Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 01.09.2014, 15:12   #1
Batzke95
 
Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher - Standard

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher



Hallo,
ich hatte seit einiger Zeit das Problem, dass ich in sämtlichen I-net Browsern Werbung von ad wizard u.ä. bekam und entfernte diese Addons aus dem Programmverzeichnis von Windows. Seitdem hab ich nun aber das Problem, dass sich der Internet Explorer immer selbst im Hintergrund öffnete (alle 30s ein neuer Prozess). daraufhin habe ich den Internet Explorer aus dem System entfernt, habe nun aber das Problem, dass sich statt des Internet Explorers der Windows Explorer in den Prozessen vervielfältigt (Arbeitsspeicher bis 400K) und dadurch auch die Internetleistung verringert. In Online Spielen muss ich so beispielsweise alle 20s den Bildschirm klein machen um die unnötigen Prozesse zu beenden.

hier das FRST log
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02
Ran by Basti (administrator) on KUNDEN-C2A4T6U6 on 01-09-2014 14:55:44
Running from C:\Users\Basti\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
() C:\Windows\DAODx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Creative Technology Ltd.) C:\Windows\V0640Mon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [G Data AntiVirus Tray Application] => C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-08-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-23] (cyberlink)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-08-07] (Bitleader)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-12-23] (CyberLink Corp.)
HKLM-x32\...\Run: [Live! Central 2] => C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe [426140 2009-11-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [V0640Mon.exe] => C:\Windows\V0640Mon.exe [28672 2009-09-22] (Creative Technology Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1937600 2014-08-14] (Valve Corporation)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [Windows Remote Service] => C:\Users\Basti\Desktop\Isos uns Setups\WinRemoteService_v1.2.9_portable\Windows Remote Service\WindowsRemoteService.exe [173568 2013-05-24] (Banamalon)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-08-31] (Electronic Arts)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\MountPoints2: {9b9067ea-de6c-11e1-bf3d-806e6f6e6963} - D:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Play Wireless USB Adapter Utility.lnk
ShortcutTarget: Play Wireless USB Adapter Utility.lnk -> C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe ()
Startup: C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=93ece75e-2672-b8d2-08f9-8178b9479fc1&searchtype=ds&q={searchTerms}&installDate={installDate}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://syb.msn.com
hxxp://www.tecstore.net
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2A10C333036FCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=93ece75e-2672-b8d2-08f9-8178b9479fc1&searchtype=ds&q={searchTerms}&installDate={installDate}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&st=chrome&q=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope {98BF414D-8E2C-4584-B853-F3A6F5935D27} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {98bf414d-8e2c-4584-b853-f3a6f5935d27} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=93ece75e-2672-b8d2-08f9-8178b9479fc1&searchtype=ds&q={searchTerms}&installDate={installDate}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=93ece75e-2672-b8d2-08f9-8178b9479fc1&searchtype=ds&q={searchTerms}&installDate={installDate}
SearchScopes: HKCU - {010D46DF-85CC-4552-ABDC-7D8BF9F1EE08} URL = hxxp://www.ant.com/search?s=browser&q={searchTerms}
SearchScopes: HKCU - {17B1D3AE-2CD3-4200-BFB1-BB1A7AF25B04} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=4D0BBBD8-62F0-4122-A06B-5E95CB2E58D3&apn_sauid=B1968C2B-D17E-44D0-ADAD-A85600365777
SearchScopes: HKCU - {4327fabe-3c22-4689-8dbf-d226cf777fe9} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&q={searchTerms}
SearchScopes: HKCU - {98BF414D-8E2C-4584-B853-F3A6F5935D27} URL = 
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Ant.com browser helper (video detector) -> {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} -> C:\Program Files (x86)\Ant.com\IE add-on\Download.dll (Ant.com)
BHO-x32: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> C:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Ant.com Video Downloader toolbar - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\o6lub96e.default-1408107985754
FF Homepage: hxxp://de-de.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta993.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta993\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha906.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha906\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1969.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1969\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha8334.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8334\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha5279.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5279\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home278.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home278\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6079.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6079\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha2380.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2380\ff

