken für die super Hilfe auf diesem board!

Grüße
Gregor

Alt 05.11.2015, 21:22   #8
schrauber
/// the machine
/// TB-Ausbilder
 

AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



Zeig mal bitte das Logfile von dem Fund.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.11.2015, 16:20   #9
zabbn
 
AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



Hallo!

Wo finde ich denn die logfiles? AVG hat den Fund gemeldet, ohne dass ich einen Scan beauftragt hätte. Ich bin offenbar nicht in der Lage dazu was in einer Suchmaschine zu finden.

Geändert von zabbn (06.11.2015 um 16:25 Uhr) Grund: Fehler entdeckt

Alt 06.11.2015, 16:20   #10
zabbn
 
AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



irrtümlicher post - sorry

Geändert von zabbn (06.11.2015 um 16:26 Uhr)

Alt 07.11.2015, 13:16   #11
schrauber
/// the machine
/// TB-Ausbilder
 

AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



Schau mal in AVG selbst, dem Programm, ob es einen Reiter Berichte oder so gibt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.11.2015, 15:28   #12
zabbn
 
AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



Hallo!

Hatte jetzt gar keine Zeit mehr mich damit zu befassen, Uni-Stress etc.
Jetzt musste ich auch noch feststellen, dass meine AVG Lizenz abgelaufen ist und ich keinen Zugang zu den Berichten mehr habe.

Als ich das letzt Mal geschaut hatte, war aber weder bei den Erkennungen noch bei den Berichten irgendwas zu dem anfänglichen Fund vermerkt...

Wie können wir hier weiter machen? Das System ist soweit stabil und ich sehe keine Symptome...

Sorry für die späte Antwort,

Gregor

Alt 12.11.2015, 17:02   #13
schrauber
/// the machine
/// TB-Ausbilder
 

AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



System einfach mal weiter beobachten
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.11.2015, 09:18   #14
zabbn
 
AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



Ok, danke dir schrauber für deine Mühen! Ich poste dann in diesen Thread, sollte sich noch etwas tun.

Beste Grüße
Gregor

Alt 14.11.2015, 12:39   #15
schrauber
/// the machine
/// TB-Ausbilder
 

AVG-Erkennung auf Win7-System (Agent_c.ALS) - Standard

AVG-Erkennung auf Win7-System (Agent_c.ALS)



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu AVG-Erkennung auf Win7-System (Agent_c.ALS)
adobe, antivirus, avg, computer, cpu, defender, desktop, explorer, firefox, flash player, helper, internet, internet explorer, photoshop, programme, registry, scan, software, super, svchost.exe, system, tcp, temp, udp, warnung, wmp, wrapper



Ähnliche Themen: AVG-Erkennung auf Win7-System (Agent_c.ALS)


  1. Win7 - System verursacht stets 25% CPU-Auslastung
    Alles rund um Windows - 01.02.2015 (12)
  2. Trojaner: Advanced System Protector, Win7
    Log-Analyse und Auswertung - 11.08.2014 (7)
  3. Win7 mit Advanced System Protector, System Speedup und vielen weiteren Plagegeistern
    Plagegeister aller Art und deren Bekämpfung - 10.06.2014 (12)
  4. Win7, Advanced System Protector, System verseucht?
    Log-Analyse und Auswertung - 15.09.2013 (19)
  5. Win7 pro 32 bit hat auf Win XP pro SP3-System ein Multibootsystem installiert
    Alles rund um Windows - 09.05.2013 (18)
  6. GVU-Trojaner befallen/Win7- System wiederhergestellt und nun?
    Plagegeister aller Art und deren Bekämpfung - 10.01.2013 (3)
  7. Bundestrojaner auf WIN7 / 64bit System
    Log-Analyse und Auswertung - 05.10.2012 (15)
  8. GVU-Trojaner auf Win7 (64bit) System
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (9)
  9. Malware Erkennung
    Log-Analyse und Auswertung - 30.04.2012 (3)
  10. Bundestrojaner auf win7 64 Bit System
    Log-Analyse und Auswertung - 24.03.2012 (3)
  11. win7 system blockiert 50 euro strafe
    Plagegeister aller Art und deren Bekämpfung - 26.01.2012 (29)
  12. System Fix Virus auf Laptop mit Win7 64 Bit
    Log-Analyse und Auswertung - 09.12.2011 (19)
  13. System Fix Virus auf Win7 64 Bit
    Plagegeister aller Art und deren Bekämpfung - 18.11.2011 (32)
  14. Win7 64 bit System neu aufsetzen? HijackThis-Log
    Log-Analyse und Auswertung - 15.06.2011 (30)
  15. Trojaner Erkennung?
    Plagegeister aller Art und deren Bekämpfung - 02.01.2008 (0)
  16. Anonym/IP-Erkennung
    Überwachung, Datenschutz und Spam - 26.05.2003 (9)

Zum Thema AVG-Erkennung auf Win7-System (Agent_c.ALS) - Hallo, guten Abend! Habe soeben einen Fund von AVG gemeldet bekommen: Agent_c.ALS Suche spuckt dazu nichts aus, deshalb poste ich meine logfiles: defogger: Code: Alles auswählen Aufklappen ATTFilter defogger_disable by - AVG-Erkennung auf Win7-System (Agent_c.ALS)...
Archiv
Du betrachtest: AVG-Erkennung auf Win7-System (Agent_c.ALS) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.