| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Svchost verbraucht sehr viel ArbeitsspeicherWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.03.2014, 15:00
| #1 |
 |  Svchost verbraucht sehr viel Arbeitsspeicher Hallo, vor kurzer Zeit ist mein PC plötzlich langsamer geworden. Ich habe ein bisschen rumgegooglet und kam dann auf das Problem mit dem Prozess Svchost. Ich hab mir den Svchost Analyzer runtergeladen und gestartet und dann kam das hier:  Ich habe leider gar keine Ahnung von derartigen Sachen deshalb hoffe ich ihr könnt mir helfen. |
|
02.03.2014, 15:26
| #2 |
| /// the machine /// TB-Ausbilder    | Svchost verbraucht sehr viel Arbeitsspeicher 5hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
02.03.2014, 16:02
| #3 |
| | Svchost verbraucht sehr viel Arbeitsspeicher Hier sind die beiden^^
__________________FRST.txt: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2014 01
Ran by Adam (administrator) on ADAM-PC on 02-03-2014 15:58:41
Running from C:\Users\Adam\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-28] (Microsoft Corporation)
HKU\S-1-5-21-1314872181-3393721534-3354367582-1000\...\MountPoints2: {f6e388e9-7a25-11e3-9edd-c86000570f5b} - E:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6CA700261003CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194
FireFox:
========
FF ProfilePath: C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lpom3v7f.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Adam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lpom3v7f.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2014-01-03]
FF Extension: Ask Toolbar - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lpom3v7f.default\Extensions\toolbar_ORJ-V7C@apn.ask.com.xpi [2014-02-25]
FF Extension: Adblock Plus - C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\lpom3v7f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-27]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-29]
CHR Extension: (Google Drive) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-29]
CHR Extension: (YouTube) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-29]
CHR Extension: (Google Search) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-29]
CHR Extension: (Google Wallet) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-29]
CHR Extension: (Gmail) - C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-29]
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-05-24] (Advanced Micro Devices, Inc.)
==================== Drivers (Whitelisted) ====================
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-02 15:58 - 2014-03-02 15:58 - 02156544 _____ (Farbar) C:\Users\Adam\Downloads\FRST64.exe
2014-03-02 15:58 - 2014-03-02 15:58 - 00007727 _____ () C:\Users\Adam\Downloads\FRST.txt
2014-03-02 15:58 - 2014-03-02 15:58 - 00000000 ____D () C:\FRST
2014-03-02 14:40 - 2014-03-02 14:40 - 00000000 ____D () C:\AdwCleaner
2014-03-02 14:39 - 2014-03-02 14:39 - 01244192 _____ () C:\Users\Adam\Downloads\adwcleaner.exe
2014-03-02 14:26 - 2014-03-02 14:39 - 00000000 ____D () C:\Users\Adam\Desktop\mbar
2014-03-02 14:26 - 2014-03-02 14:39 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-02 14:26 - 2014-03-02 14:26 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-02 14:26 - 2014-03-02 14:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-02 14:26 - 2014-03-02 14:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 14:21 - 2014-03-02 14:21 - 00000000 ____D () C:\_OTL
2014-03-02 14:13 - 2014-03-02 14:13 - 02365840 _____ () C:\Users\Adam\Downloads\SecurityTaskManager_Setup.exe
2014-03-02 14:11 - 2014-03-02 14:11 - 00540072 _____ (Neuber Software) C:\Users\Adam\Downloads\svchostanalyzer.exe
2014-02-25 19:29 - 2014-02-25 19:29 - 00000000 ____D () C:\ProgramData\Sun
2014-02-25 19:29 - 2014-02-25 19:29 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-25 19:28 - 2014-02-25 19:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-25 19:28 - 2014-02-25 19:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-25 19:28 - 2014-02-25 19:28 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-25 19:28 - 2014-02-25 19:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-25 19:28 - 2014-02-25 19:28 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-25 18:44 - 2014-02-26 18:21 - 01591936 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-22 21:56 - 2013-04-10 00:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-02-22 21:56 - 2013-04-02 23:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-02-22 21:50 - 2014-03-02 14:42 - 00001736 _____ () C:\Windows\setupact.log
2014-02-22 21:50 - 2014-02-22 21:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-20 15:16 - 2014-02-20 15:16 - 00017308 _____ () C:\Users\Adam\Documents\Platon Handout.odt
2014-02-19 14:09 - 2014-02-19 14:09 - 00002027 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-02-19 14:09 - 2014-02-19 14:09 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-19 14:08 - 2014-02-19 17:29 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-15 14:38 - 2014-02-15 14:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 13:22 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 13:22 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 13:21 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 13:21 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 13:21 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 13:21 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 13:21 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 13:21 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 13:21 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 13:21 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 13:21 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 13:21 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 13:21 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 13:21 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 13:21 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 13:21 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 13:21 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 13:21 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 13:21 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 13:21 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 13:21 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 13:21 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 13:21 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 13:21 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 13:21 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 13:21 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 13:21 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 13:21 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 13:21 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 13:21 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 13:21 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 13:21 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 13:21 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 13:21 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 13:21 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 13:21 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 13:21 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 13:21 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 13:21 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 13:21 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 13:21 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 11:47 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 11:47 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 11:47 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 11:47 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 11:47 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 11:47 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 11:47 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 11:47 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 11:47 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 11:47 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 11:47 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 11:47 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 11:47 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 11:47 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 11:47 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 11:47 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 11:47 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 11:47 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 11:47 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 11:47 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 11:47 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 11:47 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 11:47 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 11:47 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 11:47 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 11:47 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 11:47 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 11:47 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-05 13:51 - 2014-02-05 14:35 - 3192264704 _____ () C:\Users\Adam\Downloads\X15-65741.iso
2014-02-05 13:26 - 2014-02-05 13:26 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\OpenOffice
2014-02-05 13:24 - 2014-02-05 13:24 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-02-05 13:24 - 2014-02-05 13:24 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-05 13:19 - 2014-02-05 13:41 - 00013312 _____ () C:\Users\Adam\Documents\kalender-dezember-2013-tage-untereinander.xls
2014-02-05 13:19 - 2014-02-05 13:21 - 163606685 _____ () C:\Users\Adam\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-02-05 13:18 - 2014-02-05 13:18 - 00046592 _____ () C:\Users\Adam\Documents\kalender-januar-2014-tage-untereinander.xls
==================== One Month Modified Files and Folders =======
2014-03-02 15:58 - 2014-03-02 15:58 - 02156544 _____ (Farbar) C:\Users\Adam\Downloads\FRST64.exe
2014-03-02 15:58 - 2014-03-02 15:58 - 00007727 _____ () C:\Users\Adam\Downloads\FRST.txt
2014-03-02 15:58 - 2014-03-02 15:58 - 00000000 ____D () C:\FRST
2014-03-02 15:44 - 2013-12-29 12:30 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000UA.job
2014-03-02 15:23 - 2013-12-29 01:06 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-02 15:01 - 2013-12-27 16:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-02 14:49 - 2009-07-14 05:45 - 00015600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-02 14:49 - 2009-07-14 05:45 - 00015600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-02 14:43 - 2013-12-27 15:10 - 01160729 _____ () C:\Windows\WindowsUpdate.log