Chrome: 
=======
CHR Profile: C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-24]
CHR Extension: (Google Drive) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-24]
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-24]
CHR Extension: (Google-Suche) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-24]
CHR Extension: (Google Wallet) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-24]
CHR Extension: (Google Mail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-24]
CHR HKLM-x32\...\Chrome\Extension: [cadmbhkjimoafaokdfdmpebbiapadccm] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6079\ch\MediaBuzzV1mode6079.crx []
CHR HKLM-x32\...\Chrome\Extension: [caeconejdgkoefeelomjfkkfcinkehlc] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8334\ch\MediaViewV1alpha8334.crx []
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [fepenaahbicpoholbpjhhilciepkeock] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2380\ch\TrustMediaViewerV1alpha2380.crx []
CHR HKLM-x32\...\Chrome\Extension: [kfdfaggkibkljaklfepfminnfpfniijl] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1969\ch\MediaViewerV1alpha1969.crx []
CHR HKLM-x32\...\Chrome\Extension: [llopbnfbphgdlgapmfbdfeldkodlohaa] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home278\ch\MediaWatchV1home278.crx []
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx []
CHR HKLM-x32\...\Chrome\Extension: [onaefacfpoloobkpanchplbmpndadfog] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta993\ch\VideoPlayerV3beta993.crx []
CHR HKLM-x32\...\Chrome\Extension: [pnfeojhdgncechblgmlmehmjdhhikmhj] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5279\ch\MediaViewV1alpha5279.crx []
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
S3 Ant App service; C:\Program Files (x86)\Ant.com\File1 Package Manager\AppService.exe [504816 2013-02-05] (Helios Technologies Ltd)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-23] (CyberLink)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-19] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-19] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] () [File not signed]
R2 WLANBelkinService; C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [36864 2009-12-28] () [File not signed]
S2 DisplayFusionService; "C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe" [X]
R3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-09-27] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-03] (DT Soft Ltd)
S3 hugoio64; C:\Windows\system32\drivers\hugoio64.sys [13920 2012-08-06] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-09-27] ()
S3 V0640Vid; C:\Windows\System32\DRIVERS\V0640Vid.sys [319520 2009-12-03] (Creative Technology Ltd.)
S3 tswNT; \??\C:\Users\ADMINI~1\AppData\Local\Temp\00013255\tswnt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-01 14:55 - 2014-09-01 14:56 - 00024060 _____ () C:\Users\Basti\Downloads\FRST.txt
2014-09-01 14:55 - 2014-09-01 14:55 - 00000000 ____D () C:\FRST
2014-09-01 14:54 - 2014-09-01 14:54 - 02104832 _____ (Farbar) C:\Users\Basti\Downloads\FRST64.exe
2014-09-01 14:53 - 2014-09-01 14:53 - 00000542 _____ () C:\Users\Basti\Downloads\defogger_disable.log
2014-09-01 14:53 - 2014-09-01 14:53 - 00000168 _____ () C:\Users\Basti\defogger_reenable
2014-09-01 14:52 - 2014-09-01 14:52 - 00050477 _____ () C:\Users\Basti\Downloads\Defogger.exe
2014-08-31 18:57 - 2014-08-31 18:57 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\AVG2014
2014-08-31 18:56 - 2014-08-31 18:56 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-31 18:56 - 2014-08-31 18:56 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\TuneUp Software
2014-08-31 18:56 - 2014-08-31 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-31 18:55 - 2014-09-01 14:32 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-31 18:55 - 2014-08-31 18:55 - 00000000 ___HD () C:\$AVG
2014-08-31 18:55 - 2014-08-31 18:55 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-08-31 18:44 - 2014-09-01 14:34 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-31 18:44 - 2014-08-31 19:29 - 00000000 ____D () C:\Users\Basti\AppData\Local\Avg2014
2014-08-31 18:44 - 2014-08-31 18:44 - 00000000 ____D () C:\Users\Basti\AppData\Local\MFAData
2014-08-31 18:43 - 2014-08-31 18:44 - 04755920 _____ (AVG Technologies) C:\Users\Basti\Downloads\avg_avct_stb_all_2014_4744_comppg_24.exe
2014-08-31 16:04 - 2014-08-31 16:05 - 00000000 ____D () C:\Users\Basti\AppData\Local\Origin
2014-08-31 15:52 - 2014-09-01 14:30 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-31 15:52 - 2014-08-31 15:52 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-08-31 15:52 - 2014-08-31 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-08-31 15:44 - 2014-08-31 15:44 - 01397992 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.5.0_148.exe
2014-08-31 14:37 - 2014-08-31 14:38 - 02478784 _____ (Sysinternals - www.sysinternals.com) C:\Users\Basti\Downloads\procexp03 (1).exe
2014-08-31 14:30 - 2014-08-31 14:31 - 02478784 _____ (Sysinternals - www.sysinternals.com) C:\Users\Basti\Downloads\procexp03.exe
2014-08-25 19:28 - 2014-09-01 14:32 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Yqnu
2014-08-25 19:28 - 2014-08-25 19:33 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Osug
2014-08-24 18:21 - 2014-08-24 18:21 - 04495528 _____ () C:\Users\Basti\Downloads\AbsolutUninstaller_5.3.1.17.exe
2014-08-24 18:21 - 2014-08-24 18:21 - 00001270 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2014-08-24 18:21 - 2014-08-24 18:21 - 00001258 _____ () C:\Users\Public\Desktop\Absolute Uninstaller.lnk
2014-08-24 18:21 - 2014-08-24 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2014-08-24 18:21 - 2014-08-24 18:21 - 00000000 ____D () C:\Program Files (x86)\Glarysoft
2014-08-24 18:05 - 2014-08-24 18:05 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-24 18:05 - 2014-08-24 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-24 17:54 - 2014-09-01 14:29 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-24 17:54 - 2014-08-31 20:59 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-24 17:54 - 2014-08-24 18:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-24 17:54 - 2014-08-24 17:54 - 00895120 _____ (Google Inc.) C:\Users\Basti\Downloads\ChromeSetup.exe
2014-08-24 17:54 - 2014-08-24 17:54 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-24 17:54 - 2014-08-24 17:54 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-24 17:33 - 2014-08-31 20:15 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Ovco
2014-08-24 17:33 - 2014-08-24 17:38 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Imzec
2014-08-24 17:24 - 2014-08-24 17:24 - 00000687 _____ () C:\awhE8F7.tmp
2014-08-24 17:03 - 2014-08-24 17:06 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-08-24 16:59 - 2014-09-01 14:32 - 00000000 ____D () C:\ProgramData\AgumInij
2014-08-24 16:59 - 2014-08-24 16:59 - 00000687 _____ () C:\awhE3C9.tmp
2014-08-24 05:36 - 2014-09-01 14:31 - 00000000 ____D () C:\ProgramData\AtlisUwmeh
2014-08-24 05:36 - 2014-08-24 16:59 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-24 04:41 - 2014-08-24 04:41 - 00000687 _____ () C:\awhE003.tmp
2014-08-24 04:06 - 2014-08-24 04:06 - 00000687 _____ () C:\awhDBCD.tmp
2014-08-23 23:44 - 2014-08-23 23:53 - 46684696 _____ (PokerStars) C:\Users\Basti\Downloads\PokerStarsInstallPM.exe
2014-08-23 18:37 - 2014-08-23 18:37 - 00000687 _____ () C:\awh65CA.tmp
2014-08-22 14:45 - 2014-08-22 14:45 - 00000687 _____ () C:\awhE214.tmp
2014-08-21 16:10 - 2014-08-21 16:10 - 00000687 _____ () C:\awhE5BC.tmp
2014-08-20 15:34 - 2014-08-20 15:34 - 00000687 _____ () C:\awhE4C2.tmp
2014-08-19 22:13 - 2014-09-01 14:37 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-19 22:13 - 2014-08-31 20:35 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex1
2014-08-19 22:13 - 2014-08-19 22:13 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-19 18:47 - 2014-08-19 18:47 - 00000687 _____ () C:\awhFEE7.tmp
2014-08-19 15:04 - 2014-08-19 15:04 - 00000687 _____ () C:\awhDE7C.tmp
2014-08-18 22:50 - 2014-08-19 22:17 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-18 22:33 - 2014-08-18 22:33 - 00003140 _____ () C:\Windows\System32\Tasks\{32F8C2B5-B270-459D-AC50-DE0EC6FE4C50}
2014-08-18 22:22 - 2014-08-18 22:22 - 02247976 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.4.0_145(1).exe
2014-08-18 22:19 - 2014-08-18 22:19 - 00714207 _____ () C:\Users\Basti\Downloads\pbsetup-37.zip
2014-08-18 22:13 - 2014-08-18 22:13 - 01101648 _____ () C:\Users\Basti\Downloads\PunkBuster - CHIP-Installer.exe
2014-08-18 14:17 - 2014-08-18 14:34 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\.minecraft
2014-08-18 13:03 - 2014-08-18 13:03 - 00000687 _____ () C:\awhEC41.tmp
2014-08-17 18:37 - 2014-08-17 18:37 - 00000687 _____ () C:\awhD326.tmp
2014-08-15 15:11 - 2014-08-15 15:11 - 00244408 _____ () C:\Users\Basti\Downloads\Firefox Setup Stub 31.0.exe
2014-08-15 15:06 - 2014-08-15 15:06 - 00000000 ____D () C:\Users\Basti\Desktop\Alte Firefox-Daten
2014-08-15 13:31 - 2014-08-15 13:31 - 00000687 _____ () C:\awhE455.tmp
2014-08-15 13:25 - 2014-08-15 13:25 - 01192533 _____ () C:\Windows\unins000.exe
2014-08-15 13:25 - 2014-08-15 13:25 - 00018426 _____ () C:\Windows\unins000.dat
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\MingGuan
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakonia Black
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator
2014-08-15 12:05 - 2014-08-15 12:05 - 00000687 _____ () C:\awh8ACA.tmp
2014-08-15 11:33 - 2014-08-15 11:33 - 02247976 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-14 16:05 - 2014-08-31 14:52 - 00004096 _____ () C:\Users\Public\Documents\000099A0.LCS
2014-08-14 16:05 - 2014-08-21 20:50 - 00000000 ____D () C:\Users\Basti\AppData\Local\Risen3
2014-08-14 16:05 - 2014-08-14 16:05 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\ProtectDISC
2014-08-14 15:28 - 2014-08-14 15:28 - 00002277 _____ () C:\Users\Public\Desktop\Risen 3 - Titan Lords.lnk
2014-08-14 15:25 - 2014-08-14 15:25 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-08-14 15:06 - 2014-08-14 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2014-08-13 12:29 - 2014-08-13 12:29 - 00002119 _____ () C:\Users\Basti\Desktop\Firefox - CHIP Downloader.lnk
2014-08-13 12:29 - 2014-08-13 12:29 - 00000687 _____ () C:\awhEA2F.tmp
2014-08-13 12:28 - 2014-08-13 12:28 - 01101648 _____ () C:\Users\Basti\Downloads\Firefox - CHIP-Installer.exe
2014-08-12 12:57 - 2014-08-12 12:57 - 00000687 _____ () C:\awhF94C.tmp
2014-08-11 15:05 - 2014-08-11 15:04 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 14:50 - 2014-08-11 14:50 - 00000687 _____ () C:\awhED79.tmp
2014-08-11 14:15 - 2014-08-11 14:15 - 00000291 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-11 14:13 - 2014-08-11 14:13 - 00918440 _____ (Oracle Corporation) C:\Users\Basti\Downloads\JavaSetup7u67.exe
2014-08-11 12:34 - 2014-08-11 12:34 - 00000687 _____ () C:\awhDDFF.tmp
2014-08-10 15:15 - 2014-08-10 15:15 - 00000687 _____ () C:\awhDC0C.tmp
2014-08-09 13:32 - 2014-08-09 13:32 - 00000687 _____ () C:\awhDD82.tmp
2014-08-08 19:30 - 2014-08-08 19:44 - 41171024 _____ (Google Inc.) C:\Users\Basti\Downloads\ChromeStandaloneSetup-1985.125.exe
2014-08-08 11:44 - 2014-08-08 11:44 - 00000687 _____ () C:\awhEA6D.tmp
2014-08-07 14:20 - 2014-08-07 14:20 - 00000687 _____ () C:\awh933.tmp
2014-08-06 20:07 - 2014-08-06 20:07 - 00000687 _____ () C:\awhE752.tmp
2014-08-06 13:16 - 2014-08-06 13:16 - 00000687 _____ () C:\awhDF37.tmp
2014-08-06 10:50 - 2014-08-06 10:50 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-08-05 13:14 - 2014-08-05 13:14 - 00000687 _____ () C:\awhF49A.tmp
2014-08-04 13:37 - 2014-08-04 13:37 - 00000687 _____ () C:\awhE002.tmp
2014-08-03 14:13 - 2014-08-03 14:13 - 00000687 _____ () C:\awhDB41.tmp
2014-08-02 18:37 - 2014-08-02 18:37 - 00000687 _____ () C:\awhED5.tmp
2014-08-02 02:02 - 2014-08-02 02:02 - 00000687 _____ () C:\awhDE8B.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-01 14:56 - 2014-09-01 14:55 - 00024060 _____ () C:\Users\Basti\Downloads\FRST.txt
2014-09-01 14:55 - 2014-09-01 14:55 - 00000000 ____D () C:\FRST
2014-09-01 14:54 - 2014-09-01 14:54 - 02104832 _____ (Farbar) C:\Users\Basti\Downloads\FRST64.exe
2014-09-01 14:53 - 2014-09-01 14:53 - 00000542 _____ () C:\Users\Basti\Downloads\defogger_disable.log
2014-09-01 14:53 - 2014-09-01 14:53 - 00000168 _____ () C:\Users\Basti\defogger_reenable
2014-09-01 14:53 - 2012-07-31 11:12 - 00000000 ____D () C:\Users\Basti
2014-09-01 14:52 - 2014-09-01 14:52 - 00050477 _____ () C:\Users\Basti\Downloads\Defogger.exe
2014-09-01 14:50 - 2013-05-21 21:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-01 14:44 - 2012-07-31 12:07 - 00000000 ____D () C:\ProgramData\Origin
2014-09-01 14:37 - 2014-08-19 22:13 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-01 14:37 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-01 14:37 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-01 14:34 - 2014-08-31 18:44 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-01 14:33 - 2012-07-30 16:40 - 01404422 _____ () C:\Windows\WindowsUpdate.log
2014-09-01 14:32 - 2014-08-31 18:55 - 00000000 ____D () C:\ProgramData\AVG2014
2014-09-01 14:32 - 2014-08-25 19:28 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Yqnu
2014-09-01 14:32 - 2014-08-24 16:59 - 00000000 ____D () C:\ProgramData\AgumInij
2014-09-01 14:32 - 2012-07-31 12:24 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-01 14:32 - 2010-11-21 05:24 - 00000000 __SHD () C:\Users\Basti\AppData\Roaming\dwcvajjb
2014-09-01 14:31 - 2014-08-24 05:36 - 00000000 ____D () C:\ProgramData\AtlisUwmeh
2014-09-01 14:31 - 2013-02-04 13:30 - 00000356 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-09-01 14:31 - 2013-02-04 13:30 - 00000000 ____D () C:\Users\Basti\AppData\Local\SwvUpdater
2014-09-01 14:31 - 2012-08-02 00:29 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Skype
2014-09-01 14:30 - 2014-08-31 15:52 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-01 14:29 - 2014-08-24 17:54 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-01 14:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-01 14:29 - 2009-07-14 06:51 - 00139630 _____ () C:\Windows\setupact.log
2014-09-01 14:28 - 2013-11-12 17:57 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-09-01 14:28 - 2010-11-21 05:47 - 00082346 _____ () C:\Windows\PFRO.log
2014-08-31 20:59 - 2014-08-24 17:54 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-31 20:35 - 2014-08-19 22:13 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex1
2014-08-31 20:35 - 2012-08-03 13:53 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-31 20:15 - 2014-08-24 17:33 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Ovco
2014-08-31 19:53 - 2013-10-16 19:37 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-08-31 19:29 - 2014-08-31 18:44 - 00000000 ____D () C:\Users\Basti\AppData\Local\Avg2014
2014-08-31 18:57 - 2014-08-31 18:57 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\AVG2014
2014-08-31 18:56 - 2014-08-31 18:56 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-31 18:56 - 2014-08-31 18:56 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\TuneUp Software
2014-08-31 18:56 - 2014-08-31 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-31 18:55 - 2014-08-31 18:55 - 00000000 ___HD () C:\$AVG
2014-08-31 18:55 - 2014-08-31 18:55 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-08-31 18:44 - 2014-08-31 18:44 - 00000000 ____D () C:\Users\Basti\AppData\Local\MFAData
2014-08-31 18:44 - 2014-08-31 18:43 - 04755920 _____ (AVG Technologies) C:\Users\Basti\Downloads\avg_avct_stb_all_2014_4744_comppg_24.exe
2014-08-31 16:05 - 2014-08-31 16:04 - 00000000 ____D () C:\Users\Basti\AppData\Local\Origin
2014-08-31 15:52 - 2014-08-31 15:52 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-08-31 15:52 - 2014-08-31 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-08-31 15:44 - 2014-08-31 15:44 - 01397992 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.5.0_148.exe
2014-08-31 15:03 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-31 15:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-31 14:52 - 2014-08-14 16:05 - 00004096 _____ () C:\Users\Public\Documents\000099A0.LCS
2014-08-31 14:51 - 2012-08-21 14:36 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\vlc
2014-08-31 14:38 - 2014-08-31 14:37 - 02478784 _____ (Sysinternals - www.sysinternals.com) C:\Users\Basti\Downloads\procexp03 (1).exe
2014-08-31 14:31 - 2014-08-31 14:30 - 02478784 _____ (Sysinternals - www.sysinternals.com) C:\Users\Basti\Downloads\procexp03.exe
2014-08-25 21:32 - 2014-02-03 22:16 - 00000000 ____D () C:\Users\Basti\AppData\Local\PokerStars.NET
2014-08-25 19:33 - 2014-08-25 19:28 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Osug
2014-08-25 01:11 - 2012-07-31 11:13 - 00131280 _____ () C:\Users\Basti\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-24 18:43 - 2014-05-13 18:32 - 00000000 ____D () C:\Program Files (x86)\RichMediaViewV1
2014-08-24 18:43 - 2009-07-14 06:45 - 00434784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-24 18:23 - 2012-07-31 17:02 - 00000000 ____D () C:\Program Files (x86)\Catan
2014-08-24 18:21 - 2014-08-24 18:21 - 04495528 _____ () C:\Users\Basti\Downloads\AbsolutUninstaller_5.3.1.17.exe
2014-08-24 18:21 - 2014-08-24 18:21 - 00001270 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2014-08-24 18:21 - 2014-08-24 18:21 - 00001258 _____ () C:\Users\Public\Desktop\Absolute Uninstaller.lnk
2014-08-24 18:21 - 2014-08-24 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2014-08-24 18:21 - 2014-08-24 18:21 - 00000000 ____D () C:\Program Files (x86)\Glarysoft
2014-08-24 18:05 - 2014-08-24 18:05 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-24 18:05 - 2014-08-24 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-24 18:05 - 2014-08-24 17:54 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-24 18:05 - 2012-07-31 11:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-24 18:03 - 2012-10-12 15:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-24 17:54 - 2014-08-24 17:54 - 00895120 _____ (Google Inc.) C:\Users\Basti\Downloads\ChromeSetup.exe
2014-08-24 17:54 - 2014-08-24 17:54 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-24 17:54 - 2014-08-24 17:54 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-24 17:38 - 2014-08-24 17:33 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Imzec
2014-08-24 17:24 - 2014-08-24 17:24 - 00000687 _____ () C:\awhE8F7.tmp
2014-08-24 17:06 - 2014-08-24 17:03 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-08-24 16:59 - 2014-08-24 16:59 - 00000687 _____ () C:\awhE3C9.tmp
2014-08-24 16:59 - 2014-08-24 05:36 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-24 04:41 - 2014-08-24 04:41 - 00000687 _____ () C:\awhE003.tmp
2014-08-24 04:06 - 2014-08-24 04:06 - 00000687 _____ () C:\awhDBCD.tmp
2014-08-23 23:55 - 2014-02-03 22:15 - 00000000 ____D () C:\Program Files (x86)\PokerStars.NET
2014-08-23 23:54 - 2014-02-03 22:16 - 00001965 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.net.lnk
2014-08-23 23:54 - 2014-02-03 22:16 - 00001959 _____ () C:\Users\Public\Desktop\PokerStars.net.lnk
2014-08-23 23:53 - 2014-08-23 23:44 - 46684696 _____ (PokerStars) C:\Users\Basti\Downloads\PokerStarsInstallPM.exe
2014-08-23 18:37 - 2014-08-23 18:37 - 00000687 _____ () C:\awh65CA.tmp
2014-08-22 14:45 - 2014-08-22 14:45 - 00000687 _____ () C:\awhE214.tmp
2014-08-21 20:50 - 2014-08-14 16:05 - 00000000 ____D () C:\Users\Basti\AppData\Local\Risen3
2014-08-21 16:10 - 2014-08-21 16:10 - 00000687 _____ () C:\awhE5BC.tmp
2014-08-20 15:34 - 2014-08-20 15:34 - 00000687 _____ () C:\awhE4C2.tmp
2014-08-19 22:17 - 2014-08-18 22:50 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-19 22:13 - 2014-08-19 22:13 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-19 18:47 - 2014-08-19 18:47 - 00000687 _____ () C:\awhFEE7.tmp
2014-08-19 15:04 - 2014-08-19 15:04 - 00000687 _____ () C:\awhDE7C.tmp
2014-08-18 22:33 - 2014-08-18 22:33 - 00003140 _____ () C:\Windows\System32\Tasks\{32F8C2B5-B270-459D-AC50-DE0EC6FE4C50}
2014-08-18 22:22 - 2014-08-18 22:22 - 02247976 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.4.0_145(1).exe
2014-08-18 22:19 - 2014-08-18 22:19 - 00714207 _____ () C:\Users\Basti\Downloads\pbsetup-37.zip
2014-08-18 22:13 - 2014-08-18 22:13 - 01101648 _____ () C:\Users\Basti\Downloads\PunkBuster - CHIP-Installer.exe
2014-08-18 21:46 - 2013-09-29 16:33 - 00000000 ____D () C:\Users\Basti\Documents\FIFA 14
2014-08-18 14:34 - 2014-08-18 14:17 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\.minecraft
2014-08-18 13:03 - 2014-08-18 13:03 - 00000687 _____ () C:\awhEC41.tmp
2014-08-18 12:59 - 2012-08-07 15:27 - 00000344 _____ () C:\Windows\lgfwup.ini
2014-08-18 12:59 - 2012-08-07 15:23 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2014-08-17 18:37 - 2014-08-17 18:37 - 00000687 _____ () C:\awhD326.tmp
2014-08-15 15:11 - 2014-08-15 15:11 - 00244408 _____ () C:\Users\Basti\Downloads\Firefox Setup Stub 31.0.exe
2014-08-15 15:06 - 2014-08-15 15:06 - 00000000 ____D () C:\Users\Basti\Desktop\Alte Firefox-Daten
2014-08-15 13:31 - 2014-08-15 13:31 - 00000687 _____ () C:\awhE455.tmp
2014-08-15 13:25 - 2014-08-15 13:25 - 01192533 _____ () C:\Windows\unins000.exe
2014-08-15 13:25 - 2014-08-15 13:25 - 00018426 _____ () C:\Windows\unins000.dat
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\MingGuan
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakonia Black
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator
2014-08-15 12:05 - 2014-08-15 12:05 - 00000687 _____ () C:\awh8ACA.tmp
2014-08-15 11:33 - 2014-08-15 11:33 - 02247976 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-15 04:07 - 2013-11-12 17:57 - 00001194 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2014-08-15 04:07 - 2013-11-12 17:57 - 00001170 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2014-08-15 00:45 - 2012-07-31 12:07 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-14 16:05 - 2014-08-14 16:05 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\ProtectDISC
2014-08-14 15:28 - 2014-08-14 15:28 - 00002277 _____ () C:\Users\Public\Desktop\Risen 3 - Titan Lords.lnk
2014-08-14 15:25 - 2014-08-14 15:25 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-08-14 15:24 - 2012-07-31 12:58 - 00422801 _____ () C:\Windows\DirectX.log
2014-08-14 15:06 - 2014-08-14 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2014-08-14 15:06 - 2013-09-27 20:13 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2014-08-13 12:29 - 2014-08-13 12:29 - 00002119 _____ () C:\Users\Basti\Desktop\Firefox - CHIP Downloader.lnk
2014-08-13 12:29 - 2014-08-13 12:29 - 00000687 _____ () C:\awhEA2F.tmp
2014-08-13 12:28 - 2014-08-13 12:28 - 01101648 _____ () C:\Users\Basti\Downloads\Firefox - CHIP-Installer.exe
2014-08-12 12:57 - 2014-08-12 12:57 - 00000687 _____ () C:\awhF94C.tmp
2014-08-11 15:05 - 2013-12-20 15:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-11 15:04 - 2014-08-11 15:05 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 15:04 - 2013-06-28 20:07 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-11 15:04 - 2013-06-28 20:07 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-11 15:04 - 2013-06-28 20:07 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-11 14:50 - 2014-08-11 14:50 - 00000687 _____ () C:\awhED79.tmp
2014-08-11 14:25 - 2013-01-29 19:11 - 00000000 ____D () C:\Program Files\Oracle
2014-08-11 14:24 - 2012-10-24 19:35 - 00000000 ____D () C:\Program Files\Java
2014-08-11 14:15 - 2014-08-11 14:15 - 00000291 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-11 14:15 - 2012-09-29 12:00 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-11 14:13 - 2014-08-11 14:13 - 00918440 _____ (Oracle Corporation) C:\Users\Basti\Downloads\JavaSetup7u67.exe
2014-08-11 14:11 - 2012-09-29 12:02 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-08-11 12:34 - 2014-08-11 12:34 - 00000687 _____ () C:\awhDDFF.tmp
2014-08-10 15:15 - 2014-08-10 15:15 - 00000687 _____ () C:\awhDC0C.tmp
2014-08-09 13:32 - 2014-08-09 13:32 - 00000687 _____ () C:\awhDD82.tmp
2014-08-08 19:44 - 2014-08-08 19:30 - 41171024 _____ (Google Inc.) C:\Users\Basti\Downloads\ChromeStandaloneSetup-1985.125.exe
2014-08-08 11:44 - 2014-08-08 11:44 - 00000687 _____ () C:\awhEA6D.tmp
2014-08-07 19:00 - 2014-03-20 23:03 - 00000000 ____D () C:\Users\Basti\AppData\Local\Battle.net
2014-08-07 18:56 - 2014-03-19 19:52 - 00000000 ____D () C:\Users\Basti\Desktop\Diablo III
2014-08-07 15:05 - 2014-03-20 23:03 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-07 14:45 - 2013-01-01 19:26 - 00000000 ____D () C:\Users\Basti\Desktop\Games
2014-08-07 14:20 - 2014-08-07 14:20 - 00000687 _____ () C:\awh933.tmp
2014-08-07 03:17 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-06 20:07 - 2014-08-06 20:07 - 00000687 _____ () C:\awhE752.tmp
2014-08-06 13:16 - 2014-08-06 13:16 - 00000687 _____ () C:\awhDF37.tmp
2014-08-06 10:50 - 2014-08-06 10:50 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-08-05 13:14 - 2014-08-05 13:14 - 00000687 _____ () C:\awhF49A.tmp
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 13:37 - 2014-08-04 13:37 - 00000687 _____ () C:\awhE002.tmp
2014-08-03 14:13 - 2014-08-03 14:13 - 00000687 _____ () C:\awhDB41.tmp
2014-08-02 18:37 - 2014-08-02 18:37 - 00000687 _____ () C:\awhED5.tmp
2014-08-02 02:02 - 2014-08-02 02:02 - 00000687 _____ () C:\awhDE8B.tmp

Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\ProgramData\hash.dat


Some content of TEMP:
====================
C:\Users\Basti\AppData\Local\Temp\161E.tmp.exe
C:\Users\Basti\AppData\Local\Temp\53544uninstall.exe
C:\Users\Basti\AppData\Local\Temp\8A92.exe
C:\Users\Basti\AppData\Local\Temp\APNStub.exe
C:\Users\Basti\AppData\Local\Temp\AutoRun.exe
C:\Users\Basti\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Basti\AppData\Local\Temp\Browser_Helper_Companion_DE.exe
C:\Users\Basti\AppData\Local\Temp\COMAP.EXE
C:\Users\Basti\AppData\Local\Temp\comver.dll
C:\Users\Basti\AppData\Local\Temp\CTPBSeq.exe
C:\Users\Basti\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\Basti\AppData\Local\Temp\detectionui_r.exe
C:\Users\Basti\AppData\Local\Temp\devcon.exe
C:\Users\Basti\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\Basti\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\Basti\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\Basti\AppData\Local\Temp\E159.exe
C:\Users\Basti\AppData\Local\Temp\EAInstall.dll
C:\Users\Basti\AppData\Local\Temp\eauninstall.exe
C:\Users\Basti\AppData\Local\Temp\EDF7.tmp.exe
C:\Users\Basti\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Basti\AppData\Local\Temp\i4jdel0.exe
C:\Users\Basti\AppData\Local\Temp\i4jdel1.exe
C:\Users\Basti\AppData\Local\Temp\i4jdel2.exe
C:\Users\Basti\AppData\Local\Temp\ICReinstall_JDownloaderSetup.exe
C:\Users\Basti\AppData\Local\Temp\IminentSetup_v2.exe
C:\Users\Basti\AppData\Local\Temp\Installer.exe
C:\Users\Basti\AppData\Local\Temp\installerdll3366376.dll
C:\Users\Basti\AppData\Local\Temp\installerdll3426171.dll
C:\Users\Basti\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\local.dll
C:\Users\Basti\AppData\Local\Temp\mpsetup.exe
C:\Users\Basti\AppData\Local\Temp\MSN20F7.exe
C:\Users\Basti\AppData\Local\Temp\procexp03 (1)64.exe
C:\Users\Basti\AppData\Local\Temp\rcpsetup_binstall21_binstall21.exe
C:\Users\Basti\AppData\Local\Temp\rootsupd.exe
C:\Users\Basti\AppData\Local\Temp\Setup.exe
C:\Users\Basti\AppData\Local\Temp\Shortcut_sweetimsetup.exe
C:\Users\Basti\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Basti\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Basti\AppData\Local\Temp\sonarinst.exe
C:\Users\Basti\AppData\Local\Temp\sqlite3.dll
C:\Users\Basti\AppData\Local\Temp\SRLDetectionLibrary246908541541363318.dll
C:\Users\Basti\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Basti\AppData\Local\Temp\tbuE54F.exe
C:\Users\Basti\AppData\Local\Temp\tbuF23F.exe
C:\Users\Basti\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe
C:\Users\Basti\AppData\Local\Temp\tmp8D70.tmp.exe
C:\Users\Basti\AppData\Local\Temp\ubi14CB.tmp.exe
C:\Users\Basti\AppData\Local\Temp\ubiCD15.tmp.exe
C:\Users\Basti\AppData\Local\Temp\Updater.exe
C:\Users\Basti\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Basti\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Basti\AppData\Local\Temp\wajam_download.exe
C:\Users\Basti\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Basti\AppData\Local\Temp\wpsetup.exe
C:\Users\Basti\AppData\Local\Temp\_is16EB.exe
C:\Users\Basti\AppData\Local\Temp\_is2387.exe
C:\Users\Basti\AppData\Local\Temp\_is2AAA.exe
C:\Users\Basti\AppData\Local\Temp\_is8097.exe
C:\Users\Basti\AppData\Local\Temp\_isBE80.exe
C:\Users\Basti\AppData\Local\Temp\_isCA61.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-31 16:42

==================== End Of Log ============================
         

und hier das Addition log
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2014 02
Ran by Basti at 2014-09-01 14:56:40
Running from C:\Users\Basti\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Absolute Uninstaller 5.3.1.17 (HKLM-x32\...\Absolute Uninstaller) (Version: 5.3.1.17 - Glarysoft Ltd)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Ant.com IE add-on (HKLM-x32\...\{B795F380-D3D6-4EA4-A4BB-27FC2FB0F8B2}) (Version: 2.2.3.1074 - Ant.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.00 - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4015 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.0 - EA Digital Illusions CE AB)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Blender (HKLM\...\Blender) (Version: 2.65a-release - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - )
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version:  - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward - Sledgehammer Games)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Source (HKLM-x32\...\Counter-Strike: Source) (Version:  - Valve)
Creative Live! Cam Socialize (VF0640) (1.00.04.00) (HKLM\...\Creative VF0640) (Version:  - Creative Technology Ltd.)
Creative Live! Central 2 (HKLM-x32\...\Creative Live! Central 2) (Version: 2.00.29 - Creative Technology Ltd)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version:  - )
CyberLink BD Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version:  - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4703 - CyberLink Corp.)
CyberLink Blu-ray Disc Suite (x32 Version: 6.0.4703 - CyberLink Corp.) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1916 - CyberLink Corp.) Hidden
CyberLink LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4619 - CyberLink Corp.)
CyberLink LG Burning Tool (x32 Version: 6.2.4619 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3402 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 4.1.3402 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3530.52 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3530.52 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2512 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2512 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3718 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3718 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{60098CE4-EB16-42D1-9FF6-923488C2AB26}) (Version:  - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die Schlacht um Mittelerde(tm) (HKLM-x32\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version:  - )
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Drakonia Black (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version:  - )
Emergency 2012 (HKLM-x32\...\Emergency 2012) (Version:  - Quadriga Games GmbH)
Emergency4 (HKLM-x32\...\{9A4C534E-431F-4A17-97D4-D1682B19A054}) (Version: 1.03.001 - )
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
File1 Package Manager (HKLM-x32\...\{8A50D93C-79EE-425C-9464-3550978F4E56}) (Version: 0.1.2.75 - Helios Technologies)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Studio version 5.7.4.918 (HKLM-x32\...\Free Studio_is1) (Version: 5.7.4.918 - DVDVideoSoft Ltd.)
GameShadow (HKLM-x32\...\{B2390904-74BD-48AA-B2CC-6612F8D46379}) (Version: 2.03.0000 - GameShadow Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor Of Poker en Español (HKLM-x32\...\Governor Of Poker en Español) (Version:  - )
i-Menu 3.9 (HKLM-x32\...\i-Menu_is1) (Version:  - AOC)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-211648764D10}) (Version: 2.1.1 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
Mass Effect™ 3 (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.01.0.0 - Electronic Arts)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version:  - The Creative Assembly)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.3.2637 - Electronic Arts, Inc.)
Pearl Harbor II (HKLM-x32\...\{8CBCA733-4D81-453D-95EB-28FD5C57430A}) (Version: 12 - FantasticTV)
Pflanzen gegen Zombies   (HKLM-x32\...\Pflanzen gegen Zombies) (Version:  - )
Pharao (HKLM-x32\...\Pharao) (Version:  - )
Play Wireless USB Adapter (HKLM-x32\...\InstallShield_{88E62BD7-A532-48F6-8428-D949BB93A2D7}) (Version: 1.0.0.03 - Belkin)
Play Wireless USB Adapter (x32 Version: 1.0.0.03 - Belkin) Hidden
Playlist Creator 3.6.2 (HKLM-x32\...\Playlist Creator 3.6.2) (Version: 3.6.2.0 - oddgravity)
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version:  - PokerStars.net)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RAGE (HKLM-x32\...\Steam App 9200) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Risen 3 - Titan Lords (HKLM-x32\...\{383CAA4A-9B72-4DE9-9B0F-780C49682780}) (Version: 1.00 - Deep Silver)
Silent Hunter 4 Wolves of the Pacific (HKLM-x32\...\{0D005F09-A5F4-473B-A901-5735C6AF5628}) (Version: 1.03.0000 - Ubisoft)
Silent Hunter 5 (HKLM-x32\...\{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}) (Version: 1.2.0 - Ubisoft)
Simple Shutdown Timer (HKLM-x32\...\Simple Shutdown Timer1.1.2) (Version: 1.1.2 - PcWinTech.com)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.6 - ) <==== ATTENTION
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{E4D8E90E-B732-4205-AFE6-79B75B14DAAB}) (Version: 2.0.0.0 - Husdawg, LLC)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher 2 Enhanced Edition Version 3.0 (HKLM-x32\...\The Witcher 2 Enhanced Edition_is1) (Version: 3.0 - CD Projekt RED)
Torchlight (HKLM-x32\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{D1688F5A-9A61-42F0-B8D0-2C9DF315A141}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{32E700B9-1A94-48B4-99E1-CB8BD5F7340A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{007CC0F3-15DE-426D-95B5-B019FCEF58CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{0C175ED0-26B9-4B09-AFA9-3F16A03A29B9}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{651EE0E5-C789-48D8-8B91-F79352B783C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{326F9E80-FE16-4D2A-827A-4EE1A87B1CE8}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{81CA2EFA-7250-4B1E-B3A6-E0595224E2CD}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vegas Pro 10.0 (HKLM-x32\...\{6E0E4D61-11EC-11E0-B454-0013D3D69929}) (Version: 10.0.469 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-703785417-1565345126-2984759567-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-703785417-1565345126-2984759567-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Restore Points  =========================

21-08-2014 01:26:56 Geplanter Prüfpunkt
21-08-2014 01:27:59 Windows Update
21-08-2014 01:56:01 Windows Defender Checkpoint
24-08-2014 01:33:42 Windows Update
24-08-2014 16:04:37 Entfernt muveeNow 2.0 - Creative
31-08-2014 12:21:34 Windows Modules Installer
31-08-2014 13:21:15 Windows Modules Installer
31-08-2014 16:55:04 Installed AVG 2014
31-08-2014 16:55:27 Installed AVG 2014

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2016CE31-07D9-4576-9FF9-C333A7887B2F} - System32\Tasks\AmiUpdXp => C:\Users\Basti\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: {227F369D-AE30-4DD9-8270-4AB62C1999AC} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {479F55BE-55C6-499F-A1C8-CE9462FC45DE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6ADB4B99-57B1-4B12-9820-FB3B75E432D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-24] (Google Inc.)
Task: {A971956C-6D2E-4067-9548-4183E4CB50F8} - System32\Tasks\{6B195EBD-4D27-41A6-80B2-5E573123B1ED} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.9.0.123&amp;LastError=404
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {B2C9FD99-D696-4E11-B8A4-91E02EF11268} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-24] (Google Inc.)
Task: {CC4EAAF6-1C0D-410F-81C6-F4B148BC17C4} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {F43D1249-9FB6-446E-9511-21106C818884} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Basti\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-12-19 16:32 - 2012-12-19 16:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 19:39 - 2012-10-17 19:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 19:39 - 2012-10-17 19:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-12-19 16:32 - 2012-12-19 16:32 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-08-18 22:50 - 2014-08-19 22:17 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2012-08-07 15:13 - 2009-07-02 16:02 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2009-12-28 18:25 - 2009-12-28 18:25 - 00036864 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
2009-03-30 08:32 - 2009-03-30 08:32 - 00032768 ____R () C:\Windows\DAODx.exe
2009-11-25 19:45 - 2009-11-25 19:45 - 00110592 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
2014-08-15 13:25 - 2013-10-29 14:49 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2012-12-19 16:32 - 2012-12-19 16:32 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-09-15 20:17 - 2009-09-15 20:17 - 00200704 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\BelkinwcuiDLL.dll
2009-12-15 13:46 - 2009-12-15 13:46 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-12-15 13:49 - 2009-12-15 13:49 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-08-15 13:25 - 2013-01-15 17:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/01/2014 02:30:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2014 06:36:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm bf4.exe, Version 1.3.2.3825 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 404

Startzeit: 01cfc533824b5e46

Endzeit: 1482

Anwendungspfad: C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe

Berichts-ID:

Error: (08/31/2014 03:41:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2014 03:24:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2014 03:23:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CLIStart.exe, Version: 3.5.0.0, Zeitstempel: 0x50d21fc3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001c4909
ID des fehlerhaften Prozesses: 0xe74
Startzeit der fehlerhaften Anwendung: 0xCLIStart.exe0
Pfad der fehlerhaften Anwendung: CLIStart.exe1
Pfad des fehlerhaften Moduls: CLIStart.exe2
Berichtskennung: CLIStart.exe3

Error: (08/31/2014 03:05:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2014 02:00:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 09:06:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm bf4.exe, Version 1.3.2.3825 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1fd4

Startzeit: 01cfc09745192f1f

Endzeit: 825

Anwendungspfad: C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe

Berichts-ID:

Error: (08/25/2014 04:13:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec4aa8e
Ausnahmecode: 0xc0000024
Fehleroffset: 0x00000000000cd7d8
ID des fehlerhaften Prozesses: 0x1d54
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (08/25/2014 02:06:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/01/2014 02:37:26 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (09/01/2014 02:29:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/31/2014 04:06:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/31/2014 03:39:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/31/2014 03:23:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/31/2014 03:03:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/31/2014 01:58:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/25/2014 02:04:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/25/2014 01:09:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/24/2014 08:29:34 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.


Microsoft Office Sessions:
=========================
Error: (09/01/2014 02:30:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2014 06:36:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: bf4.exe1.3.2.382540401cfc533824b5e461482C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe

Error: (08/31/2014 03:41:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2014 03:24:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2014 03:23:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CLIStart.exe3.5.0.050d21fc3unknown0.0.0.000000000c0000005001c4909e7401cfc51ecec4dea1C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exeunknown0d81b0b9-3112-11e4-88a1-9dc4165e5560

Error: (08/31/2014 03:05:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/31/2014 02:00:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/25/2014 09:06:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: bf4.exe1.3.2.38251fd401cfc09745192f1f825C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe

Error: (08/25/2014 04:13:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.177254ec4aa8ec000002400000000000cd7d81d5401cfc05f2919e62aC:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll0ae117a8-2c62-11e4-bc23-93670617f76c

Error: (08/25/2014 02:06:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: AMD FX(tm)-6100 Six-Core Processor 
Percentage of memory in use: 30%
Total physical RAM: 8138.43 MB
Available physical RAM: 5630.15 MB
Total Pagefile: 16276.87 MB
Available Pagefile: 13270.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:219.16 GB) NTFS
Drive d: (Risen3) (CDROM) (Total:6.77 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3F65C7BF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
und das GMER log im Anhang da es zu viel geworden wäre

Alt 01.09.2014, 15:17   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher - Standard

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 01.09.2014, 15:35   #3
Batzke95
 
Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher - Standard

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher



Erstmal vielen Dank für die schnelle Antwort.
Ich habe den Scan wie beschrieben ausgeführt und es gab einen Treffer.
anschließen habe ich skip ausgewählt und fortgesetzt, jedoch finde ich nun kein Verzeichnis für den TDSS und somit auch kein log.
__________________

Alt 01.09.2014, 15:47   #4
Batzke95
 
Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher - Standard

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher



ah ok ich hab den report gefunden
er ist im anhang weil er zu groß ist

Alt 02.09.2014, 09:57   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher - Standard

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.09.2014, 12:11   #6
Batzke95
 
Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher - Standard

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher



gut dann nochmal

Code:
ATTFilter
16:29:15.0074 0x1328  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
16:29:22.0003 0x1328  ============================================================
16:29:22.0003 0x1328  Current date / time: 2014/09/01 16:29:22.0003
16:29:22.0003 0x1328  SystemInfo:
16:29:22.0003 0x1328  
16:29:22.0003 0x1328  OS Version: 6.1.7601 ServicePack: 1.0
16:29:22.0003 0x1328  Product type: Workstation
16:29:22.0004 0x1328  ComputerName: KUNDEN-C2A4T6U6
16:29:22.0004 0x1328  UserName: Basti
16:29:22.0004 0x1328  Windows directory: C:\Windows
16:29:22.0004 0x1328  System windows directory: C:\Windows
16:29:22.0004 0x1328  Running under WOW64
16:29:22.0004 0x1328  Processor architecture: Intel x64
16:29:22.0004 0x1328  Number of processors: 6
16:29:22.0004 0x1328  Page size: 0x1000
16:29:22.0004 0x1328  Boot type: Normal boot
16:29:22.0004 0x1328  ============================================================
16:29:22.0103 0x1328  KLMD registered as C:\Windows\system32\drivers\37477633.sys
16:29:22.0374 0x1328  System UUID: {274326C4-A3C0-1F5E-987D-4B96D8B40664}
16:29:22.0785 0x1328  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:29:22.0804 0x1328  ============================================================
16:29:22.0804 0x1328  \Device\Harddisk0\DR0:
16:29:22.0805 0x1328  MBR partitions:
16:29:22.0805 0x1328  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:29:22.0805 0x1328  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
16:29:22.0805 0x1328  ============================================================
16:29:22.0831 0x1328  C: <-> \Device\Harddisk0\DR0\Partition2
16:29:22.0832 0x1328  ============================================================
16:29:22.0832 0x1328  Initialize success
16:29:22.0832 0x1328  ============================================================
16:29:57.0831 0x0d68  ============================================================
16:29:57.0831 0x0d68  Scan started
16:29:57.0831 0x0d68  Mode: Manual; SigCheck; TDLFS; 
16:29:57.0831 0x0d68  ============================================================
16:29:57.0831 0x0d68  KSN ping started
16:30:00.0565 0x0d68  KSN ping finished: true
16:30:01.0537 0x0d68  ================ Scan system memory ========================
16:30:01.0537 0x0d68  System memory - ok
16:30:01.0538 0x0d68  ================ Scan services =============================
16:30:01.0698 0x0d68  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:30:01.0782 0x0d68  1394ohci - ok
16:30:01.0860 0x0d68  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
16:30:01.0876 0x0d68  acedrv11 - ok
16:30:01.0909 0x0d68  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:30:01.0927 0x0d68  ACPI - ok
16:30:01.0942 0x0d68  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:30:02.0015 0x0d68  AcpiPmi - ok
16:30:02.0079 0x0d68  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:30:02.0089 0x0d68  AdobeARMservice - ok
16:30:02.0201 0x0d68  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:30:02.0214 0x0d68  AdobeFlashPlayerUpdateSvc - ok
16:30:02.0295 0x0d68  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:30:02.0317 0x0d68  adp94xx - ok
16:30:02.0347 0x0d68  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:30:02.0364 0x0d68  adpahci - ok
16:30:02.0385 0x0d68  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:30:02.0398 0x0d68  adpu320 - ok
16:30:02.0440 0x0d68  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:30:02.0491 0x0d68  AeLookupSvc - ok
16:30:02.0574 0x0d68  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\Windows\system32\drivers\afd.sys
16:30:02.0632 0x0d68  AFD - ok
16:30:02.0657 0x0d68  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:30:02.0667 0x0d68  agp440 - ok
16:30:02.0708 0x0d68  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:30:02.0764 0x0d68  ALG - ok
16:30:02.0783 0x0d68  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:30:02.0791 0x0d68  aliide - ok
16:30:02.0835 0x0d68  [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:30:02.0873 0x0d68  AMD External Events Utility - ok
16:30:02.0964 0x0d68  AMD FUEL Service - ok
16:30:02.0980 0x0d68  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:30:02.0989 0x0d68  amdide - ok
16:30:03.0016 0x0d68  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
16:30:03.0024 0x0d68  amdiox64 - ok
16:30:03.0041 0x0d68  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:30:03.0053 0x0d68  AmdK8 - ok
16:30:03.0369 0x0d68  [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:30:03.0748 0x0d68  amdkmdag - ok
16:30:03.0803 0x0d68  [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:30:03.0830 0x0d68  amdkmdap - ok
16:30:03.0848 0x0d68  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:30:03.0875 0x0d68  AmdPPM - ok
16:30:03.0928 0x0d68  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:30:03.0939 0x0d68  amdsata - ok
16:30:03.0959 0x0d68  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:30:03.0972 0x0d68  amdsbs - ok
16:30:03.0981 0x0d68  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:30:03.0989 0x0d68  amdxata - ok
16:30:04.0016 0x0d68  [ 2FBB00A7616106B95104574C6CD640C2, 06DE79B42EBBBBA01DAB289D4280E131D780066CD7E4499229CD5EB1E597A017 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
16:30:04.0025 0x0d68  amd_sata - ok
16:30:04.0035 0x0d68  [ 87D0D7645CB0D53220649BD5FE15D93E, 195B25BC640BE5D802F530FAA68D3325A6C076DE8A7E56833372C3B2B53B673B ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
16:30:04.0042 0x0d68  amd_xata - ok
16:30:04.0104 0x0d68  [ 9D267443B7CE8A29899B9C9FF9E846B8, D8775F01A5598DEC2B70F98FD5B7160CA56352DE81AB265B21B68BE234DD4E77 ] Ant App service C:\Program Files (x86)\Ant.com\File1 Package Manager\AppService.exe
16:30:04.0124 0x0d68  Ant App service - ok
16:30:04.0137 0x0d68  [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
16:30:04.0145 0x0d68  AODDriver4.2 - ok
16:30:04.0173 0x0d68  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
16:30:04.0221 0x0d68  AppID - ok
16:30:04.0250 0x0d68  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:30:04.0294 0x0d68  AppIDSvc - ok
16:30:04.0298 0x0d68  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\Windows\System32\appinfo.dll
16:30:04.0328 0x0d68  Appinfo - ok
16:30:04.0381 0x0d68  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:30:04.0389 0x0d68  Apple Mobile Device - ok
16:30:04.0406 0x0d68  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:30:04.0416 0x0d68  arc - ok
16:30:04.0431 0x0d68  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:30:04.0441 0x0d68  arcsas - ok
16:30:04.0471 0x0d68  [ 954950D11ADA98AC1B7EE3C770E4622C, D6D4700D7359AB84FB362305FBF2389B4EF51B4190EC2E0D4C7FEF80A06A0D0B ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
16:30:04.0495 0x0d68  asmthub3 - ok
16:30:04.0523 0x0d68  [ 01DBB05DB1DB95803E3C9F2B49AFE79C, 286310787F7EB7B237CB0082567BDA2F57D8F88C37015F6637FF6A6775CAA5AE ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
16:30:04.0561 0x0d68  asmtxhci - ok
16:30:04.0683 0x0d68  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:30:04.0691 0x0d68  aspnet_state - ok
16:30:04.0713 0x0d68  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:30:04.0763 0x0d68  AsyncMac - ok
16:30:04.0793 0x0d68  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:30:04.0801 0x0d68  atapi - ok
16:30:04.0833 0x0d68  [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:30:04.0882 0x0d68  AtiHDAudioService - ok
16:30:04.0920 0x0d68  [ 64F07381335E37C142F6D176705FFCA6, 8F7F633B891FE653D3298578897711A04E7B2B08E51CEE131C50102EFD45AC0E ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
16:30:04.0935 0x0d68  atksgt - ok
16:30:04.0987 0x0d68  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:30:05.0053 0x0d68  AudioEndpointBuilder - ok
16:30:05.0072 0x0d68  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:30:05.0118 0x0d68  AudioSrv - ok
16:30:05.0135 0x0d68  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:30:05.0170 0x0d68  AxInstSV - ok
16:30:05.0236 0x0d68  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:30:05.0287 0x0d68  b06bdrv - ok
16:30:05.0308 0x0d68  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:30:05.0326 0x0d68  b57nd60a - ok
16:30:05.0380 0x0d68  [ E49110A58A32E9450356686A95DD7763, 0C16196F48184907B92167AD6C4DA3A6039711AB99CB0D2D1BD37F935696303B ] BCMH43XX        C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
16:30:05.0407 0x0d68  BCMH43XX - ok
16:30:05.0414 0x0d68  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:30:05.0461 0x0d68  BDESVC - ok
16:30:05.0468 0x0d68  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:30:05.0497 0x0d68  Beep - ok
16:30:05.0538 0x0d68  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:30:05.0589 0x0d68  BFE - ok
16:30:05.0630 0x0d68  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:30:05.0705 0x0d68  BITS - ok
16:30:05.0739 0x0d68  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:30:05.0785 0x0d68  blbdrive - ok
16:30:05.0902 0x0d68  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:30:05.0920 0x0d68  Bonjour Service - ok
16:30:05.0958 0x0d68  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:30:06.0026 0x0d68  bowser - ok
16:30:06.0036 0x0d68  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:30:06.0062 0x0d68  BrFiltLo - ok
16:30:06.0082 0x0d68  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:30:06.0093 0x0d68  BrFiltUp - ok
16:30:06.0118 0x0d68  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:30:06.0152 0x0d68  Browser - ok
16:30:06.0168 0x0d68  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:30:06.0238 0x0d68  Brserid - ok
16:30:06.0260 0x0d68  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:30:06.0273 0x0d68  BrSerWdm - ok
16:30:06.0276 0x0d68  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:30:06.0309 0x0d68  BrUsbMdm - ok
16:30:06.0325 0x0d68  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:30:06.0335 0x0d68  BrUsbSer - ok
16:30:06.0392 0x0d68  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
16:30:06.0437 0x0d68  BthEnum - ok
16:30:06.0451 0x0d68  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:30:06.0465 0x0d68  BTHMODEM - ok
16:30:06.0517 0x0d68  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:30:06.0545 0x0d68  BthPan - ok
16:30:06.0587 0x0d68  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
16:30:06.0625 0x0d68  BTHPORT - ok
16:30:06.0669 0x0d68  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:30:06.0701 0x0d68  bthserv - ok
16:30:06.0714 0x0d68  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
16:30:06.0726 0x0d68  BTHUSB - ok
16:30:06.0764 0x0d68  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:30:06.0813 0x0d68  cdfs - ok
16:30:06.0837 0x0d68  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:30:06.0856 0x0d68  cdrom - ok
16:30:06.0861 0x0d68  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:30:06.0919 0x0d68  CertPropSvc - ok
16:30:06.0950 0x0d68  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:30:06.0963 0x0d68  circlass - ok
16:30:06.0988 0x0d68  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:30:07.0006 0x0d68  CLFS - ok
16:30:07.0105 0x0d68  [ 4642B5A3E0D2E61D08163DE95FC5B949, C1A502ED96EB4AF7FE8643AD139A0AAA5492583E6D83A3937443662CDD430FE4 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
16:30:07.0119 0x0d68  CLKMSVC10_9EC60124 - ok
16:30:07.0167 0x0d68  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:30:07.0176 0x0d68  clr_optimization_v2.0.50727_32 - ok
16:30:07.0207 0x0d68  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:30:07.0217 0x0d68  clr_optimization_v2.0.50727_64 - ok
16:30:07.0286 0x0d68  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:30:07.0296 0x0d68  clr_optimization_v4.0.30319_32 - ok
16:30:07.0308 0x0d68  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:30:07.0325 0x0d68  clr_optimization_v4.0.30319_64 - ok
16:30:07.0342 0x0d68  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:30:07.0352 0x0d68  CmBatt - ok
16:30:07.0370 0x0d68  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:30:07.0378 0x0d68  cmdide - ok
16:30:07.0409 0x0d68  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\Windows\system32\Drivers\cng.sys
16:30:07.0444 0x0d68  CNG - ok
16:30:07.0454 0x0d68  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:30:07.0463 0x0d68  Compbatt - ok
16:30:07.0476 0x0d68  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:30:07.0506 0x0d68  CompositeBus - ok
16:30:07.0522 0x0d68  COMSysApp - ok
16:30:07.0526 0x0d68  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:30:07.0536 0x0d68  crcdisk - ok
16:30:07.0558 0x0d68  [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:30:07.0595 0x0d68  CryptSvc - ok
16:30:07.0645 0x0d68  [ 580033E37BEB30E7176CAF46D8C282F3, 67B51B89E13831758486766357916592FB581FAFD27BD83DBAF4C658247C74D0 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:30:07.0730 0x0d68  CtClsFlt - ok
16:30:07.0756 0x0d68  [ C7259495924D21F1AFA26467D9F4DAE0, 7FF991D7FE660E7CAC682FC82B9C44EC38E267A0C3AAE0C4FAEE0853756AF5C8 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
16:30:07.0767 0x0d68  dc3d - ok
16:30:07.0801 0x0d68  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:30:07.0862 0x0d68  DcomLaunch - ok
16:30:07.0902 0x0d68  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:30:07.0941 0x0d68  defragsvc - ok
16:30:07.0961 0x0d68  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:30:08.0014 0x0d68  DfsC - ok
16:30:08.0049 0x0d68  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:30:08.0087 0x0d68  Dhcp - ok
16:30:08.0108 0x0d68  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:30:08.0158 0x0d68  discache - ok
16:30:08.0196 0x0d68  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:30:08.0206 0x0d68  Disk - ok
16:30:08.0247 0x0d68  DisplayFusionService - ok
16:30:08.0290 0x0d68  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:30:08.0327 0x0d68  Dnscache - ok
16:30:08.0374 0x0d68  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:30:08.0431 0x0d68  dot3svc - ok
16:30:08.0453 0x0d68  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:30:08.0506 0x0d68  DPS - ok
16:30:08.0539 0x0d68  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:30:08.0573 0x0d68  drmkaud - ok
16:30:08.0635 0x0d68  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:30:08.0650 0x0d68  dtsoftbus01 - ok
16:30:08.0698 0x0d68  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:30:08.0731 0x0d68  DXGKrnl - ok
16:30:08.0758 0x0d68  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:30:08.0795 0x0d68  EapHost - ok
16:30:08.0894 0x0d68  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:30:09.0027 0x0d68  ebdrv - ok
16:30:09.0074 0x0d68  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
16:30:09.0102 0x0d68  EFS - ok
16:30:09.0170 0x0d68  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:30:09.0211 0x0d68  ehRecvr - ok
16:30:09.0234 0x0d68  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:30:09.0269 0x0d68  ehSched - ok
16:30:09.0305 0x0d68  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:30:09.0329 0x0d68  elxstor - ok
16:30:09.0339 0x0d68  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:30:09.0363 0x0d68  ErrDev - ok
16:30:09.0394 0x0d68  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:30:09.0453 0x0d68  EventSystem - ok
16:30:09.0478 0x0d68  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:30:09.0514 0x0d68  exfat - ok
16:30:09.0528 0x0d68  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:30:09.0564 0x0d68  fastfat - ok
16:30:09.0602 0x0d68  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:30:09.0665 0x0d68  Fax - ok
16:30:09.0687 0x0d68  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:30:09.0698 0x0d68  fdc - ok
16:30:09.0707 0x0d68  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:30:09.0753 0x0d68  fdPHost - ok
16:30:09.0774 0x0d68  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:30:09.0828 0x0d68  FDResPub - ok
16:30:09.0847 0x0d68  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:30:09.0857 0x0d68  FileInfo - ok
16:30:09.0869 0x0d68  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:30:09.0916 0x0d68  Filetrace - ok
16:30:09.0920 0x0d68  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:30:09.0930 0x0d68  flpydisk - ok
16:30:09.0959 0x0d68  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:30:09.0975 0x0d68  FltMgr - ok
16:30:10.0029 0x0d68  [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache       C:\Windows\system32\FntCache.dll
16:30:10.0078 0x0d68  FontCache - ok
16:30:10.0140 0x0d68  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:30:10.0149 0x0d68  FontCache3.0.0.0 - ok
16:30:10.0154 0x0d68  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:30:10.0164 0x0d68  FsDepends - ok
16:30:10.0189 0x0d68  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:30:10.0197 0x0d68  Fs_Rec - ok
16:30:10.0214 0x0d68  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:30:10.0230 0x0d68  fvevol - ok
16:30:10.0249 0x0d68  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:30:10.0259 0x0d68  gagp30kx - ok
16:30:10.0275 0x0d68  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:30:10.0282 0x0d68  GEARAspiWDM - ok
16:30:10.0323 0x0d68  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:30:10.0376 0x0d68  gpsvc - ok
16:30:10.0424 0x0d68  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:30:10.0433 0x0d68  gupdate - ok
16:30:10.0455 0x0d68  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:30:10.0464 0x0d68  gupdatem - ok
16:30:10.0491 0x0d68  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
16:30:10.0498 0x0d68  hamachi - ok
16:30:10.0513 0x0d68  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:30:10.0574 0x0d68  hcw85cir - ok
16:30:10.0622 0x0d68  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:30:10.0659 0x0d68  HdAudAddService - ok
16:30:10.0688 0x0d68  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:30:10.0719 0x0d68  HDAudBus - ok
16:30:10.0736 0x0d68  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:30:10.0746 0x0d68  HidBatt - ok
16:30:10.0759 0x0d68  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:30:10.0773 0x0d68  HidBth - ok
16:30:10.0781 0x0d68  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:30:10.0793 0x0d68  HidIr - ok
16:30:10.0802 0x0d68  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:30:10.0854 0x0d68  hidserv - ok
16:30:10.0906 0x0d68  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:30:10.0916 0x0d68  HidUsb - ok
16:30:10.0930 0x0d68  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:30:10.0979 0x0d68  hkmsvc - ok
16:30:11.0003 0x0d68  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:30:11.0067 0x0d68  HomeGroupListener - ok
16:30:11.0088 0x0d68  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:30:11.0122 0x0d68  HomeGroupProvider - ok
16:30:11.0146 0x0d68  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:30:11.0156 0x0d68  HpSAMD - ok
16:30:11.0193 0x0d68  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:30:11.0258 0x0d68  HTTP - ok
16:30:11.0308 0x0d68  [ 8C7F1C56491A1CF8E32316052324D7F5, FFAB4953108A6E4F09AB34DC95DE3F3C8E50482C945928A8C9613CEB9669CA89 ] hugoio64        C:\Windows\system32\drivers\hugoio64.sys
16:30:11.0315 0x0d68  hugoio64 - ok
16:30:11.0332 0x0d68  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:30:11.0340 0x0d68  hwpolicy - ok
16:30:11.0364 0x0d68  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:30:11.0376 0x0d68  i8042prt - ok
16:30:11.0412 0x0d68  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:30:11.0431 0x0d68  iaStorV - ok
16:30:11.0483 0x0d68  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:30:11.0509 0x0d68  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
16:30:13.0972 0x0d68  Detect skipped due to KSN trusted
16:30:13.0972 0x0d68  IDriverT - ok
16:30:14.0021 0x0d68  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:30:14.0052 0x0d68  idsvc - ok
16:30:14.0074 0x0d68  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:30:14.0084 0x0d68  iirsp - ok
16:30:14.0126 0x0d68  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
16:30:14.0183 0x0d68  IKEEXT - ok
16:30:14.0281 0x0d68  [ 589B94A9B73A0E819FF873743A480834, 49FA8EC38F1C78F38F818CC28F2734802739247F0B89A971D65FDAF3110041A8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:30:14.0349 0x0d68  IntcAzAudAddService - ok
16:30:14.0357 0x0d68  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:30:14.0366 0x0d68  intelide - ok
16:30:14.0374 0x0d68  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:30:14.0403 0x0d68  intelppm - ok
16:30:14.0430 0x0d68  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:30:14.0481 0x0d68  IPBusEnum - ok
16:30:14.0486 0x0d68  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:30:14.0516 0x0d68  IpFilterDriver - ok
16:30:14.0558 0x0d68  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:30:14.0621 0x0d68  iphlpsvc - ok
16:30:14.0636 0x0d68  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:30:14.0668 0x0d68  IPMIDRV - ok
16:30:14.0712 0x0d68  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:30:14.0744 0x0d68  IPNAT - ok
16:30:14.0785 0x0d68  [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:30:14.0810 0x0d68  iPod Service - ok
16:30:14.0827 0x0d68  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:30:14.0858 0x0d68  IRENUM - ok
16:30:14.0883 0x0d68  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:30:14.0892 0x0d68  isapnp - ok
16:30:14.0914 0x0d68  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:30:14.0929 0x0d68  iScsiPrt - ok
16:30:14.0946 0x0d68  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:30:14.0955 0x0d68  kbdclass - ok
16:30:14.0975 0x0d68  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:30:15.0002 0x0d68  kbdhid - ok
16:30:15.0044 0x0d68  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
16:30:15.0054 0x0d68  KeyIso - ok
16:30:15.0079 0x0d68  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:30:15.0089 0x0d68  KSecDD - ok
16:30:15.0100 0x0d68  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:30:15.0112 0x0d68  KSecPkg - ok
16:30:15.0118 0x0d68  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:30:15.0169 0x0d68  ksthunk - ok
16:30:15.0194 0x0d68  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:30:15.0252 0x0d68  KtmRm - ok
16:30:15.0308 0x0d68  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:30:15.0359 0x0d68  LanmanServer - ok