2014-03-02 14:42 - 2014-02-22 21:50 - 00001736 _____ () C:\Windows\setupact.log
2014-03-02 14:42 - 2013-12-29 01:06 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-02 14:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-02 14:40 - 2014-03-02 14:40 - 00000000 ____D () C:\AdwCleaner
2014-03-02 14:39 - 2014-03-02 14:39 - 01244192 _____ () C:\Users\Adam\Downloads\adwcleaner.exe
2014-03-02 14:39 - 2014-03-02 14:26 - 00000000 ____D () C:\Users\Adam\Desktop\mbar
2014-03-02 14:39 - 2014-03-02 14:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-02 14:26 - 2014-03-02 14:26 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-02 14:26 - 2014-03-02 14:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-02 14:26 - 2014-03-02 14:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 14:25 - 2014-01-02 22:03 - 00007633 _____ () C:\Users\Adam\AppData\Local\Resmon.ResmonCfg
2014-03-02 14:21 - 2014-03-02 14:21 - 00000000 ____D () C:\_OTL
2014-03-02 14:13 - 2014-03-02 14:13 - 02365840 _____ () C:\Users\Adam\Downloads\SecurityTaskManager_Setup.exe
2014-03-02 14:11 - 2014-03-02 14:11 - 00540072 _____ (Neuber Software) C:\Users\Adam\Downloads\svchostanalyzer.exe
2014-03-02 13:51 - 2013-12-27 16:07 - 00000000 ____D () C:\Users\Adam\AppData\Local\PMB Files
2014-03-02 12:44 - 2013-12-29 12:30 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000Core.job
2014-03-02 12:40 - 2013-12-27 16:07 - 00000000 ____D () C:\ProgramData\PMB Files
2014-02-28 18:08 - 2013-12-27 21:49 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\TS3Client
2014-02-26 18:21 - 2014-02-25 18:44 - 01591936 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 18:21 - 2009-07-14 18:58 - 00698922 _____ () C:\Windows\system32\perfh007.dat
2014-02-26 18:21 - 2009-07-14 18:58 - 00149062 _____ () C:\Windows\system32\perfc007.dat
2014-02-26 18:21 - 2009-07-14 06:13 - 01591936 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-25 19:29 - 2014-02-25 19:29 - 00000000 ____D () C:\ProgramData\Sun
2014-02-25 19:29 - 2014-02-25 19:29 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-25 19:28 - 2014-02-25 19:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-25 19:28 - 2014-02-25 19:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-25 19:28 - 2014-02-25 19:28 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-25 19:28 - 2014-02-25 19:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-25 19:28 - 2014-02-25 19:28 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-25 19:00 - 2013-12-28 18:04 - 00199244 _____ () C:\Windows\PFRO.log
2014-02-22 21:50 - 2014-02-22 21:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-20 22:02 - 2013-12-27 16:07 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-20 22:02 - 2013-12-27 16:07 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-20 22:02 - 2013-12-27 16:07 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 15:16 - 2014-02-20 15:16 - 00017308 _____ () C:\Users\Adam\Documents\Platon Handout.odt
2014-02-19 17:29 - 2014-02-19 14:08 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-19 14:10 - 2013-12-27 16:08 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Adobe
2014-02-19 14:10 - 2013-12-27 16:05 - 00000000 ____D () C:\Users\Adam\AppData\Local\Adobe
2014-02-19 14:09 - 2014-02-19 14:09 - 00002027 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-02-19 14:09 - 2014-02-19 14:09 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-18 22:45 - 2013-12-27 17:27 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-18 22:45 - 2013-12-27 17:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-18 20:33 - 2014-01-02 16:22 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Rainmeter
2014-02-18 20:33 - 2013-12-27 15:19 - 00000000 ____D () C:\Users\Adam
2014-02-18 20:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-18 20:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-15 21:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-15 17:49 - 2013-12-27 15:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 14:38 - 2014-02-15 14:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 16:18 - 2013-12-29 01:06 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-14 16:18 - 2013-12-29 01:06 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-12 22:48 - 2013-12-29 15:18 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\Skype
2014-02-09 16:42 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-06 13:16 - 2014-02-13 13:21 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 13:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 13:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 13:21 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 13:21 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 13:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 13:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 13:21 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-13 13:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-13 13:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 13:21 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 13:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 13:21 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 13:21 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 13:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 13:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 13:21 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 13:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 13:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 13:21 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 13:21 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 13:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 13:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 13:21 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-13 13:21 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-13 13:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 13:21 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 13:21 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 13:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 13:21 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 13:21 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 13:21 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 13:21 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 13:21 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 13:21 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 13:21 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 13:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 13:21 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 13:21 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 15:59 - 2013-12-27 15:49 - 00064024 _____ () C:\Users\Adam\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-05 15:58 - 2009-07-14 05:45 - 00295824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-05 14:35 - 2014-02-05 13:51 - 3192264704 _____ () C:\Users\Adam\Downloads\X15-65741.iso
2014-02-05 13:42 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-02-05 13:41 - 2014-02-05 13:19 - 00013312 _____ () C:\Users\Adam\Documents\kalender-dezember-2013-tage-untereinander.xls
2014-02-05 13:26 - 2014-02-05 13:26 - 00000000 ____D () C:\Users\Adam\AppData\Roaming\OpenOffice
2014-02-05 13:24 - 2014-02-05 13:24 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-02-05 13:24 - 2014-02-05 13:24 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-02-05 13:21 - 2014-02-05 13:19 - 163606685 _____ () C:\Users\Adam\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-02-05 13:18 - 2014-02-05 13:18 - 00046592 _____ () C:\Users\Adam\Documents\kalender-januar-2014-tage-untereinander.xls
Some content of TEMP:
====================
C:\Users\Adam\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-21 13:02
==================== End Of Log ============================
Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2014 01
Ran by Adam at 2014-03-02 15:59:10
Running from C:\Users\Adam\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Fuel (Version: 2011.0524.2352.41027 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.60524.2309 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0524.2352.41027 - Ihr Firmenname) Hidden
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0A03}) (Version: 12.10.3.34 - APN, LLC) <==== ATTENTION
ATI AVIVO64 Codecs (Version: 11.6.0.10524 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{94D5B25E-194F-AF08-E444-F51FC2038DE5}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0524.2352.41027 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0524.2352.41027 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help English (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help French (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help German (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0524.2351.41027 - ATI) Hidden
ccc-utility64 (Version: 2011.0524.2352.41027 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.206.0 - ATI Technologies Inc.) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0.2 r2161 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6402 - Realtek Semiconductor Corp.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Restore Points =========================
18-02-2014 21:44:41 Windows Update
22-02-2014 10:26:13 Die Service Pack-Sicherungsdateien wurden entfernt.
22-02-2014 22:51:03 Windows Update
25-02-2014 17:41:39 Windows Update
25-02-2014 18:28:19 Installed Java 7 Update 51
26-02-2014 17:19:34 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {099CC8DD-4E67-45CE-A253-32C2D231B9EF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000UA => C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-29] (Facebook Inc.)
Task: {1971877E-8B4F-44CA-90D0-27ED37F54E7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-29] (Google Inc.)
Task: {22EB0AF7-47A0-46D2-97D5-04A0E8405180} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-29] (Google Inc.)
Task: {76243C05-5F33-4A01-A980-0B3DE200B67E} - System32\Tasks\{546A7BFF-7A47-4ABB-8612-B465FB0CFECA} => C:\Users\Adam\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe [2013-12-29] (Facebook Inc.)
Task: {76E7D8DB-08E2-4737-B84F-29572C6F4864} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {8F05DA66-C77E-48BD-9215-AB06E07CED7A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000Core => C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-29] (Facebook Inc.)
Task: {9248D7CB-242A-4BDC-9631-B485D37BBE27} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000Core.job => C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1314872181-3393721534-3354367582-1000UA.job => C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-10-29 21:45 - 2013-10-29 21:45 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2013-10-29 21:45 - 2013-10-29 21:45 - 00798392 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2013-10-29 21:41 - 2013-10-29 21:41 - 00012800 _____ () C:\Program Files\Rainmeter\Plugins\PerfMon.dll
2013-10-29 21:41 - 2013-10-29 21:41 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll
2013-10-29 21:41 - 2013-10-29 21:41 - 00014336 _____ () C:\Program Files\Rainmeter\Plugins\SysInfo.dll
2013-10-29 21:41 - 2013-10-29 21:41 - 00058880 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.dll
2013-10-29 21:41 - 2013-10-29 21:41 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\RecycleManager.dll
2011-05-24 23:18 - 2011-05-24 23:18 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-02-15 14:38 - 2014-02-15 14:38 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-20 22:02 - 2014-02-20 22:02 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Adam\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/02/2014 00:35:23 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.3.0.487, Zeitstempel: 0x530c09d0
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.3.0.487, Zeitstempel: 0x530c09d0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x005c7fd0
ID des fehlerhaften Prozesses: 0xf10
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3
Error: (02/28/2014 03:41:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.3.0.487, Zeitstempel: 0x530c09d0
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.3.0.487, Zeitstempel: 0x530c09d0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x005c7fd0
ID des fehlerhaften Prozesses: 0x2ac
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3
Error: (02/22/2014 11:26:13 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {1539b0bd-2eb4-4ef8-9405-aeff3b4ddc4b}
Error: (02/19/2014 10:53:54 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 27.0.1.5156, Zeitstempel: 0x52fc0faa
Name des fehlerhaften Moduls: xul.dll, Version: 27.0.1.5156, Zeitstempel: 0x52fc0f79
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001560c7
ID des fehlerhaften Prozesses: 0x324
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (02/13/2014 01:34:00 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "mscorlib, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=x86" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (02/12/2014 03:44:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0xfa8
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (02/12/2014 00:25:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.2.0.2718, Zeitstempel: 0x52f5b14e
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.2.0.2718, Zeitstempel: 0x52f5b14e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0029c82f
ID des fehlerhaften Prozesses: 0xdb8
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3
Error: (02/12/2014 00:03:07 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d293
Name des fehlerhaften Moduls: mozalloc.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0af28
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000119c
ID des fehlerhaften Prozesses: 0xe88
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (02/11/2014 10:55:54 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.2.0.2718, Zeitstempel: 0x52f5b14e
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.2.0.2718, Zeitstempel: 0x52f5b14e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00431e00
ID des fehlerhaften Prozesses: 0x3c8
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3
Error: (01/24/2014 03:14:56 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0x7a8
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
System errors:
=============
Error: (03/02/2014 02:40:57 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (03/02/2014 02:22:36 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (03/02/2014 02:21:35 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/02/2014 01:51:44 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (03/02/2014 01:55:58 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (03/01/2014 07:59:43 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (03/01/2014 06:14:37 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (03/01/2014 11:20:01 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (03/01/2014 00:02:33 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (02/28/2014 06:08:11 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Microsoft Office Sessions:
=========================
Error: (03/02/2014 00:35:23 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.3.0.487530c09d0League of Legends.exe4.3.0.487530c09d0c0000005005c7fd0f1001cf3607f4f63d32C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.12\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.12\deploy\League of Legends.exebd9ec4d7-a1fe-11e3-b503-c86000570f5b
Error: (02/28/2014 03:41:49 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.3.0.487530c09d0League of Legends.exe4.3.0.487530c09d0c0000005005c7fd02ac01cf34926529d053C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.12\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.12\deploy\League of Legends.exe7437a886-a086-11e3-8089-c86000570f5b
Error: (02/22/2014 11:26:13 AM) (Source: VSS)(User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {1539b0bd-2eb4-4ef8-9405-aeff3b4ddc4b}
Error: (02/19/2014 10:53:54 PM) (Source: Application Error)(User: )
Description: firefox.exe27.0.1.515652fc0faaxul.dll27.0.1.515652fc0f79c0000005001560c732401cf2da2bba2ad65C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll5305fdd9-99b0-11e3-a894-c86000570f5b
Error: (02/13/2014 01:34:00 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "mscorlib, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=x86" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (02/12/2014 03:44:20 PM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8fa801cf27f4084b4561C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll27c711c7-93f4-11e3-b987-c86000570f5b
Error: (02/12/2014 00:25:10 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.2.0.271852f5b14eLeague of Legends.exe4.2.0.271852f5b14ec00000050029c82fdb801cf27e0a6fa6caeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.7\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.7\deploy\League of Legends.exe54997d20-93d8-11e3-b987-c86000570f5b
Error: (02/12/2014 00:03:07 PM) (Source: Application Error)(User: )
Description: plugin-container.exe26.0.0.508752a0d293mozalloc.dll26.0.0.508752a0af28800000030000119ce8801cf27d908faa767C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll3fd89b77-93d5-11e3-b987-c86000570f5b
Error: (02/11/2014 10:55:54 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.2.0.271852f5b14eLeague of Legends.exe4.2.0.271852f5b14ec000000500431e003c801cf276f386434d2C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.7\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.7\deploy\League of Legends.exe474b580c-9367-11e3-ab4c-c86000570f5b
Error: (01/24/2014 03:14:56 PM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a87a801cf1907f21467a8C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dlle639a115-8501-11e3-a492-c86000570f5b
==================== Memory info ===========================
Percentage of memory in use: 49%
Total physical RAM: 2046.12 MB
Available physical RAM: 1024.64 MB
Total Pagefile: 4092.23 MB
Available Pagefile: 2552.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Windows7) (Fixed) (Total:465.66 GB) (Free:423.9 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 88BA1CE9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
03.03.2014, 13:45
| #4 |
| /// the machine /// TB-Ausbilder | Svchost verbraucht sehr viel Arbeitsspeicher Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
ProcessExplorer als Ersatz für den Windows Taskmanager installieren Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden. Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt. Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.03.2014, 00:52
| #5 |
| | Svchost verbraucht sehr viel Arbeitsspeicher TDSSkiller Code:
ATTFilter 00:31:07.0728 0x0c80 TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
00:31:10.0259 0x0c80 ============================================================
00:31:10.0259 0x0c80 Current date / time: 2014/03/04 00:31:10.0259
00:31:10.0259 0x0c80 SystemInfo:
00:31:10.0259 0x0c80
00:31:10.0259 0x0c80 OS Version: 6.1.7601 ServicePack: 1.0
00:31:10.0259 0x0c80 Product type: Workstation
00:31:10.0259 0x0c80 ComputerName: ADAM-PC
00:31:10.0260 0x0c80 UserName: Adam
00:31:10.0260 0x0c80 Windows directory: C:\Windows
00:31:10.0260 0x0c80 System windows directory: C:\Windows
00:31:10.0260 0x0c80 Running under WOW64
00:31:10.0260 0x0c80 Processor architecture: Intel x64
00:31:10.0260 0x0c80 Number of processors: 2
00:31:10.0260 0x0c80 Page size: 0x1000
00:31:10.0260 0x0c80 Boot type: Normal boot
00:31:10.0260 0x0c80 ============================================================