16:30:15.0411 0x0d68  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:30:15.0461 0x0d68  LanmanWorkstation - ok
16:30:15.0532 0x0d68  [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
16:30:15.0541 0x0d68  lirsgt - ok
16:30:15.0557 0x0d68  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:30:15.0589 0x0d68  lltdio - ok
16:30:15.0610 0x0d68  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:30:15.0665 0x0d68  lltdsvc - ok
16:30:15.0690 0x0d68  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:30:15.0743 0x0d68  lmhosts - ok
16:30:15.0771 0x0d68  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:30:15.0783 0x0d68  LSI_FC - ok
16:30:15.0796 0x0d68  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:30:15.0808 0x0d68  LSI_SAS - ok
16:30:15.0848 0x0d68  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:30:15.0858 0x0d68  LSI_SAS2 - ok
16:30:15.0871 0x0d68  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:30:15.0883 0x0d68  LSI_SCSI - ok
16:30:15.0898 0x0d68  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:30:15.0948 0x0d68  luafv - ok
16:30:15.0976 0x0d68  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:30:15.0990 0x0d68  Mcx2Svc - ok
16:30:16.0000 0x0d68  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:30:16.0009 0x0d68  megasas - ok
16:30:16.0026 0x0d68  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:30:16.0042 0x0d68  MegaSR - ok
16:30:16.0060 0x0d68  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:30:16.0094 0x0d68  MMCSS - ok
16:30:16.0105 0x0d68  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:30:16.0137 0x0d68  Modem - ok
16:30:16.0166 0x0d68  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:30:16.0202 0x0d68  monitor - ok
16:30:16.0220 0x0d68  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:30:16.0230 0x0d68  mouclass - ok
16:30:16.0237 0x0d68  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:30:16.0260 0x0d68  mouhid - ok
16:30:16.0280 0x0d68  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:30:16.0290 0x0d68  mountmgr - ok
16:30:16.0297 0x0d68  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:30:16.0313 0x0d68  mpio - ok
16:30:16.0325 0x0d68  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:30:16.0358 0x0d68  mpsdrv - ok
16:30:16.0386 0x0d68  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:30:16.0441 0x0d68  MpsSvc - ok
16:30:16.0450 0x0d68  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:30:16.0487 0x0d68  MRxDAV - ok
16:30:16.0520 0x0d68  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:30:16.0593 0x0d68  mrxsmb - ok
16:30:16.0624 0x0d68  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:30:16.0642 0x0d68  mrxsmb10 - ok
16:30:16.0658 0x0d68  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:30:16.0670 0x0d68  mrxsmb20 - ok
16:30:16.0685 0x0d68  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:30:16.0694 0x0d68  msahci - ok
16:30:16.0713 0x0d68  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:30:16.0725 0x0d68  msdsm - ok
16:30:16.0736 0x0d68  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:30:16.0768 0x0d68  MSDTC - ok
16:30:16.0789 0x0d68  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:30:16.0834 0x0d68  Msfs - ok
16:30:16.0860 0x0d68  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:30:16.0889 0x0d68  mshidkmdf - ok
16:30:16.0899 0x0d68  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:30:16.0908 0x0d68  msisadrv - ok
16:30:16.0931 0x0d68  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:30:16.0965 0x0d68  MSiSCSI - ok
16:30:16.0968 0x0d68  msiserver - ok
16:30:16.0983 0x0d68  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:30:17.0028 0x0d68  MSKSSRV - ok
16:30:17.0048 0x0d68  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:30:17.0095 0x0d68  MSPCLOCK - ok
16:30:17.0114 0x0d68  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:30:17.0159 0x0d68  MSPQM - ok
16:30:17.0190 0x0d68  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:30:17.0208 0x0d68  MsRPC - ok
16:30:17.0218 0x0d68  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:30:17.0227 0x0d68  mssmbios - ok
16:30:17.0238 0x0d68  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:30:17.0267 0x0d68  MSTEE - ok
16:30:17.0279 0x0d68  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:30:17.0288 0x0d68  MTConfig - ok
16:30:17.0299 0x0d68  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:30:17.0308 0x0d68  Mup - ok
16:30:17.0340 0x0d68  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:30:17.0384 0x0d68  napagent - ok
16:30:17.0440 0x0d68  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:30:17.0481 0x0d68  NativeWifiP - ok
16:30:17.0543 0x0d68  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:30:17.0576 0x0d68  NDIS - ok
16:30:17.0587 0x0d68  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:30:17.0618 0x0d68  NdisCap - ok
16:30:17.0636 0x0d68  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:30:17.0667 0x0d68  NdisTapi - ok
16:30:17.0676 0x0d68  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:30:17.0721 0x0d68  Ndisuio - ok
16:30:17.0744 0x0d68  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:30:17.0809 0x0d68  NdisWan - ok
16:30:17.0828 0x0d68  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:30:17.0859 0x0d68  NDProxy - ok
16:30:17.0868 0x0d68  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:30:17.0919 0x0d68  NetBIOS - ok
16:30:17.0948 0x0d68  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:30:17.0983 0x0d68  NetBT - ok
16:30:17.0992 0x0d68  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
16:30:18.0001 0x0d68  Netlogon - ok
16:30:18.0028 0x0d68  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:30:18.0090 0x0d68  Netman - ok
16:30:18.0131 0x0d68  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:30:18.0142 0x0d68  NetMsmqActivator - ok
16:30:18.0161 0x0d68  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:30:18.0171 0x0d68  NetPipeActivator - ok
16:30:18.0195 0x0d68  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:30:18.0237 0x0d68  netprofm - ok
16:30:18.0242 0x0d68  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:30:18.0252 0x0d68  NetTcpActivator - ok
16:30:18.0257 0x0d68  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:30:18.0267 0x0d68  NetTcpPortSharing - ok
16:30:18.0279 0x0d68  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:30:18.0288 0x0d68  nfrd960 - ok
16:30:18.0308 0x0d68  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:30:18.0327 0x0d68  NlaSvc - ok
16:30:18.0334 0x0d68  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:30:18.0365 0x0d68  Npfs - ok
16:30:18.0385 0x0d68  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:30:18.0415 0x0d68  nsi - ok
16:30:18.0421 0x0d68  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:30:18.0465 0x0d68  nsiproxy - ok
16:30:18.0560 0x0d68  [ E453ACF4E7D44E5530B5D5F2B9CA8563, 85EEBCBB3187A21282619A0264C10E9E52EFE4387F3425D3D279EF460DA3AD06 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:30:18.0614 0x0d68  Ntfs - ok
16:30:18.0630 0x0d68  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:30:18.0680 0x0d68  Null - ok
16:30:18.0741 0x0d68  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:30:18.0753 0x0d68  nvraid - ok
16:30:18.0772 0x0d68  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:30:18.0785 0x0d68  nvstor - ok
16:30:18.0804 0x0d68  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:30:18.0816 0x0d68  nv_agp - ok
16:30:18.0830 0x0d68  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:30:18.0842 0x0d68  ohci1394 - ok
16:30:18.0877 0x0d68  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:30:18.0888 0x0d68  ose - ok
16:30:19.0061 0x0d68  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:30:19.0207 0x0d68  osppsvc - ok
16:30:19.0240 0x0d68  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:30:19.0294 0x0d68  p2pimsvc - ok
16:30:19.0321 0x0d68  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:30:19.0344 0x0d68  p2psvc - ok
16:30:19.0365 0x0d68  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:30:19.0393 0x0d68  Parport - ok
16:30:19.0421 0x0d68  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:30:19.0431 0x0d68  partmgr - ok
16:30:19.0443 0x0d68  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:30:19.0479 0x0d68  PcaSvc - ok
16:30:19.0501 0x0d68  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:30:19.0516 0x0d68  pci - ok
16:30:19.0531 0x0d68  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:30:19.0539 0x0d68  pciide - ok
16:30:19.0556 0x0d68  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:30:19.0570 0x0d68  pcmcia - ok
16:30:19.0581 0x0d68  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:30:19.0591 0x0d68  pcw - ok
16:30:19.0613 0x0d68  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:30:19.0662 0x0d68  PEAUTH - ok
16:30:19.0716 0x0d68  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:30:19.0742 0x0d68  PerfHost - ok
16:30:19.0803 0x0d68  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:30:19.0893 0x0d68  pla - ok
16:30:19.0943 0x0d68  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:30:19.0981 0x0d68  PlugPlay - ok
16:30:20.0063 0x0d68  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
16:30:20.0073 0x0d68  PnkBstrA - ok
16:30:20.0081 0x0d68  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:30:20.0092 0x0d68  PNRPAutoReg - ok
16:30:20.0102 0x0d68  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:30:20.0120 0x0d68  PNRPsvc - ok
16:30:20.0140 0x0d68  [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64         C:\Windows\system32\DRIVERS\point64.sys
16:30:20.0148 0x0d68  Point64 - ok
16:30:20.0199 0x0d68  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:30:20.0262 0x0d68  PolicyAgent - ok
16:30:20.0299 0x0d68  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:30:20.0352 0x0d68  Power - ok
16:30:20.0406 0x0d68  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:30:20.0453 0x0d68  PptpMiniport - ok
16:30:20.0478 0x0d68  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:30:20.0489 0x0d68  Processor - ok
16:30:20.0522 0x0d68  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:30:20.0579 0x0d68  ProfSvc - ok
16:30:20.0591 0x0d68  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:30:20.0601 0x0d68  ProtectedStorage - ok
16:30:20.0628 0x0d68  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:30:20.0676 0x0d68  Psched - ok
16:30:20.0732 0x0d68  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:30:20.0782 0x0d68  ql2300 - ok
16:30:20.0790 0x0d68  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:30:20.0802 0x0d68  ql40xx - ok
16:30:20.0838 0x0d68  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:30:20.0860 0x0d68  QWAVE - ok
16:30:20.0869 0x0d68  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:30:20.0884 0x0d68  QWAVEdrv - ok
16:30:20.0898 0x0d68  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:30:20.0928 0x0d68  RasAcd - ok
16:30:20.0993 0x0d68  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:30:21.0023 0x0d68  RasAgileVpn - ok
16:30:21.0029 0x0d68  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:30:21.0082 0x0d68  RasAuto - ok
16:30:21.0109 0x0d68  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:30:21.0156 0x0d68  Rasl2tp - ok
16:30:21.0187 0x0d68  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:30:21.0226 0x0d68  RasMan - ok
16:30:21.0242 0x0d68  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:30:21.0287 0x0d68  RasPppoe - ok
16:30:21.0311 0x0d68  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:30:21.0342 0x0d68  RasSstp - ok
16:30:21.0359 0x0d68  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:30:21.0396 0x0d68  rdbss - ok
16:30:21.0407 0x0d68  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:30:21.0439 0x0d68  rdpbus - ok
16:30:21.0461 0x0d68  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:30:21.0512 0x0d68  RDPCDD - ok
16:30:21.0545 0x0d68  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:30:21.0592 0x0d68  RDPENCDD - ok
16:30:21.0648 0x0d68  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:30:21.0677 0x0d68  RDPREFMP - ok
16:30:21.0707 0x0d68  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:30:21.0758 0x0d68  RDPWD - ok
16:30:21.0772 0x0d68  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:30:21.0786 0x0d68  rdyboost - ok
16:30:21.0810 0x0d68  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:30:21.0842 0x0d68  RemoteAccess - ok
16:30:21.0849 0x0d68  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:30:21.0897 0x0d68  RemoteRegistry - ok
16:30:21.0940 0x0d68  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:30:21.0956 0x0d68  RFCOMM - ok
16:30:22.0022 0x0d68  [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
16:30:22.0034 0x0d68  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
16:30:24.0497 0x0d68  Detect skipped due to KSN trusted
16:30:24.0497 0x0d68  RichVideo - ok
16:30:24.0516 0x0d68  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:30:24.0548 0x0d68  RpcEptMapper - ok
16:30:24.0559 0x0d68  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:30:24.0591 0x0d68  RpcLocator - ok
16:30:24.0625 0x0d68  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:30:24.0667 0x0d68  RpcSs - ok
16:30:24.0691 0x0d68  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:30:24.0722 0x0d68  rspndr - ok
16:30:24.0770 0x0d68  [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:30:24.0789 0x0d68  RTL8167 - ok
16:30:24.0805 0x0d68  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
16:30:24.0815 0x0d68  SamSs - ok
16:30:24.0829 0x0d68  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:30:24.0840 0x0d68  sbp2port - ok
16:30:24.0855 0x0d68  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:30:24.0892 0x0d68  SCardSvr - ok
16:30:24.0903 0x0d68  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:30:24.0946 0x0d68  scfilter - ok
16:30:24.0998 0x0d68  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:30:25.0061 0x0d68  Schedule - ok
16:30:25.0083 0x0d68  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:30:25.0112 0x0d68  SCPolicySvc - ok
16:30:25.0121 0x0d68  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:30:25.0168 0x0d68  SDRSVC - ok
16:30:25.0172 0x0d68  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:30:25.0201 0x0d68  secdrv - ok
16:30:25.0206 0x0d68  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:30:25.0235 0x0d68  seclogon - ok
16:30:25.0258 0x0d68  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:30:25.0290 0x0d68  SENS - ok
16:30:25.0301 0x0d68  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:30:25.0347 0x0d68  SensrSvc - ok
16:30:25.0372 0x0d68  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:30:25.0398 0x0d68  Serenum - ok
16:30:25.0428 0x0d68  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:30:25.0459 0x0d68  Serial - ok
16:30:25.0477 0x0d68  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:30:25.0506 0x0d68  sermouse - ok
16:30:25.0516 0x0d68  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:30:25.0554 0x0d68  SessionEnv - ok
16:30:25.0576 0x0d68  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:30:25.0588 0x0d68  sffdisk - ok
16:30:25.0599 0x0d68  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:30:25.0611 0x0d68  sffp_mmc - ok
16:30:25.0614 0x0d68  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:30:25.0641 0x0d68  sffp_sd - ok
16:30:25.0664 0x0d68  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:30:25.0674 0x0d68  sfloppy - ok
16:30:25.0704 0x0d68  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:30:25.0761 0x0d68  SharedAccess - ok
16:30:25.0789 0x0d68  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:30:25.0830 0x0d68  ShellHWDetection - ok
16:30:25.0834 0x0d68  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:30:25.0844 0x0d68  SiSRaid2 - ok
16:30:25.0849 0x0d68  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:30:25.0859 0x0d68  SiSRaid4 - ok
16:30:25.0875 0x0d68  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:30:25.0889 0x0d68  SkypeUpdate - ok
16:30:25.0909 0x0d68  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:30:25.0941 0x0d68  Smb - ok
16:30:25.0961 0x0d68  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:30:25.0971 0x0d68  SNMPTRAP - ok
16:30:25.0975 0x0d68  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:30:25.0983 0x0d68  spldr - ok
16:30:26.0015 0x0d68  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:30:26.0046 0x0d68  Spooler - ok
16:30:26.0154 0x0d68  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:30:26.0281 0x0d68  sppsvc - ok
16:30:26.0300 0x0d68  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:30:26.0332 0x0d68  sppuinotify - ok
16:30:26.0358 0x0d68  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:30:26.0390 0x0d68  srv - ok
16:30:26.0419 0x0d68  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:30:26.0458 0x0d68  srv2 - ok
16:30:26.0484 0x0d68  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:30:26.0497 0x0d68  srvnet - ok
16:30:26.0515 0x0d68  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:30:26.0550 0x0d68  SSDPSRV - ok
16:30:26.0558 0x0d68  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:30:26.0589 0x0d68  SstpSvc - ok
16:30:26.0641 0x0d68  [ B5C26A6A92C9A6CD64399D2B06D29464, 6CAF09892D4C516361125AAF5387D5BF306EC26133EE45DBBC35C8B6190BAD24 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:30:26.0670 0x0d68  Steam Client Service - ok
16:30:26.0693 0x0d68  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:30:26.0702 0x0d68  stexstor - ok
16:30:26.0746 0x0d68  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:30:26.0778 0x0d68  stisvc - ok
16:30:26.0791 0x0d68  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:30:26.0799 0x0d68  swenum - ok
16:30:26.0826 0x0d68  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:30:26.0887 0x0d68  swprv - ok
16:30:26.0956 0x0d68  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:30:27.0043 0x0d68  SysMain - ok
16:30:27.0066 0x0d68  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:30:27.0105 0x0d68  TabletInputService - ok
16:30:27.0137 0x0d68  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:30:27.0198 0x0d68  TapiSrv - ok
16:30:27.0210 0x0d68  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:30:27.0241 0x0d68  TBS - ok
16:30:27.0313 0x0d68  [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:30:27.0374 0x0d68  Tcpip - ok
16:30:27.0433 0x0d68  [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:30:27.0487 0x0d68  TCPIP6 - ok
16:30:27.0507 0x0d68  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:30:27.0517 0x0d68  tcpipreg - ok
16:30:27.0534 0x0d68  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:30:27.0575 0x0d68  TDPIPE - ok
16:30:27.0588 0x0d68  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:30:27.0615 0x0d68  TDTCP - ok
16:30:27.0641 0x0d68  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:30:27.0673 0x0d68  tdx - ok
16:30:27.0685 0x0d68  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:30:27.0694 0x0d68  TermDD - ok
16:30:27.0725 0x0d68  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
16:30:27.0776 0x0d68  TermService - ok
16:30:27.0790 0x0d68  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:30:27.0805 0x0d68  Themes - ok
16:30:27.0824 0x0d68  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:30:27.0855 0x0d68  THREADORDER - ok
16:30:27.0864 0x0d68  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:30:27.0916 0x0d68  TrkWks - ok
16:30:27.0976 0x0d68  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:30:28.0010 0x0d68  TrustedInstaller - ok
16:30:28.0026 0x0d68  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:30:28.0072 0x0d68  tssecsrv - ok
16:30:28.0106 0x0d68  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:30:28.0122 0x0d68  TsUsbFlt - ok
16:30:28.0133 0x0d68  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:30:28.0159 0x0d68  TsUsbGD - ok
16:30:28.0198 0x0d68  tswNT - ok
16:30:28.0211 0x0d68  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:30:28.0258 0x0d68  tunnel - ok
16:30:28.0263 0x0d68  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:30:28.0273 0x0d68  uagp35 - ok
16:30:28.0296 0x0d68  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:30:28.0333 0x0d68  udfs - ok
16:30:28.0347 0x0d68  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:30:28.0378 0x0d68  UI0Detect - ok
16:30:28.0402 0x0d68  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:30:28.0412 0x0d68  uliagpkx - ok
16:30:28.0431 0x0d68  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:30:28.0462 0x0d68  umbus - ok
16:30:28.0482 0x0d68  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:30:28.0505 0x0d68  UmPass - ok
16:30:28.0534 0x0d68  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:30:28.0592 0x0d68  upnphost - ok
16:30:28.0633 0x0d68  [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:30:28.0643 0x0d68  USBAAPL64 - ok
16:30:28.0682 0x0d68  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:30:28.0715 0x0d68  usbaudio - ok
16:30:28.0749 0x0d68  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:30:28.0761 0x0d68  usbccgp - ok
16:30:28.0791 0x0d68  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:30:28.0805 0x0d68  usbcir - ok
16:30:28.0825 0x0d68  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:30:28.0854 0x0d68  usbehci - ok
16:30:28.0893 0x0d68  [ 573D192E268F0C5B486B7E96F661E538, 0F32BD82CA7B5D4DE234EFC6527EF4C854BD15B3057FE4A0151C70115493FFDC ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
16:30:28.0901 0x0d68  usbfilter - ok
16:30:28.0931 0x0d68  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:30:28.0948 0x0d68  usbhub - ok
16:30:28.0961 0x0d68  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:30:28.0988 0x0d68  usbohci - ok
16:30:29.0010 0x0d68  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:30:29.0043 0x0d68  usbprint - ok
16:30:29.0074 0x0d68  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:30:29.0126 0x0d68  USBSTOR - ok
16:30:29.0143 0x0d68  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:30:29.0169 0x0d68  usbuhci - ok
16:30:29.0210 0x0d68  [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
16:30:29.0262 0x0d68  usb_rndisx - ok
16:30:29.0278 0x0d68  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:30:29.0329 0x0d68  UxSms - ok
16:30:29.0374 0x0d68  [ 34AF631F8D8BDBE77E7FBD99FF147D3F, B767E46330C27F3C6BDF3E1EC363B8BE702B7B3CC793698B829460EAA2426EE1 ] V0640Vid        C:\Windows\system32\DRIVERS\V0640Vid.sys
16:30:29.0422 0x0d68  V0640Vid - ok
         