00:31:11.0103 0x0c80 KLMD registered as C:\Windows\system32\drivers\94770876.sys
00:31:11.0215 0x0c80 System UUID: {E03C2B2E-6148-EC0A-CCD3-A228C74FDD11}
00:31:11.0695 0x0c80 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:31:11.0709 0x0c80 ============================================================
00:31:11.0709 0x0c80 \Device\Harddisk0\DR0:
00:31:11.0709 0x0c80 MBR partitions:
00:31:11.0709 0x0c80 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:31:11.0709 0x0c80 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353030
00:31:11.0709 0x0c80 ============================================================
00:31:11.0824 0x0c80 C: <-> \Device\Harddisk0\DR0\Partition2
00:31:11.0824 0x0c80 ============================================================
00:31:11.0824 0x0c80 Initialize success
00:31:11.0824 0x0c80 ============================================================
00:31:13.0180 0x0c30 ============================================================
00:31:13.0180 0x0c30 Scan started
00:31:13.0180 0x0c30 Mode: Manual;
00:31:13.0180 0x0c30 ============================================================
00:31:13.0180 0x0c30 KSN ping started
00:31:15.0951 0x0c30 KSN ping finished: true
00:31:18.0191 0x0c30 ================ Scan system memory ========================
00:31:18.0191 0x0c30 System memory - ok
00:31:18.0193 0x0c30 ================ Scan services =============================
00:31:19.0786 0x0c30 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:31:19.0805 0x0c30 1394ohci - ok
00:31:19.0886 0x0c30 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:31:19.0897 0x0c30 ACPI - ok
00:31:19.0935 0x0c30 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:31:19.0938 0x0c30 AcpiPmi - ok
00:31:20.0064 0x0c30 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:31:20.0094 0x0c30 AdobeARMservice - ok
00:31:20.0244 0x0c30 [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:31:20.0250 0x0c30 AdobeFlashPlayerUpdateSvc - ok
00:31:20.0338 0x0c30 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:31:20.0359 0x0c30 adp94xx - ok
00:31:20.0412 0x0c30 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:31:20.0423 0x0c30 adpahci - ok
00:31:20.0448 0x0c30 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:31:20.0455 0x0c30 adpu320 - ok
00:31:20.0488 0x0c30 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:31:20.0491 0x0c30 AeLookupSvc - ok
00:31:20.0568 0x0c30 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
00:31:20.0595 0x0c30 AFD - ok
00:31:20.0629 0x0c30 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
00:31:20.0633 0x0c30 agp440 - ok
00:31:20.0648 0x0c30 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
00:31:20.0651 0x0c30 ALG - ok
00:31:20.0681 0x0c30 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
00:31:20.0683 0x0c30 aliide - ok
00:31:20.0718 0x0c30 [ 514089CB4A7DF38DC4DD936ADE4114D3, 22941C8FE50C5BEFDDCF4C5A0AB7633DD692D432145738752EA446042B89CFA9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:31:20.0725 0x0c30 AMD External Events Utility - ok
00:31:20.0814 0x0c30 AMD FUEL Service - ok
00:31:20.0847 0x0c30 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
00:31:20.0851 0x0c30 amdide - ok
00:31:20.0890 0x0c30 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
00:31:20.0896 0x0c30 amdiox64 - ok
00:31:20.0958 0x0c30 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:31:20.0964 0x0c30 AmdK8 - ok
00:31:21.0723 0x0c30 [ 9A4B92150A5E259A7159D914CC3A60D7, 86347094D75B2530B24F00B3ACF9D1F8C330938472D67AC38462742E98762484 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
00:31:22.0003 0x0c30 amdkmdag - ok
00:31:22.0269 0x0c30 [ 9DEB889D152F9C9DBA98BE8986084535, 0125ACA28B1043748DBF555D1935E271A398ACEB07E5C79932E7DC0D1A7028A1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
00:31:22.0326 0x0c30 amdkmdap - ok
00:31:22.0365 0x0c30 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:31:22.0368 0x0c30 AmdPPM - ok
00:31:22.0405 0x0c30 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:31:22.0411 0x0c30 amdsata - ok
00:31:22.0459 0x0c30 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:31:22.0480 0x0c30 amdsbs - ok
00:31:22.0503 0x0c30 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:31:22.0505 0x0c30 amdxata - ok
00:31:22.0538 0x0c30 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
00:31:22.0544 0x0c30 AppID - ok
00:31:22.0573 0x0c30 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:31:22.0578 0x0c30 AppIDSvc - ok
00:31:22.0609 0x0c30 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
00:31:22.0615 0x0c30 Appinfo - ok
00:31:22.0643 0x0c30 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
00:31:22.0651 0x0c30 arc - ok
00:31:22.0684 0x0c30 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:31:22.0693 0x0c30 arcsas - ok
00:31:23.0476 0x0c30 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:31:23.0508 0x0c30 aspnet_state - ok
00:31:23.0549 0x0c30 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:31:23.0552 0x0c30 AsyncMac - ok
00:31:23.0579 0x0c30 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
00:31:23.0581 0x0c30 atapi - ok
00:31:23.0632 0x0c30 [ CBD14F698DEF12EE3557604B726CB8EB, 45EDD88B18F2DE9024851BFDE9DC0CA943692DD306CB3A0822F4A5C0C3D7CDD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
00:31:23.0642 0x0c30 AtiHDAudioService - ok
00:31:23.0679 0x0c30 [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
00:31:23.0682 0x0c30 AtiPcie - ok
00:31:23.0768 0x0c30 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:31:23.0808 0x0c30 AudioEndpointBuilder - ok
00:31:23.0844 0x0c30 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:31:23.0861 0x0c30 AudioSrv - ok
00:31:23.0961 0x0c30 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:31:23.0971 0x0c30 AxInstSV - ok
00:31:24.0040 0x0c30 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:31:24.0062 0x0c30 b06bdrv - ok
00:31:24.0125 0x0c30 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:31:24.0151 0x0c30 b57nd60a - ok
00:31:24.0227 0x0c30 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
00:31:24.0235 0x0c30 BDESVC - ok
00:31:24.0269 0x0c30 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
00:31:24.0270 0x0c30 Beep - ok
00:31:24.0491 0x0c30 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
00:31:24.0553 0x0c30 BFE - ok
00:31:24.0708 0x0c30 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
00:31:24.0747 0x0c30 BITS - ok
00:31:24.0768 0x0c30 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:31:24.0770 0x0c30 blbdrive - ok
00:31:24.0838 0x0c30 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:31:24.0847 0x0c30 bowser - ok
00:31:24.0881 0x0c30 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:31:24.0885 0x0c30 BrFiltLo - ok
00:31:24.0905 0x0c30 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:31:24.0908 0x0c30 BrFiltUp - ok
00:31:24.0945 0x0c30 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
00:31:24.0955 0x0c30 Browser - ok
00:31:24.0984 0x0c30 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:31:24.0995 0x0c30 Brserid - ok
00:31:25.0015 0x0c30 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:31:25.0018 0x0c30 BrSerWdm - ok
00:31:25.0034 0x0c30 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:31:25.0036 0x0c30 BrUsbMdm - ok
00:31:25.0047 0x0c30 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:31:25.0048 0x0c30 BrUsbSer - ok
00:31:25.0064 0x0c30 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:31:25.0068 0x0c30 BTHMODEM - ok
00:31:25.0094 0x0c30 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
00:31:25.0099 0x0c30 bthserv - ok
00:31:25.0122 0x0c30 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:31:25.0126 0x0c30 cdfs - ok
00:31:25.0183 0x0c30 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:31:25.0202 0x0c30 cdrom - ok
00:31:25.0292 0x0c30 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
00:31:25.0309 0x0c30 CertPropSvc - ok
00:31:25.0322 0x0c30 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:31:25.0324 0x0c30 circlass - ok
00:31:25.0349 0x0c30 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
00:31:25.0357 0x0c30 CLFS - ok
00:31:25.0435 0x0c30 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:31:25.0447 0x0c30 clr_optimization_v2.0.50727_32 - ok
00:31:25.0512 0x0c30 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:31:25.0528 0x0c30 clr_optimization_v2.0.50727_64 - ok
00:31:25.0582 0x0c30 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:31:25.0620 0x0c30 clr_optimization_v4.0.30319_32 - ok
00:31:25.0655 0x0c30 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:31:25.0670 0x0c30 clr_optimization_v4.0.30319_64 - ok
00:31:25.0696 0x0c30 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:31:25.0698 0x0c30 CmBatt - ok
00:31:25.0714 0x0c30 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:31:25.0716 0x0c30 cmdide - ok
00:31:25.0749 0x0c30 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
00:31:25.0764 0x0c30 CNG - ok
00:31:25.0796 0x0c30 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:31:25.0805 0x0c30 Compbatt - ok
00:31:25.0841 0x0c30 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:31:25.0846 0x0c30 CompositeBus - ok
00:31:25.0858 0x0c30 COMSysApp - ok
00:31:25.0878 0x0c30 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:31:25.0881 0x0c30 crcdisk - ok