Alt 02.09.2014, 12:13   #7
Batzke95
 
Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher - Standard

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher



Code:
ATTFilter
16:30:29.0433 0x0d68  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
16:30:29.0443 0x0d68  VaultSvc - ok
16:30:29.0452 0x0d68  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:30:29.0461 0x0d68  vdrvroot - ok
16:30:29.0481 0x0d68  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:30:29.0527 0x0d68  vds - ok
16:30:29.0550 0x0d68  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:30:29.0563 0x0d68  vga - ok
16:30:29.0574 0x0d68  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:30:29.0625 0x0d68  VgaSave - ok
16:30:29.0650 0x0d68  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:30:29.0664 0x0d68  vhdmp - ok
16:30:29.0678 0x0d68  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:30:29.0687 0x0d68  viaide - ok
16:30:29.0694 0x0d68  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:30:29.0704 0x0d68  volmgr - ok
16:30:29.0727 0x0d68  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:30:29.0745 0x0d68  volmgrx - ok
16:30:29.0767 0x0d68  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:30:29.0783 0x0d68  volsnap - ok
16:30:29.0800 0x0d68  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:30:29.0814 0x0d68  vsmraid - ok
16:30:29.0869 0x0d68  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:30:29.0970 0x0d68  VSS - ok
16:30:29.0994 0x0d68  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:30:30.0020 0x0d68  vwifibus - ok
16:30:30.0053 0x0d68  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:30:30.0086 0x0d68  vwififlt - ok
16:30:30.0112 0x0d68  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:30:30.0143 0x0d68  vwifimp - ok
16:30:30.0173 0x0d68  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:30:30.0214 0x0d68  W32Time - ok
16:30:30.0226 0x0d68  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:30:30.0254 0x0d68  WacomPen - ok
16:30:30.0291 0x0d68  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:30:30.0338 0x0d68  WANARP - ok
16:30:30.0343 0x0d68  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:30:30.0373 0x0d68  Wanarpv6 - ok
16:30:30.0441 0x0d68  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:30:30.0535 0x0d68  wbengine - ok
16:30:30.0554 0x0d68  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:30:30.0574 0x0d68  WbioSrvc - ok
16:30:30.0586 0x0d68  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:30:30.0612 0x0d68  wcncsvc - ok
16:30:30.0623 0x0d68  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:30:30.0652 0x0d68  WcsPlugInService - ok
16:30:30.0655 0x0d68  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:30:30.0664 0x0d68  Wd - ok
16:30:30.0710 0x0d68  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:30:30.0741 0x0d68  Wdf01000 - ok
16:30:30.0757 0x0d68  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:30:30.0789 0x0d68  WdiServiceHost - ok
16:30:30.0793 0x0d68  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:30:30.0810 0x0d68  WdiSystemHost - ok
16:30:30.0835 0x0d68  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
16:30:30.0878 0x0d68  WebClient - ok
16:30:30.0887 0x0d68  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:30:30.0930 0x0d68  Wecsvc - ok
16:30:30.0951 0x0d68  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:30:30.0983 0x0d68  wercplsupport - ok
16:30:30.0991 0x0d68  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:30:31.0023 0x0d68  WerSvc - ok
16:30:31.0027 0x0d68  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:30:31.0055 0x0d68  WfpLwf - ok
16:30:31.0068 0x0d68  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:30:31.0076 0x0d68  WIMMount - ok
16:30:31.0107 0x0d68  WinDefend - ok
16:30:31.0112 0x0d68  WinHttpAutoProxySvc - ok
16:30:31.0164 0x0d68  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:30:31.0201 0x0d68  Winmgmt - ok
16:30:31.0258 0x0d68  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:30:31.0351 0x0d68  WinRM - ok
16:30:31.0393 0x0d68  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:30:31.0407 0x0d68  WinUsb - ok
16:30:31.0460 0x0d68  [ 0F695800783C3F9E577B94BF1E71D95A, EA10AA7D61167ED0AB5C741C42DAA32A4906C46F85D593D4ED00656318451DE4 ] WLANBelkinService C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
16:30:31.0484 0x0d68  WLANBelkinService - detected UnsignedFile.Multi.Generic ( 1 )
16:30:33.0949 0x0d68  Detect skipped due to KSN trusted
16:30:33.0949 0x0d68  WLANBelkinService - ok
16:30:33.0991 0x0d68  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:30:34.0053 0x0d68  Wlansvc - ok
16:30:34.0077 0x0d68  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:30:34.0108 0x0d68  WmiAcpi - ok
16:30:34.0139 0x0d68  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:30:34.0171 0x0d68  wmiApSrv - ok
16:30:34.0194 0x0d68  WMPNetworkSvc - ok
16:30:34.0215 0x0d68  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:30:34.0234 0x0d68  WPCSvc - ok
16:30:34.0243 0x0d68  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:30:34.0257 0x0d68  WPDBusEnum - ok
16:30:34.0265 0x0d68  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:30:34.0295 0x0d68  ws2ifsl - ok
16:30:34.0331 0x0d68  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:30:34.0369 0x0d68  wscsvc - ok
16:30:34.0372 0x0d68  WSearch - ok
16:30:34.0466 0x0d68  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:30:34.0557 0x0d68  wuauserv - ok
16:30:34.0591 0x0d68  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:30:34.0635 0x0d68  WudfPf - ok
16:30:34.0652 0x0d68  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:30:34.0685 0x0d68  WUDFRd - ok
16:30:34.0719 0x0d68  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:30:34.0731 0x0d68  wudfsvc - ok
16:30:34.0748 0x0d68  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:30:34.0790 0x0d68  WwanSvc - ok
16:30:34.0833 0x0d68  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
16:30:34.0847 0x0d68  xusb21 - ok
16:30:34.0956 0x0d68  ================ Scan global ===============================
16:30:34.0976 0x0d68  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:30:35.0002 0x0d68  [ 9E479C2B605C25DA4971ABA36250FAEF, 1D1D5CE908A6B17CDFA257A46121D7C938B56277B0F5256FBA29DF93352EAA3D ] C:\Windows\system32\winsrv.dll
16:30:35.0015 0x0d68  [ 9E479C2B605C25DA4971ABA36250FAEF, 1D1D5CE908A6B17CDFA257A46121D7C938B56277B0F5256FBA29DF93352EAA3D ] C:\Windows\system32\winsrv.dll
16:30:35.0040 0x0d68  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:30:35.0065 0x0d68  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:30:35.0073 0x0d68  [ Global ] - ok
16:30:35.0073 0x0d68  ================ Scan MBR ==================================
16:30:35.0082 0x0d68  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:30:35.0308 0x0d68  \Device\Harddisk0\DR0 - ok
16:30:35.0309 0x0d68  ================ Scan VBR ==================================
16:30:35.0315 0x0d68  [ 9610C77DA5E23C3AECA92E2D52FABC7A ] \Device\Harddisk0\DR0\Partition1
16:30:35.0350 0x0d68  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
16:30:35.0350 0x0d68  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
16:30:37.0759 0x0d68  [ 9E1977327432C5762A805BF11DC23C78 ] \Device\Harddisk0\DR0\Partition2
16:30:37.0790 0x0d68  \Device\Harddisk0\DR0\Partition2 - ok
16:30:37.0791 0x0d68  ================ Scan generic autorun ======================
16:30:37.0914 0x0d68  [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
16:30:37.0984 0x0d68  IntelliPoint - ok
16:30:38.0315 0x0d68  [ FBDF607ED7EF0467639DB501E1FD938C, 040528158D85D13122DB043144A982D6DC8744E75D140DB17A9BA5B93DC6B74D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:30:38.0644 0x0d68  RtHDVCpl - ok
16:30:38.0666 0x0d68  G Data AntiVirus Tray Application - ok
16:30:38.0667 0x0d68  GDFirewallTray - ok
16:30:38.0734 0x0d68  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:30:38.0766 0x0d68  Adobe ARM - ok
16:30:38.0810 0x0d68  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
16:30:38.0818 0x0d68  APSDaemon - ok
16:30:38.0864 0x0d68  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
16:30:38.0875 0x0d68  UpdateLBPShortCut - ok
16:30:38.0914 0x0d68  [ CD1E74BC24CB1D1544406741F46F4D61, 658529854926471AE413D8A365C8E6500AEBDC33A562607DAB185F1571A5524B ] C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe
16:30:38.0925 0x0d68  MDS_Menu - ok
16:30:38.0960 0x0d68  [ 572024F59132BC3A2AC5E60A6C48D31E, 8BC1BA9BAB555DDF246100A511E9B54FB790F0F871868DCB54B0F83AA9E7306B ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
16:30:38.0968 0x0d68  CLMLServer - ok
16:30:39.0008 0x0d68  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
16:30:39.0020 0x0d68  UpdateP2GoShortCut - ok
16:30:39.0041 0x0d68  [ 54986909FA8EB661E0B3BF258935588D, CF42472CD6F5D96F2A37C6B1E752E8AA622B045AC9D4C2AFAF9EC1605BCEDEA9 ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
16:30:39.0049 0x0d68  RemoteControl9 - ok
16:30:39.0061 0x0d68  [ E347862038C50FE3A5023D785C80B3E5, 6DC25B56FCD097ECE7A18859B7F6A14BC52ED09AD0C7481689FEB8DDC47F1075 ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
16:30:39.0069 0x0d68  BDRegion - ok
16:30:39.0121 0x0d68  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
16:30:39.0132 0x0d68  UpdatePPShortCut - ok
16:30:39.0173 0x0d68  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
16:30:39.0184 0x0d68  UCam_Menu - ok
16:30:39.0211 0x0d68  [ 9D56299FA5C9B3D9E67FF3ACB301139F, 202A0542BEA33C5F78A406EF9479EB7BD42FCBEAC9F49F38F6ECC48554117811 ] C:\Program Files (x86)\lg_fwupdate\lgfw.exe
16:30:39.0219 0x0d68  LGODDFU - ok
16:30:39.0260 0x0d68  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe
16:30:39.0272 0x0d68  UpdatePSTShortCut - ok
16:30:39.0343 0x0d68  [ 4452B3D4116EC5F81ACF33A80F264473, 8C7037DFCCB5165385DF67082E5183A3155574773B15C2FAB811F31C93D3325E ] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe
16:30:39.0359 0x0d68  Live! Central 2 - detected UnsignedFile.Multi.Generic ( 1 )
16:30:41.0826 0x0d68  Detect skipped due to KSN trusted
16:30:41.0826 0x0d68  Live! Central 2 - ok
16:30:41.0838 0x0d68  [ 4791A9FFA41B6744B4B5C9C6572E4EBB, 67B52BDA297F95570EAA4B0C7F0FAFBAC2FB4A69603EB45E712086D26A47379B ] C:\Windows\V0640Mon.exe
16:30:41.0868 0x0d68  V0640Mon.exe - ok
16:30:41.0925 0x0d68  [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
16:30:41.0936 0x0d68  iTunesHelper - ok
16:30:41.0987 0x0d68  [ 8DDA2B606279753601F9415DA503CA63, 2C9AD8218E150B6D50817991377ED3230A1672EFBD7AE29D0CD9E55E2418C800 ] C:\Program Files (x86)\QuickTime\QTTask.exe
16:30:42.0028 0x0d68  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
16:30:44.0491 0x0d68  Detect skipped due to KSN trusted
16:30:44.0491 0x0d68  QuickTime Task - ok
16:30:44.0544 0x0d68  [ 4CB7CEE3F7540B0BEDBD158D75F06509, 73348467A976AF06928B402E12A622BB1B5BD8BB2AC6446117E1FD1EEAFED217 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:30:44.0568 0x0d68  StartCCC - ok
16:30:44.0610 0x0d68  [ 5E7601CCBC2A98A4457E50612E0AEE73, 3F5FDCF1BEC5B134433F62ADD5C2931F700F2B7CBEDB0A98EF1362BF6E9FAC03 ] C:\Program Files (x86)\Drakonia Configurator\hid.exe
16:30:44.0620 0x0d68  GamingMouse - detected UnsignedFile.Multi.Generic ( 1 )
16:30:47.0079 0x0d68  Detect skipped due to KSN trusted
16:30:47.0079 0x0d68  GamingMouse - ok
16:30:47.0150 0x0d68  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:30:47.0210 0x0d68  Sidebar - ok
16:30:47.0235 0x0d68  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:30:47.0253 0x0d68  mctadmin - ok
16:30:47.0283 0x0d68  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:30:47.0323 0x0d68  Sidebar - ok
16:30:47.0330 0x0d68  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:30:47.0346 0x0d68  mctadmin - ok
16:30:47.0433 0x0d68  [ AFD67CED4279C1FBA095F1603D18E59F, 0F4E580D5F13EA0198D32D29A8500E193B18F266CCF354778032CAFD496337E1 ] C:\Program Files (x86)\Steam\steam.exe
16:30:47.0483 0x0d68  Steam - ok
16:30:47.0540 0x0d68  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:30:47.0613 0x0d68  Sidebar - ok
16:30:47.0616 0x0d68  LightScribe Control Panel - ok
16:30:47.0691 0x0d68  [ 026FCF998F9C5986BB31DA44FB571BBF, 4163733DCB9721B5C8FF0BFF66AE22AB9B886622B8FD992D0AF1963BCFCAFE3C ] C:\Users\Basti\Desktop\Isos uns Setups\WinRemoteService_v1.2.9_portable\Windows Remote Service\WindowsRemoteService.exe
16:30:47.0717 0x0d68  Windows Remote Service - detected UnsignedFile.Multi.Generic ( 1 )
16:30:50.0182 0x0d68  Detect skipped due to KSN trusted
16:30:50.0182 0x0d68  Windows Remote Service - ok
16:30:50.0752 0x0d68  [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
16:30:51.0264 0x0d68  Skype - ok
16:30:51.0328 0x0d68  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
16:30:51.0382 0x0d68  RESTART_STICKY_NOTES - ok
16:30:51.0559 0x0d68  [ 978B3D42B75CAF33553577E78E612709, 4B999342B616A7566F198F937A6B5E81BC7F9D2155CE8238D58239B5CD8BFDCE ] C:\Program Files (x86)\Origin\Origin.exe
16:30:51.0649 0x0d68  EADM - ok
16:30:51.0655 0x0d68  LightScribe Control Panel - ok
16:30:51.0723 0x0d68  [ AFD67CED4279C1FBA095F1603D18E59F, 0F4E580D5F13EA0198D32D29A8500E193B18F266CCF354778032CAFD496337E1 ] C:\Program Files (x86)\Steam\steam.exe
16:30:51.0773 0x0d68  Steam - ok
16:30:52.0333 0x0d68  [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
16:30:52.0845 0x0d68  Skype - ok
16:30:52.0932 0x0d68  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:30:52.0979 0x0d68  Sidebar - ok
16:30:53.0111 0x0d68  [ DC34596BFCF0BD472AA1D48449D8A7DF, B1A1AD8A72D585525CC4FEA4984EAD0AC0077640D2A4CF478BAA10BA3F08711A ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
16:30:53.0218 0x0d68  DAEMON Tools Lite - ok
16:30:53.0232 0x0d68  Pando Media Booster - ok
16:30:53.0257 0x0d68  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
16:30:53.0278 0x0d68  RESTART_STICKY_NOTES - ok
16:30:53.0355 0x0d68  [ 862753AE696BD34EFCCB2A422E273C08, 5FA9423D35A236FACCE5A2AC5B7F50570804796E178EC0F79A412F41710D612B ] C:\Users\Basti\AppData\Local\Temp\CTPBSeq.exe
16:30:53.0360 0x0d68  CTPostBootSequencer - detected UnsignedFile.Multi.Generic ( 1 )
16:30:55.0822 0x0d68  Detect skipped due to KSN trusted
16:30:55.0822 0x0d68  CTPostBootSequencer - ok
16:30:55.0822 0x0d68  Waiting for KSN requests completion. In queue: 6
16:30:56.0822 0x0d68  Waiting for KSN requests completion. In queue: 6
16:30:57.0822 0x0d68  Waiting for KSN requests completion. In queue: 6
16:30:58.0845 0x0d68  Win FW state via NFP2: enabled
16:31:01.0266 0x0d68  ============================================================
16:31:01.0266 0x0d68  Scan finished
16:31:01.0266 0x0d68  ============================================================
16:31:01.0273 0x12a8  Detected object count: 1
16:31:01.0273 0x12a8  Actual detected object count: 1
16:31:17.0621 0x12a8  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
16:31:17.0621 0x12a8  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip 
16:36:05.0770 0x0ac8  ============================================================
16:36:05.0770 0x0ac8  Scan started
16:36:05.0770 0x0ac8  Mode: Manual; SigCheck; TDLFS; 
16:36:05.0770 0x0ac8  ============================================================
16:36:05.0770 0x0ac8  KSN ping started
16:36:08.0261 0x0ac8  KSN ping finished: true
16:36:08.0688 0x0ac8  ================ Scan system memory ========================
16:36:08.0688 0x0ac8  System memory - ok
16:36:08.0688 0x0ac8  ================ Scan services =============================
16:36:08.0793 0x0ac8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:36:08.0816 0x0ac8  1394ohci - ok
16:36:08.0856 0x0ac8  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
16:36:08.0869 0x0ac8  acedrv11 - ok
16:36:08.0897 0x0ac8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:36:08.0913 0x0ac8  ACPI - ok
16:36:08.0929 0x0ac8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:36:08.0941 0x0ac8  AcpiPmi - ok
16:36:09.0000 0x0ac8  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:36:09.0010 0x0ac8  AdobeARMservice - ok
16:36:09.0080 0x0ac8  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:36:09.0093 0x0ac8  AdobeFlashPlayerUpdateSvc - ok
16:36:09.0125 0x0ac8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:36:09.0144 0x0ac8  adp94xx - ok
16:36:09.0177 0x0ac8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:36:09.0192 0x0ac8  adpahci - ok
16:36:09.0215 0x0ac8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:36:09.0227 0x0ac8  adpu320 - ok
16:36:09.0253 0x0ac8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:36:09.0284 0x0ac8  AeLookupSvc - ok
16:36:09.0321 0x0ac8  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\Windows\system32\drivers\afd.sys
16:36:09.0343 0x0ac8  AFD - ok
16:36:09.0363 0x0ac8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:36:09.0373 0x0ac8  agp440 - ok
16:36:09.0389 0x0ac8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:36:09.0401 0x0ac8  ALG - ok
16:36:09.0422 0x0ac8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:36:09.0431 0x0ac8  aliide - ok
16:36:09.0467 0x0ac8  [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:36:09.0485 0x0ac8  AMD External Events Utility - ok
16:36:09.0538 0x0ac8  AMD FUEL Service - ok
16:36:09.0545 0x0ac8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:36:09.0554 0x0ac8  amdide - ok
16:36:09.0581 0x0ac8  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
16:36:09.0589 0x0ac8  amdiox64 - ok
16:36:09.0615 0x0ac8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:36:09.0626 0x0ac8  AmdK8 - ok
16:36:09.0942 0x0ac8  [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:36:10.0263 0x0ac8  amdkmdag - ok
16:36:10.0311 0x0ac8  [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:36:10.0337 0x0ac8  amdkmdap - ok
16:36:10.0347 0x0ac8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:36:10.0358 0x0ac8  AmdPPM - ok
16:36:10.0377 0x0ac8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:36:10.0388 0x0ac8  amdsata - ok
16:36:10.0408 0x0ac8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:36:10.0420 0x0ac8  amdsbs - ok
16:36:10.0430 0x0ac8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:36:10.0439 0x0ac8  amdxata - ok
16:36:10.0466 0x0ac8  [ 2FBB00A7616106B95104574C6CD640C2, 06DE79B42EBBBBA01DAB289D4280E131D780066CD7E4499229CD5EB1E597A017 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
16:36:10.0474 0x0ac8  amd_sata - ok
16:36:10.0484 0x0ac8  [ 87D0D7645CB0D53220649BD5FE15D93E, 195B25BC640BE5D802F530FAA68D3325A6C076DE8A7E56833372C3B2B53B673B ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
16:36:10.0492 0x0ac8  amd_xata - ok
16:36:10.0544 0x0ac8  [ 9D267443B7CE8A29899B9C9FF9E846B8, D8775F01A5598DEC2B70F98FD5B7160CA56352DE81AB265B21B68BE234DD4E77 ] Ant App service C:\Program Files (x86)\Ant.com\File1 Package Manager\AppService.exe
16:36:10.0563 0x0ac8  Ant App service - ok
16:36:10.0578 0x0ac8  [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
16:36:10.0585 0x0ac8  AODDriver4.2 - ok
16:36:10.0598 0x0ac8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
16:36:10.0628 0x0ac8  AppID - ok
16:36:10.0649 0x0ac8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:36:10.0679 0x0ac8  AppIDSvc - ok
16:36:10.0683 0x0ac8  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\Windows\System32\appinfo.dll
16:36:10.0713 0x0ac8  Appinfo - ok
16:36:10.0747 0x0ac8  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:36:10.0755 0x0ac8  Apple Mobile Device - ok
16:36:10.0772 0x0ac8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:36:10.0782 0x0ac8  arc - ok
16:36:10.0797 0x0ac8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:36:10.0808 0x0ac8  arcsas - ok
16:36:10.0830 0x0ac8  [ 954950D11ADA98AC1B7EE3C770E4622C, D6D4700D7359AB84FB362305FBF2389B4EF51B4190EC2E0D4C7FEF80A06A0D0B ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
16:36:10.0844 0x0ac8  asmthub3 - ok
16:36:10.0873 0x0ac8  [ 01DBB05DB1DB95803E3C9F2B49AFE79C, 286310787F7EB7B237CB0082567BDA2F57D8F88C37015F6637FF6A6775CAA5AE ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
16:36:10.0894 0x0ac8  asmtxhci - ok