00:31:25.0920 0x0c30 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:31:25.0926 0x0c30 CryptSvc - ok
00:31:25.0976 0x0c30 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:31:25.0992 0x0c30 DcomLaunch - ok
00:31:26.0024 0x0c30 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
00:31:26.0031 0x0c30 defragsvc - ok
00:31:26.0052 0x0c30 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:31:26.0055 0x0c30 DfsC - ok
00:31:26.0076 0x0c30 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
00:31:26.0083 0x0c30 Dhcp - ok
00:31:26.0114 0x0c30 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
00:31:26.0117 0x0c30 discache - ok
00:31:26.0138 0x0c30 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:31:26.0141 0x0c30 Disk - ok
00:31:26.0170 0x0c30 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:31:26.0174 0x0c30 Dnscache - ok
00:31:26.0200 0x0c30 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
00:31:26.0207 0x0c30 dot3svc - ok
00:31:26.0251 0x0c30 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
00:31:26.0254 0x0c30 DPS - ok
00:31:26.0282 0x0c30 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:31:26.0284 0x0c30 drmkaud - ok
00:31:26.0335 0x0c30 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:31:26.0357 0x0c30 DXGKrnl - ok
00:31:26.0389 0x0c30 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
00:31:26.0393 0x0c30 EapHost - ok
00:31:26.0549 0x0c30 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:31:26.0667 0x0c30 ebdrv - ok
00:31:26.0690 0x0c30 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
00:31:26.0698 0x0c30 EFS - ok
00:31:26.0860 0x0c30 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:31:26.0884 0x0c30 ehRecvr - ok
00:31:26.0928 0x0c30 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
00:31:26.0948 0x0c30 ehSched - ok
00:31:27.0025 0x0c30 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:31:27.0052 0x0c30 elxstor - ok
00:31:27.0082 0x0c30 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:31:27.0085 0x0c30 ErrDev - ok
00:31:27.0142 0x0c30 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
00:31:27.0155 0x0c30 EventSystem - ok
00:31:27.0180 0x0c30 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
00:31:27.0185 0x0c30 exfat - ok
00:31:27.0201 0x0c30 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:31:27.0206 0x0c30 fastfat - ok
00:31:27.0257 0x0c30 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
00:31:27.0273 0x0c30 Fax - ok
00:31:27.0294 0x0c30 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:31:27.0296 0x0c30 fdc - ok
00:31:27.0317 0x0c30 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
00:31:27.0318 0x0c30 fdPHost - ok
00:31:27.0325 0x0c30 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
00:31:27.0327 0x0c30 FDResPub - ok
00:31:27.0340 0x0c30 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:31:27.0343 0x0c30 FileInfo - ok
00:31:27.0354 0x0c30 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:31:27.0357 0x0c30 Filetrace - ok
00:31:27.0368 0x0c30 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:31:27.0369 0x0c30 flpydisk - ok
00:31:27.0454 0x0c30 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:31:27.0465 0x0c30 FltMgr - ok
00:31:27.0524 0x0c30 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
00:31:27.0550 0x0c30 FontCache - ok
00:31:27.0607 0x0c30 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:31:27.0609 0x0c30 FontCache3.0.0.0 - ok
00:31:27.0629 0x0c30 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:31:27.0636 0x0c30 FsDepends - ok
00:31:27.0653 0x0c30 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:31:27.0655 0x0c30 Fs_Rec - ok
00:31:27.0690 0x0c30 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:31:27.0699 0x0c30 fvevol - ok
00:31:27.0719 0x0c30 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:31:27.0723 0x0c30 gagp30kx - ok
00:31:27.0785 0x0c30 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
00:31:27.0811 0x0c30 gpsvc - ok
00:31:27.0899 0x0c30 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:31:27.0914 0x0c30 gupdate - ok
00:31:27.0944 0x0c30 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:31:27.0952 0x0c30 gupdatem - ok
00:31:27.0975 0x0c30 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:31:27.0978 0x0c30 hcw85cir - ok
00:31:28.0030 0x0c30 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:31:28.0053 0x0c30 HdAudAddService - ok
00:31:28.0075 0x0c30 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
00:31:28.0080 0x0c30 HDAudBus - ok
00:31:28.0100 0x0c30 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:31:28.0103 0x0c30 HidBatt - ok
00:31:28.0118 0x0c30 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:31:28.0123 0x0c30 HidBth - ok
00:31:28.0135 0x0c30 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:31:28.0138 0x0c30 HidIr - ok
00:31:28.0167 0x0c30 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
00:31:28.0177 0x0c30 hidserv - ok
00:31:28.0215 0x0c30 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
00:31:28.0219 0x0c30 HidUsb - ok
00:31:28.0253 0x0c30 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:31:28.0263 0x0c30 hkmsvc - ok
00:31:28.0299 0x0c30 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:31:28.0306 0x0c30 HomeGroupListener - ok
00:31:28.0320 0x0c30 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:31:28.0325 0x0c30 HomeGroupProvider - ok
00:31:28.0356 0x0c30 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:31:28.0363 0x0c30 HpSAMD - ok
00:31:28.0415 0x0c30 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:31:28.0437 0x0c30 HTTP - ok
00:31:28.0451 0x0c30 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:31:28.0453 0x0c30 hwpolicy - ok
00:31:28.0476 0x0c30 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
00:31:28.0480 0x0c30 i8042prt - ok
00:31:28.0519 0x0c30 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:31:28.0530 0x0c30 iaStorV - ok
00:31:28.0609 0x0c30 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:31:28.0636 0x0c30 idsvc - ok
00:31:28.0645 0x0c30 IEEtwCollectorService - ok
00:31:28.0700 0x0c30 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:31:28.0705 0x0c30 iirsp - ok
00:31:28.0784 0x0c30 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
00:31:28.0811 0x0c30 IKEEXT - ok
00:31:28.0968 0x0c30 [ EB5FA493A4B6EA290200AE39EBA2FBC6, 1C2797058A52D87D0F4412F40D372BABB7E4E4146F6DA5F4FFB7C6BA026A1FAC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:31:29.0097 0x0c30 IntcAzAudAddService - ok
00:31:29.0129 0x0c30 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
00:31:29.0132 0x0c30 intelide - ok
00:31:29.0157 0x0c30 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:31:29.0164 0x0c30 intelppm - ok
00:31:29.0188 0x0c30 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:31:29.0193 0x0c30 IPBusEnum - ok
00:31:29.0219 0x0c30 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:31:29.0223 0x0c30 IpFilterDriver - ok
00:31:29.0262 0x0c30 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:31:29.0281 0x0c30 iphlpsvc - ok
00:31:29.0303 0x0c30 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:31:29.0306 0x0c30 IPMIDRV - ok
00:31:29.0323 0x0c30 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:31:29.0328 0x0c30 IPNAT - ok
00:31:29.0353 0x0c30 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:31:29.0355 0x0c30 IRENUM - ok
00:31:29.0385 0x0c30 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:31:29.0387 0x0c30 isapnp - ok
00:31:29.0400 0x0c30 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:31:29.0407 0x0c30 iScsiPrt - ok
00:31:29.0420 0x0c30 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
00:31:29.0423 0x0c30 kbdclass - ok
00:31:29.0457 0x0c30 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
00:31:29.0459 0x0c30 kbdhid - ok
00:31:29.0470 0x0c30 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
00:31:29.0471 0x0c30 KeyIso - ok
00:31:29.0490 0x0c30 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:31:29.0494 0x0c30 KSecDD - ok
00:31:29.0507 0x0c30 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:31:29.0512 0x0c30 KSecPkg - ok
00:31:29.0518 0x0c30 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:31:29.0520 0x0c30 ksthunk - ok
00:31:29.0558 0x0c30 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
00:31:29.0568 0x0c30 KtmRm - ok
00:31:29.0600 0x0c30 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:31:29.0606 0x0c30 LanmanServer - ok
00:31:29.0642 0x0c30 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:31:29.0663 0x0c30 LanmanWorkstation - ok
00:31:29.0706 0x0c30 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:31:29.0710 0x0c30 lltdio - ok
00:31:29.0739 0x0c30 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:31:29.0757 0x0c30 lltdsvc - ok
00:31:29.0773 0x0c30 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:31:29.0775 0x0c30 lmhosts - ok
00:31:29.0795 0x0c30 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:31:29.0800 0x0c30 LSI_FC - ok
00:31:29.0832 0x0c30 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:31:29.0837 0x0c30 LSI_SAS - ok
00:31:29.0849 0x0c30 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:31:29.0852 0x0c30 LSI_SAS2 - ok
00:31:29.0866 0x0c30 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:31:29.0872 0x0c30 LSI_SCSI - ok
00:31:29.0888 0x0c30 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
00:31:29.0893 0x0c30 luafv - ok
00:31:29.0923 0x0c30 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:31:29.0928 0x0c30 Mcx2Svc - ok
00:31:29.0941 0x0c30 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:31:29.0943 0x0c30 megasas - ok
00:31:29.0974 0x0c30 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:31:29.0984 0x0c30 MegaSR - ok
00:31:30.0019 0x0c30 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
00:31:30.0024 0x0c30 MMCSS - ok
00:31:30.0044 0x0c30 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
00:31:30.0048 0x0c30 Modem - ok
00:31:30.0063 0x0c30 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:31:30.0065 0x0c30 monitor - ok
00:31:30.0080 0x0c30 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
00:31:30.0083 0x0c30 mouclass - ok
00:31:30.0104 0x0c30 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:31:30.0106 0x0c30 mouhid - ok
00:31:30.0142 0x0c30 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:31:30.0146 0x0c30 mountmgr - ok
00:31:30.0198 0x0c30 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:31:30.0210 0x0c30 MozillaMaintenance - ok
00:31:30.0253 0x0c30 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
00:31:30.0259 0x0c30 mpio - ok
00:31:30.0306 0x0c30 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:31:30.0310 0x0c30 mpsdrv - ok
00:31:30.0365 0x0c30 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:31:30.0390 0x0c30 MpsSvc - ok
00:31:30.0411 0x0c30 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:31:30.0414 0x0c30 MRxDAV - ok
00:31:30.0441 0x0c30 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:31:30.0445 0x0c30 mrxsmb - ok
00:31:30.0464 0x0c30 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:31:30.0471 0x0c30 mrxsmb10 - ok
00:31:30.0487 0x0c30 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:31:30.0490 0x0c30 mrxsmb20 - ok
00:31:30.0518 0x0c30 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
00:31:30.0520 0x0c30 msahci - ok
00:31:30.0547 0x0c30 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
00:31:30.0552 0x0c30 MSCamSvc - ok
00:31:30.0585 0x0c30 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:31:30.0589 0x0c30 msdsm - ok
00:31:30.0615 0x0c30 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
00:31:30.0619 0x0c30 MSDTC - ok
00:31:30.0662 0x0c30 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:31:30.0664 0x0c30 Msfs - ok
00:31:30.0672 0x0c30 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:31:30.0673 0x0c30 mshidkmdf - ok
00:31:30.0689 0x0c30 [ 26668CC2920DE2497A8E369B16E48CA3, 968E2000F20E538922288AB57596B8134E98946899D98E2493722CB3EEE18B14 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
00:31:30.0691 0x0c30 MSHUSBVideo - ok
00:31:30.0718 0x0c30 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:31:30.0728 0x0c30 msisadrv - ok
00:31:30.0768 0x0c30 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:31:30.0782 0x0c30 MSiSCSI - ok
00:31:30.0790 0x0c30 msiserver - ok
00:31:30.0820 0x0c30 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:31:30.0823 0x0c30 MSKSSRV - ok
00:31:30.0849 0x0c30 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:31:30.0851 0x0c30 MSPCLOCK - ok
00:31:30.0860 0x0c30 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:31:30.0862 0x0c30 MSPQM - ok
00:31:30.0898 0x0c30 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:31:30.0910 0x0c30 MsRPC - ok
00:31:30.0930 0x0c30 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:31:30.0933 0x0c30 mssmbios - ok
00:31:30.0949 0x0c30 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:31:30.0950 0x0c30 MSTEE - ok
00:31:30.0962 0x0c30 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:31:30.0964 0x0c30 MTConfig - ok
00:31:31.0000 0x0c30 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
00:31:31.0003 0x0c30 MTsensor - ok
00:31:31.0029 0x0c30 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
00:31:31.0036 0x0c30 Mup - ok
00:31:31.0070 0x0c30 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
00:31:31.0087 0x0c30 napagent - ok
00:31:31.0126 0x0c30 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:31:31.0137 0x0c30 NativeWifiP - ok
00:31:31.0222 0x0c30 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
00:31:31.0252 0x0c30 NDIS - ok
00:31:31.0274 0x0c30 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:31:31.0277 0x0c30 NdisCap - ok
00:31:31.0291 0x0c30 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:31:31.0293 0x0c30 NdisTapi - ok
00:31:31.0327 0x0c30 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:31:31.0330 0x0c30 Ndisuio - ok
00:31:31.0360 0x0c30 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:31:31.0365 0x0c30 NdisWan - ok
00:31:31.0393 0x0c30 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:31:31.0396 0x0c30 NDProxy - ok
00:31:31.0412 0x0c30 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:31:31.0414 0x0c30 NetBIOS - ok
00:31:31.0446 0x0c30 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:31:31.0453 0x0c30 NetBT - ok
00:31:31.0468 0x0c30 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
00:31:31.0469 0x0c30 Netlogon - ok
00:31:31.0504 0x0c30 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
00:31:31.0513 0x0c30 Netman - ok
00:31:31.0537 0x0c30 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:31:31.0551 0x0c30 NetMsmqActivator - ok
00:31:31.0557 0x0c30 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:31:31.0560 0x0c30 NetPipeActivator - ok
00:31:31.0583 0x0c30 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
00:31:31.0594 0x0c30 netprofm - ok
00:31:31.0606 0x0c30 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:31:31.0609 0x0c30 NetTcpActivator - ok
00:31:31.0615 0x0c30 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:31:31.0618 0x0c30 NetTcpPortSharing - ok
00:31:31.0667 0x0c30 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:31:31.0673 0x0c30 nfrd960 - ok
00:31:31.0713 0x0c30 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:31:31.0727 0x0c30 NlaSvc - ok
00:31:31.0741 0x0c30 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:31:31.0744 0x0c30 Npfs - ok
00:31:31.0758 0x0c30 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
00:31:31.0761 0x0c30 nsi - ok
00:31:31.0771 0x0c30 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:31:31.0774 0x0c30 nsiproxy - ok
00:31:31.0845 0x0c30 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:31:31.0900 0x0c30 Ntfs - ok
00:31:31.0911 0x0c30 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
00:31:31.0912 0x0c30 Null - ok
00:31:31.0946 0x0c30 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:31:31.0950 0x0c30 nvraid - ok
00:31:31.0968 0x0c30 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:31:31.0973 0x0c30 nvstor - ok
00:31:31.0993 0x0c30 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:31:31.0998 0x0c30 nv_agp - ok
00:31:32.0010 0x0c30 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:31:32.0012 0x0c30 ohci1394 - ok
00:31:32.0042 0x0c30 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:31:32.0050 0x0c30 p2pimsvc - ok
00:31:32.0070 0x0c30 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
00:31:32.0080 0x0c30 p2psvc - ok
00:31:32.0097 0x0c30 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:31:32.0101 0x0c30 Parport - ok
00:31:32.0121 0x0c30 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:31:32.0124 0x0c30 partmgr - ok
00:31:32.0142 0x0c30 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
00:31:32.0147 0x0c30 PcaSvc - ok
00:31:32.0161 0x0c30 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
00:31:32.0166 0x0c30 pci - ok
00:31:32.0187 0x0c30 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
00:31:32.0189 0x0c30 pciide - ok
00:31:32.0209 0x0c30 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:31:32.0216 0x0c30 pcmcia - ok
00:31:32.0230 0x0c30 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
00:31:32.0232 0x0c30 pcw - ok
00:31:32.0255 0x0c30 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:31:32.0269 0x0c30 PEAUTH - ok
00:31:32.0366 0x0c30 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:31:32.0380 0x0c30 PerfHost - ok
00:31:32.0452 0x0c30 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
00:31:32.0493 0x0c30 pla - ok
00:31:32.0515 0x0c30 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:31:32.0525 0x0c30 PlugPlay - ok
00:31:32.0547 0x0c30 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:31:32.0549 0x0c30 PNRPAutoReg - ok
00:31:32.0566 0x0c30 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:31:32.0572 0x0c30 PNRPsvc - ok
00:31:32.0649 0x0c30 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:31:32.0682 0x0c30 PolicyAgent - ok
00:31:32.0718 0x0c30 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
00:31:32.0723 0x0c30 Power - ok
00:31:32.0761 0x0c30 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:31:32.0765 0x0c30 PptpMiniport - ok
00:31:32.0789 0x0c30 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:31:32.0792 0x0c30 Processor - ok
00:31:32.0823 0x0c30 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
00:31:32.0829 0x0c30 ProfSvc - ok
00:31:32.0843 0x0c30 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
00:31:32.0844 0x0c30 ProtectedStorage - ok
00:31:32.0890 0x0c30 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:31:32.0904 0x0c30 Psched - ok
00:31:32.0973 0x0c30 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:31:33.0017 0x0c30 ql2300 - ok
00:31:33.0064 0x0c30 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:31:33.0084 0x0c30 ql40xx - ok
00:31:33.0125 0x0c30 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
00:31:33.0135 0x0c30 QWAVE - ok
00:31:33.0152 0x0c30 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:31:33.0155 0x0c30 QWAVEdrv - ok
00:31:33.0173 0x0c30 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:31:33.0175 0x0c30 RasAcd - ok
00:31:33.0215 0x0c30 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:31:33.0218 0x0c30 RasAgileVpn - ok
00:31:33.0232 0x0c30 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
00:31:33.0236 0x0c30 RasAuto - ok
00:31:33.0268 0x0c30 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:31:33.0272 0x0c30 Rasl2tp - ok
00:31:33.0288 0x0c30 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
00:31:33.0296 0x0c30 RasMan - ok
00:31:33.0312 0x0c30 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:31:33.0316 0x0c30 RasPppoe - ok
00:31:33.0333 0x0c30 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:31:33.0336 0x0c30 RasSstp - ok
00:31:33.0370 0x0c30 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:31:33.0377 0x0c30 rdbss - ok
00:31:33.0394 0x0c30 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:31:33.0396 0x0c30 rdpbus - ok
00:31:33.0412 0x0c30 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:31:33.0413 0x0c30 RDPCDD - ok
00:31:33.0439 0x0c30 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:31:33.0440 0x0c30 RDPENCDD - ok
00:31:33.0451 0x0c30 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:31:33.0452 0x0c30 RDPREFMP - ok
00:31:33.0478 0x0c30 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:31:33.0483 0x0c30 RDPWD - ok
00:31:33.0519 0x0c30 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:31:33.0524 0x0c30 rdyboost - ok
00:31:33.0558 0x0c30 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:31:33.0565 0x0c30 RemoteAccess - ok
00:31:33.0591 0x0c30 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:31:33.0596 0x0c30 RemoteRegistry - ok
00:31:33.0617 0x0c30 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:31:33.0621 0x0c30 RpcEptMapper - ok
00:31:33.0632 0x0c30 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
00:31:33.0634 0x0c30 RpcLocator - ok
00:31:33.0683 0x0c30 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
00:31:33.0708 0x0c30 RpcSs - ok
00:31:33.0744 0x0c30 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:31:33.0748 0x0c30 rspndr - ok
00:31:33.0808 0x0c30 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
00:31:33.0824 0x0c30 RTL8167 - ok
00:31:33.0833 0x0c30 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
00:31:33.0835 0x0c30 SamSs - ok
00:31:33.0866 0x0c30 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:31:33.0870 0x0c30 sbp2port - ok
00:31:33.0894 0x0c30 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:31:33.0900 0x0c30 SCardSvr - ok
00:31:33.0927 0x0c30 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:31:33.0929 0x0c30 scfilter - ok
00:31:34.0014 0x0c30 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
00:31:34.0050 0x0c30 Schedule - ok
00:31:34.0076 0x0c30 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:31:34.0078 0x0c30 SCPolicySvc - ok
00:31:34.0111 0x0c30 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:31:34.0117 0x0c30 SDRSVC - ok
00:31:34.0162 0x0c30 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:31:34.0166 0x0c30 secdrv - ok
00:31:34.0196 0x0c30 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
00:31:34.0211 0x0c30 seclogon - ok
00:31:34.0249 0x0c30 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
00:31:34.0258 0x0c30 SENS - ok
00:31:34.0270 0x0c30 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:31:34.0274 0x0c30 SensrSvc - ok
00:31:34.0295 0x0c30 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:31:34.0297 0x0c30 Serenum - ok
00:31:34.0312 0x0c30 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:31:34.0316 0x0c30 Serial - ok
00:31:34.0333 0x0c30 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:31:34.0335 0x0c30 sermouse - ok
00:31:34.0367 0x0c30 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
00:31:34.0373 0x0c30 SessionEnv - ok
00:31:34.0402 0x0c30 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:31:34.0403 0x0c30 sffdisk - ok
00:31:34.0417 0x0c30 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:31:34.0420 0x0c30 sffp_mmc - ok
00:31:34.0431 0x0c30 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:31:34.0432 0x0c30 sffp_sd - ok
00:31:34.0442 0x0c30 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:31:34.0444 0x0c30 sfloppy - ok
00:31:34.0476 0x0c30 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:31:34.0485 0x0c30 SharedAccess - ok
00:31:34.0507 0x0c30 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:31:34.0527 0x0c30 ShellHWDetection - ok
00:31:34.0540 0x0c30 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:31:34.0542 0x0c30 SiSRaid2 - ok
00:31:34.0555 0x0c30 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:31:34.0558 0x0c30 SiSRaid4 - ok
00:31:34.0594 0x0c30 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:31:34.0599 0x0c30 SkypeUpdate - ok
00:31:34.0622 0x0c30 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:31:34.0625 0x0c30 Smb - ok
00:31:34.0667 0x0c30 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:31:34.0670 0x0c30 SNMPTRAP - ok
00:31:34.0682 0x0c30 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
00:31:34.0684 0x0c30 spldr - ok
00:31:34.0720 0x0c30 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
00:31:34.0741 0x0c30 Spooler - ok
00:31:34.0895 0x0c30 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
00:31:35.0020 0x0c30 sppsvc - ok
00:31:35.0069 0x0c30 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:31:35.0080 0x0c30 sppuinotify - ok
00:31:35.0137 0x0c30 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:31:35.0154 0x0c30 srv - ok
00:31:35.0183 0x0c30 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:31:35.0197 0x0c30 srv2 - ok
00:31:35.0215 0x0c30 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:31:35.0221 0x0c30 srvnet - ok
00:31:35.0271 0x0c30 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:31:35.0288 0x0c30 SSDPSRV - ok
00:31:35.0317 0x0c30 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:31:35.0322 0x0c30 SstpSvc - ok
00:31:35.0346 0x0c30 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:31:35.0348 0x0c30 stexstor - ok
00:31:35.0398 0x0c30 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
00:31:35.0417 0x0c30 stisvc - ok
00:31:35.0443 0x0c30 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
00:31:35.0445 0x0c30 swenum - ok
00:31:35.0490 0x0c30 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
00:31:35.0503 0x0c30 swprv - ok
00:31:35.0616 0x0c30 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
00:31:35.0713 0x0c30 SysMain - ok
00:31:35.0754 0x0c30 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:31:35.0760 0x0c30 TabletInputService - ok
00:31:35.0782 0x0c30 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
00:31:35.0790 0x0c30 TapiSrv - ok
00:31:35.0820 0x0c30 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
00:31:35.0824 0x0c30 TBS - ok
00:31:35.0926 0x0c30 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:31:35.0988 0x0c30 Tcpip - ok
00:31:36.0104 0x0c30 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:31:36.0136 0x0c30 TCPIP6 - ok
00:31:36.0169 0x0c30 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:31:36.0171 0x0c30 tcpipreg - ok
00:31:36.0202 0x0c30 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:31:36.0204 0x0c30 TDPIPE - ok
00:31:36.0223 0x0c30 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:31:36.0224 0x0c30 TDTCP - ok
00:31:36.0262 0x0c30 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:31:36.0266 0x0c30 tdx - ok
00:31:36.0482 0x0c30 [ 2B29FD3AF7B4FEB272CD1F6EEC8FE4BA, 2E3E775218F1A9DCD977C7D42D0AADDA83A76DCBF65FB25E0F0215ABE3D55C5B ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
00:31:36.0635 0x0c30 TeamViewer9 - ok
00:31:36.0675 0x0c30 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
00:31:36.0677 0x0c30 TermDD - ok
00:31:36.0706 0x0c30 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
00:31:36.0722 0x0c30 TermService - ok
00:31:36.0748 0x0c30 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
00:31:36.0751 0x0c30 Themes - ok
00:31:36.0763 0x0c30 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
00:31:36.0765 0x0c30 THREADORDER - ok
00:31:36.0797 0x0c30 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
00:31:36.0802 0x0c30 TrkWks - ok
00:31:36.0861 0x0c30 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:31:36.0875 0x0c30 TrustedInstaller - ok
00:31:36.0903 0x0c30 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:31:36.0906 0x0c30 tssecsrv - ok
00:31:36.0954 0x0c30 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:31:36.0958 0x0c30 TsUsbFlt - ok
00:31:37.0005 0x0c30 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:31:37.0016 0x0c30 tunnel - ok
00:31:37.0047 0x0c30 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:31:37.0051 0x0c30 uagp35 - ok
00:31:37.0077 0x0c30 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:31:37.0089 0x0c30 udfs - ok
00:31:37.0117 0x0c30 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:31:37.0120 0x0c30 UI0Detect - ok
00:31:37.0134 0x0c30 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:31:37.0137 0x0c30 uliagpkx - ok
00:31:37.0167 0x0c30 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
00:31:37.0169 0x0c30 umbus - ok
00:31:37.0180 0x0c30 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:31:37.0181 0x0c30 UmPass - ok
00:31:37.0215 0x0c30 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
00:31:37.0225 0x0c30 upnphost - ok
00:31:37.0258 0x0c30 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
00:31:37.0261 0x0c30 usbaudio - ok
00:31:37.0277 0x0c30 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:31:37.0280 0x0c30 usbccgp - ok
00:31:37.0306 0x0c30 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:31:37.0309 0x0c30 usbcir - ok
00:31:37.0329 0x0c30 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:31:37.0331 0x0c30 usbehci - ok
00:31:37.0360 0x0c30 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:31:37.0368 0x0c30 usbhub - ok
00:31:37.0382 0x0c30 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
00:31:37.0384 0x0c30 usbohci - ok
00:31:37.0404 0x0c30 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:31:37.0406 0x0c30 usbprint - ok
00:31:37.0428 0x0c30 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
00:31:37.0430 0x0c30 usbscan - ok
00:31:37.0443 0x0c30 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:31:37.0447 0x0c30 USBSTOR - ok
00:31:37.0459 0x0c30 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:31:37.0461 0x0c30 usbuhci - ok
00:31:37.0484 0x0c30 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
00:31:37.0489 0x0c30 usbvideo - ok
00:31:37.0516 0x0c30 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
00:31:37.0519 0x0c30 UxSms - ok
00:31:37.0530 0x0c30 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
00:31:37.0531 0x0c30 VaultSvc - ok
00:31:37.0562 0x0c30 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:31:37.0564 0x0c30 vdrvroot - ok
00:31:37.0630 0x0c30 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
00:31:37.0650 0x0c30 vds - ok
00:31:37.0677 0x0c30 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:31:37.0679 0x0c30 vga - ok
00:31:37.0694 0x0c30 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
00:31:37.0696 0x0c30 VgaSave - ok
00:31:37.0710 0x0c30 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:31:37.0716 0x0c30 vhdmp - ok
00:31:37.0740 0x0c30 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
00:31:37.0742 0x0c30 viaide - ok
00:31:37.0759 0x0c30 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:31:37.0763 0x0c30 volmgr - ok
00:31:37.0795 0x0c30 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:31:37.0803 0x0c30 volmgrx - ok
00:31:37.0818 0x0c30 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:31:37.0825 0x0c30 volsnap - ok
00:31:37.0845 0x0c30 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:31:37.0850 0x0c30 vsmraid - ok
00:31:37.0915 0x0c30 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
00:31:37.0966 0x0c30 VSS - ok
00:31:37.0980 0x0c30 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
00:31:37.0982 0x0c30 vwifibus - ok
00:31:38.0019 0x0c30 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
00:31:38.0028 0x0c30 W32Time - ok
00:31:38.0043 0x0c30 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:31:38.0045 0x0c30 WacomPen - ok
00:31:38.0086 0x0c30 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:31:38.0096 0x0c30 WANARP - ok
00:31:38.0129 0x0c30 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:31:38.0136 0x0c30 Wanarpv6 - ok
00:31:38.0226 0x0c30 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
00:31:38.0272 0x0c30 wbengine - ok
00:31:38.0306 0x0c30 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:31:38.0312 0x0c30 WbioSrvc - ok
00:31:38.0346 0x0c30 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:31:38.0355 0x0c30 wcncsvc - ok
00:31:38.0382 0x0c30 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:31:38.0385 0x0c30 WcsPlugInService - ok
00:31:38.0402 0x0c30 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:31:38.0403 0x0c30 Wd - ok
00:31:38.0447 0x0c30 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:31:38.0465 0x0c30 Wdf01000 - ok
00:31:38.0491 0x0c30 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:31:38.0495 0x0c30 WdiServiceHost - ok
00:31:38.0500 0x0c30 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:31:38.0502 0x0c30 WdiSystemHost - ok
00:31:38.0526 0x0c30 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
00:31:38.0534 0x0c30 WebClient - ok
00:31:38.0561 0x0c30 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:31:38.0567 0x0c30 Wecsvc - ok
00:31:38.0593 0x0c30 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:31:38.0597 0x0c30 wercplsupport - ok
00:31:38.0624 0x0c30 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
00:31:38.0628 0x0c30 WerSvc - ok
00:31:38.0658 0x0c30 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:31:38.0659 0x0c30 WfpLwf - ok
00:31:38.0684 0x0c30 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:31:38.0686 0x0c30 WIMMount - ok
00:31:38.0712 0x0c30 WinDefend - ok
00:31:38.0725 0x0c30 WinHttpAutoProxySvc - ok
00:31:38.0797 0x0c30 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:31:38.0814 0x0c30 Winmgmt - ok
00:31:38.0947 0x0c30 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
00:31:39.0006 0x0c30 WinRM - ok
00:31:39.0061 0x0c30 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
00:31:39.0063 0x0c30 WinUsb - ok
00:31:39.0135 0x0c30 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:31:39.0161 0x0c30 Wlansvc - ok
00:31:39.0181 0x0c30 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:31:39.0183 0x0c30 WmiAcpi - ok
00:31:39.0199 0x0c30 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:31:39.0206 0x0c30 wmiApSrv - ok
00:31:39.0232 0x0c30 WMPNetworkSvc - ok
00:31:39.0262 0x0c30 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:31:39.0265 0x0c30 WPCSvc - ok
00:31:39.0294 0x0c30 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:31:39.0299 0x0c30 WPDBusEnum - ok
00:31:39.0327 0x0c30 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:31:39.0341 0x0c30 ws2ifsl - ok
00:31:39.0380 0x0c30 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
00:31:39.0392 0x0c30 wscsvc - ok
00:31:39.0400 0x0c30 WSearch - ok
00:31:39.0492 0x0c30 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
00:31:39.0558 0x0c30 wuauserv - ok
00:31:39.0578 0x0c30 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:31:39.0581 0x0c30 WudfPf - ok
00:31:39.0614 0x0c30 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:31:39.0620 0x0c30 WUDFRd - ok
00:31:39.0642 0x0c30 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:31:39.0648 0x0c30 wudfsvc - ok
00:31:39.0677 0x0c30 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
00:31:39.0684 0x0c30 WwanSvc - ok
00:31:39.0698 0x0c30 ================ Scan global ===============================
00:31:39.0719 0x0c30 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
00:31:39.0738 0x0c30 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
00:31:39.0750 0x0c30 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
00:31:39.0776 0x0c30 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:31:39.0792 0x0c30 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
00:31:39.0800 0x0c30 [ Global ] - ok
00:31:39.0800 0x0c30 ================ Scan MBR ==================================
00:31:39.0810 0x0c30 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:31:40.0007 0x0c30 \Device\Harddisk0\DR0 - ok
00:31:40.0008 0x0c30 ================ Scan VBR ==================================
00:31:40.0012 0x0c30 [ 54BA4C37D203C2B279E01A9F91269268 ] \Device\Harddisk0\DR0\Partition1
00:31:40.0014 0x0c30 \Device\Harddisk0\DR0\Partition1 - ok
00:31:40.0019 0x0c30 [ 36FF22C76208A56598240DB5AA37AE43 ] \Device\Harddisk0\DR0\Partition2
00:31:40.0021 0x0c30 \Device\Harddisk0\DR0\Partition2 - ok
00:31:40.0021 0x0c30 Waiting for KSN requests completion. In queue: 333
00:31:41.0021 0x0c30 Waiting for KSN requests completion. In queue: 333
00:31:42.0021 0x0c30 Waiting for KSN requests completion. In queue: 19
00:31:43.0121 0x0c30 Win FW state via NFP2: enabled
00:31:45.0880 0x0c30 ============================================================
00:31:45.0880 0x0c30 Scan finished
00:31:45.0880 0x0c30 ============================================================
00:31:45.0910 0x0a04 Detected object count: 0
00:31:45.0910 0x0a04 Actual detected object count: 0
00:37:24.0858 0x0de0 Deinitialize success
Hier der Anhang  |
|
04.03.2014, 18:13
| #6 |
| /// the machine /// TB-Ausbilder | Svchost verbraucht sehr viel Arbeitsspeicher Downloade dir bitte Windows Repair (All In One) von hier.
__________________ --> Svchost verbraucht sehr viel Arbeitsspeicher |
|
| Themen zu Svchost verbraucht sehr viel Arbeitsspeicher |
| ahnung, analyzer, arbeitsspeicher, gestartet, hoffe, keine ahnung, kurzer, langsamer, plötzlich, problem, prozess, runtergeladen, sache, sachen, svchost, verbraucht, virus |
Linear-Darstellung