16:36:10.0966 0x0ac8  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:36:10.0974 0x0ac8  aspnet_state - ok
16:36:10.0988 0x0ac8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:36:11.0017 0x0ac8  AsyncMac - ok
16:36:11.0027 0x0ac8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:36:11.0035 0x0ac8  atapi - ok
16:36:11.0058 0x0ac8  [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:36:11.0069 0x0ac8  AtiHDAudioService - ok
16:36:11.0104 0x0ac8  [ 64F07381335E37C142F6D176705FFCA6, 8F7F633B891FE653D3298578897711A04E7B2B08E51CEE131C50102EFD45AC0E ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
16:36:11.0118 0x0ac8  atksgt - ok
16:36:11.0146 0x0ac8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:36:11.0192 0x0ac8  AudioEndpointBuilder - ok
16:36:11.0212 0x0ac8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:36:11.0258 0x0ac8  AudioSrv - ok
16:36:11.0286 0x0ac8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:36:11.0302 0x0ac8  AxInstSV - ok
16:36:11.0329 0x0ac8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:36:11.0350 0x0ac8  b06bdrv - ok
16:36:11.0368 0x0ac8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:36:11.0384 0x0ac8  b57nd60a - ok
16:36:11.0424 0x0ac8  [ E49110A58A32E9450356686A95DD7763, 0C16196F48184907B92167AD6C4DA3A6039711AB99CB0D2D1BD37F935696303B ] BCMH43XX        C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
16:36:11.0449 0x0ac8  BCMH43XX - ok
16:36:11.0456 0x0ac8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:36:11.0467 0x0ac8  BDESVC - ok
16:36:11.0479 0x0ac8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:36:11.0508 0x0ac8  Beep - ok
16:36:11.0532 0x0ac8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:36:11.0580 0x0ac8  BFE - ok
16:36:11.0615 0x0ac8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:36:11.0667 0x0ac8  BITS - ok
16:36:11.0683 0x0ac8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:36:11.0694 0x0ac8  blbdrive - ok
16:36:11.0763 0x0ac8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:36:11.0779 0x0ac8  Bonjour Service - ok
16:36:11.0803 0x0ac8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:36:11.0814 0x0ac8  bowser - ok
16:36:11.0823 0x0ac8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:36:11.0835 0x0ac8  BrFiltLo - ok
16:36:11.0844 0x0ac8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:36:11.0855 0x0ac8  BrFiltUp - ok
16:36:11.0880 0x0ac8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:36:11.0893 0x0ac8  Browser - ok
16:36:11.0913 0x0ac8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:36:11.0931 0x0ac8  Brserid - ok
16:36:11.0939 0x0ac8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:36:11.0951 0x0ac8  BrSerWdm - ok
16:36:11.0954 0x0ac8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:36:11.0966 0x0ac8  BrUsbMdm - ok
16:36:11.0979 0x0ac8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:36:11.0988 0x0ac8  BrUsbSer - ok
16:36:12.0013 0x0ac8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
16:36:12.0023 0x0ac8  BthEnum - ok
16:36:12.0028 0x0ac8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:36:12.0041 0x0ac8  BTHMODEM - ok
16:36:12.0056 0x0ac8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:36:12.0070 0x0ac8  BthPan - ok
16:36:12.0108 0x0ac8  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
16:36:12.0132 0x0ac8  BTHPORT - ok
16:36:12.0150 0x0ac8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:36:12.0181 0x0ac8  bthserv - ok
16:36:12.0195 0x0ac8  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
16:36:12.0206 0x0ac8  BTHUSB - ok
16:36:12.0220 0x0ac8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:36:12.0251 0x0ac8  cdfs - ok
16:36:12.0268 0x0ac8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:36:12.0281 0x0ac8  cdrom - ok
16:36:12.0286 0x0ac8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:36:12.0316 0x0ac8  CertPropSvc - ok
16:36:12.0331 0x0ac8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:36:12.0343 0x0ac8  circlass - ok
16:36:12.0369 0x0ac8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:36:12.0385 0x0ac8  CLFS - ok
16:36:12.0461 0x0ac8  [ 4642B5A3E0D2E61D08163DE95FC5B949, C1A502ED96EB4AF7FE8643AD139A0AAA5492583E6D83A3937443662CDD430FE4 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
16:36:12.0473 0x0ac8  CLKMSVC10_9EC60124 - ok
16:36:12.0515 0x0ac8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:36:12.0524 0x0ac8  clr_optimization_v2.0.50727_32 - ok
16:36:12.0555 0x0ac8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:36:12.0565 0x0ac8  clr_optimization_v2.0.50727_64 - ok
16:36:12.0593 0x0ac8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:36:12.0602 0x0ac8  clr_optimization_v4.0.30319_32 - ok
16:36:12.0614 0x0ac8  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:36:12.0624 0x0ac8  clr_optimization_v4.0.30319_64 - ok
16:36:12.0632 0x0ac8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:36:12.0642 0x0ac8  CmBatt - ok
16:36:12.0652 0x0ac8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:36:12.0660 0x0ac8  cmdide - ok
16:36:12.0691 0x0ac8  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\Windows\system32\Drivers\cng.sys
16:36:12.0714 0x0ac8  CNG - ok
16:36:12.0736 0x0ac8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:36:12.0745 0x0ac8  Compbatt - ok
16:36:12.0748 0x0ac8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:36:12.0761 0x0ac8  CompositeBus - ok
16:36:12.0764 0x0ac8  COMSysApp - ok
16:36:12.0768 0x0ac8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:36:12.0777 0x0ac8  crcdisk - ok
16:36:12.0799 0x0ac8  [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:36:12.0812 0x0ac8  CryptSvc - ok
16:36:12.0844 0x0ac8  [ 580033E37BEB30E7176CAF46D8C282F3, 67B51B89E13831758486766357916592FB581FAFD27BD83DBAF4C658247C74D0 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:36:12.0857 0x0ac8  CtClsFlt - ok
16:36:12.0881 0x0ac8  [ C7259495924D21F1AFA26467D9F4DAE0, 7FF991D7FE660E7CAC682FC82B9C44EC38E267A0C3AAE0C4FAEE0853756AF5C8 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
16:36:12.0890 0x0ac8  dc3d - ok
16:36:12.0917 0x0ac8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:36:12.0959 0x0ac8  DcomLaunch - ok
16:36:12.0985 0x0ac8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:36:13.0021 0x0ac8  defragsvc - ok
16:36:13.0036 0x0ac8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:36:13.0066 0x0ac8  DfsC - ok
16:36:13.0082 0x0ac8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:36:13.0100 0x0ac8  Dhcp - ok
16:36:13.0108 0x0ac8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:36:13.0139 0x0ac8  discache - ok
16:36:13.0171 0x0ac8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:36:13.0181 0x0ac8  Disk - ok
16:36:13.0183 0x0ac8  DisplayFusionService - ok
16:36:13.0208 0x0ac8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:36:13.0222 0x0ac8  Dnscache - ok
16:36:13.0241 0x0ac8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:36:13.0277 0x0ac8  dot3svc - ok
16:36:13.0288 0x0ac8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:36:13.0321 0x0ac8  DPS - ok
16:36:13.0341 0x0ac8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:36:13.0353 0x0ac8  drmkaud - ok
16:36:13.0378 0x0ac8  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:36:13.0391 0x0ac8  dtsoftbus01 - ok
16:36:13.0432 0x0ac8  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:36:13.0462 0x0ac8  DXGKrnl - ok
16:36:13.0477 0x0ac8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:36:13.0509 0x0ac8  EapHost - ok
16:36:13.0609 0x0ac8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:36:13.0708 0x0ac8  ebdrv - ok
16:36:13.0718 0x0ac8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
16:36:13.0729 0x0ac8  EFS - ok
16:36:13.0780 0x0ac8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:36:13.0809 0x0ac8  ehRecvr - ok
16:36:13.0820 0x0ac8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:36:13.0833 0x0ac8  ehSched - ok
16:36:13.0858 0x0ac8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:36:13.0878 0x0ac8  elxstor - ok
16:36:13.0892 0x0ac8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:36:13.0902 0x0ac8  ErrDev - ok
16:36:13.0922 0x0ac8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:36:13.0962 0x0ac8  EventSystem - ok
16:36:13.0982 0x0ac8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:36:14.0015 0x0ac8  exfat - ok
16:36:14.0032 0x0ac8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:36:14.0067 0x0ac8  fastfat - ok
16:36:14.0097 0x0ac8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:36:14.0125 0x0ac8  Fax - ok
16:36:14.0141 0x0ac8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:36:14.0151 0x0ac8  fdc - ok
16:36:14.0161 0x0ac8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:36:14.0191 0x0ac8  fdPHost - ok
16:36:14.0203 0x0ac8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:36:14.0233 0x0ac8  FDResPub - ok
16:36:14.0243 0x0ac8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:36:14.0253 0x0ac8  FileInfo - ok
16:36:14.0265 0x0ac8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:36:14.0295 0x0ac8  Filetrace - ok
16:36:14.0299 0x0ac8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:36:14.0309 0x0ac8  flpydisk - ok
16:36:14.0330 0x0ac8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:36:14.0344 0x0ac8  FltMgr - ok
16:36:14.0399 0x0ac8  [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache       C:\Windows\system32\FntCache.dll
16:36:14.0439 0x0ac8  FontCache - ok
16:36:14.0478 0x0ac8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:36:14.0486 0x0ac8  FontCache3.0.0.0 - ok
16:36:14.0490 0x0ac8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:36:14.0499 0x0ac8  FsDepends - ok
16:36:14.0519 0x0ac8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:36:14.0527 0x0ac8  Fs_Rec - ok
16:36:14.0543 0x0ac8  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:36:14.0559 0x0ac8  fvevol - ok
16:36:14.0571 0x0ac8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:36:14.0580 0x0ac8  gagp30kx - ok
16:36:14.0596 0x0ac8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:36:14.0603 0x0ac8  GEARAspiWDM - ok
16:36:14.0636 0x0ac8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:36:14.0685 0x0ac8  gpsvc - ok
16:36:14.0712 0x0ac8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:36:14.0722 0x0ac8  gupdate - ok
16:36:14.0727 0x0ac8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:36:14.0735 0x0ac8  gupdatem - ok
16:36:14.0762 0x0ac8  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
16:36:14.0770 0x0ac8  hamachi - ok
16:36:14.0785 0x0ac8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:36:14.0794 0x0ac8  hcw85cir - ok
16:36:14.0828 0x0ac8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:36:14.0848 0x0ac8  HdAudAddService - ok
16:36:14.0869 0x0ac8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:36:14.0883 0x0ac8  HDAudBus - ok
16:36:14.0892 0x0ac8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:36:14.0902 0x0ac8  HidBatt - ok
16:36:14.0914 0x0ac8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:36:14.0929 0x0ac8  HidBth - ok
16:36:14.0937 0x0ac8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:36:14.0949 0x0ac8  HidIr - ok
16:36:14.0967 0x0ac8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:36:14.0997 0x0ac8  hidserv - ok
16:36:15.0004 0x0ac8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:36:15.0013 0x0ac8  HidUsb - ok
16:36:15.0028 0x0ac8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:36:15.0059 0x0ac8  hkmsvc - ok
16:36:15.0076 0x0ac8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:36:15.0091 0x0ac8  HomeGroupListener - ok
16:36:15.0112 0x0ac8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:36:15.0126 0x0ac8  HomeGroupProvider - ok
16:36:15.0137 0x0ac8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:36:15.0147 0x0ac8  HpSAMD - ok
16:36:15.0175 0x0ac8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:36:15.0222 0x0ac8  HTTP - ok
16:36:15.0248 0x0ac8  [ 8C7F1C56491A1CF8E32316052324D7F5, FFAB4953108A6E4F09AB34DC95DE3F3C8E50482C945928A8C9613CEB9669CA89 ] hugoio64        C:\Windows\system32\drivers\hugoio64.sys
16:36:15.0255 0x0ac8  hugoio64 - ok
16:36:15.0264 0x0ac8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:36:15.0272 0x0ac8  hwpolicy - ok
16:36:15.0288 0x0ac8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:36:15.0300 0x0ac8  i8042prt - ok
16:36:15.0328 0x0ac8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:36:15.0345 0x0ac8  iaStorV - ok
16:36:15.0382 0x0ac8  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:36:15.0387 0x0ac8  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
16:36:15.0387 0x0ac8  Detect skipped due to KSN trusted
16:36:15.0387 0x0ac8  IDriverT - ok
16:36:15.0436 0x0ac8  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:36:15.0462 0x0ac8  idsvc - ok
16:36:15.0489 0x0ac8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:36:15.0498 0x0ac8  iirsp - ok
16:36:15.0541 0x0ac8  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
16:36:15.0592 0x0ac8  IKEEXT - ok
16:36:15.0679 0x0ac8  [ 589B94A9B73A0E819FF873743A480834, 49FA8EC38F1C78F38F818CC28F2734802739247F0B89A971D65FDAF3110041A8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:36:15.0745 0x0ac8  IntcAzAudAddService - ok
16:36:15.0754 0x0ac8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:36:15.0762 0x0ac8  intelide - ok
16:36:15.0767 0x0ac8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:36:15.0778 0x0ac8  intelppm - ok
16:36:15.0795 0x0ac8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:36:15.0827 0x0ac8  IPBusEnum - ok
16:36:15.0832 0x0ac8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:36:15.0862 0x0ac8  IpFilterDriver - ok
16:36:15.0898 0x0ac8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:36:15.0923 0x0ac8  iphlpsvc - ok
16:36:15.0935 0x0ac8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:36:15.0946 0x0ac8  IPMIDRV - ok
16:36:15.0961 0x0ac8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:36:15.0992 0x0ac8  IPNAT - ok
16:36:16.0027 0x0ac8  [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:36:16.0048 0x0ac8  iPod Service - ok
16:36:16.0060 0x0ac8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:36:16.0074 0x0ac8  IRENUM - ok
16:36:16.0082 0x0ac8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:36:16.0091 0x0ac8  isapnp - ok
16:36:16.0113 0x0ac8  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:36:16.0127 0x0ac8  iScsiPrt - ok
16:36:16.0137 0x0ac8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:36:16.0146 0x0ac8  kbdclass - ok
16:36:16.0158 0x0ac8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:36:16.0168 0x0ac8  kbdhid - ok
16:36:16.0177 0x0ac8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
16:36:16.0187 0x0ac8  KeyIso - ok
16:36:16.0212 0x0ac8  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:36:16.0222 0x0ac8  KSecDD - ok
16:36:16.0233 0x0ac8  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:36:16.0245 0x0ac8  KSecPkg - ok
16:36:16.0251 0x0ac8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:36:16.0280 0x0ac8  ksthunk - ok
16:36:16.0302 0x0ac8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:36:16.0342 0x0ac8  KtmRm - ok
16:36:16.0367 0x0ac8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:36:16.0401 0x0ac8  LanmanServer - ok
16:36:16.0428 0x0ac8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:36:16.0460 0x0ac8  LanmanWorkstation - ok
16:36:16.0475 0x0ac8  [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
16:36:16.0484 0x0ac8  lirsgt - ok
16:36:16.0488 0x0ac8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:36:16.0519 0x0ac8  lltdio - ok
16:36:16.0536 0x0ac8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:36:16.0574 0x0ac8  lltdsvc - ok
16:36:16.0592 0x0ac8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:36:16.0622 0x0ac8  lmhosts - ok
16:36:16.0632 0x0ac8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:36:16.0642 0x0ac8  LSI_FC - ok
16:36:16.0656 0x0ac8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:36:16.0666 0x0ac8  LSI_SAS - ok
16:36:16.0683 0x0ac8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:36:16.0692 0x0ac8  LSI_SAS2 - ok
16:36:16.0706 0x0ac8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:36:16.0716 0x0ac8  LSI_SCSI - ok
16:36:16.0733 0x0ac8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:36:16.0764 0x0ac8  luafv - ok
16:36:16.0787 0x0ac8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:36:16.0799 0x0ac8  Mcx2Svc - ok
16:36:16.0810 0x0ac8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:36:16.0819 0x0ac8  megasas - ok
16:36:16.0836 0x0ac8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:36:16.0851 0x0ac8  MegaSR - ok
16:36:16.0862 0x0ac8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:36:16.0893 0x0ac8  MMCSS - ok
16:36:16.0907 0x0ac8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:36:16.0938 0x0ac8  Modem - ok
16:36:16.0960 0x0ac8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:36:16.0972 0x0ac8  monitor - ok
16:36:16.0981 0x0ac8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:36:16.0990 0x0ac8  mouclass - ok
16:36:16.0997 0x0ac8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:36:17.0007 0x0ac8  mouhid - ok
16:36:17.0015 0x0ac8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:36:17.0026 0x0ac8  mountmgr - ok
16:36:17.0032 0x0ac8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:36:17.0044 0x0ac8  mpio - ok
16:36:17.0052 0x0ac8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:36:17.0083 0x0ac8  mpsdrv - ok
16:36:17.0114 0x0ac8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:36:17.0166 0x0ac8  MpsSvc - ok
16:36:17.0174 0x0ac8  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:36:17.0191 0x0ac8  MRxDAV - ok
16:36:17.0214 0x0ac8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:36:17.0227 0x0ac8  mrxsmb - ok
16:36:17.0244 0x0ac8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:36:17.0260 0x0ac8  mrxsmb10 - ok
16:36:17.0269 0x0ac8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:36:17.0281 0x0ac8  mrxsmb20 - ok
16:36:17.0288 0x0ac8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:36:17.0297 0x0ac8  msahci - ok
16:36:17.0303 0x0ac8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:36:17.0314 0x0ac8  msdsm - ok
16:36:17.0331 0x0ac8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:36:17.0345 0x0ac8  MSDTC - ok
16:36:17.0359 0x0ac8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:36:17.0388 0x0ac8  Msfs - ok
16:36:17.0397 0x0ac8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:36:17.0428 0x0ac8  mshidkmdf - ok
16:36:17.0437 0x0ac8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:36:17.0445 0x0ac8  msisadrv - ok
16:36:17.0468 0x0ac8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:36:17.0501 0x0ac8  MSiSCSI - ok
16:36:17.0504 0x0ac8  msiserver - ok
16:36:17.0512 0x0ac8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:36:17.0542 0x0ac8  MSKSSRV - ok
16:36:17.0552 0x0ac8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:36:17.0581 0x0ac8  MSPCLOCK - ok
16:36:17.0593 0x0ac8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:36:17.0622 0x0ac8  MSPQM - ok
16:36:17.0644 0x0ac8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:36:17.0661 0x0ac8  MsRPC - ok
16:36:17.0672 0x0ac8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:36:17.0681 0x0ac8  mssmbios - ok
16:36:17.0692 0x0ac8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:36:17.0721 0x0ac8  MSTEE - ok
16:36:17.0733 0x0ac8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:36:17.0743 0x0ac8  MTConfig - ok
16:36:17.0753 0x0ac8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:36:17.0763 0x0ac8  Mup - ok
16:36:17.0794 0x0ac8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:36:17.0834 0x0ac8  napagent - ok
16:36:17.0861 0x0ac8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:36:17.0883 0x0ac8  NativeWifiP - ok
16:36:17.0931 0x0ac8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:36:17.0960 0x0ac8  NDIS - ok
16:36:17.0975 0x0ac8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:36:18.0004 0x0ac8  NdisCap - ok
16:36:18.0008 0x0ac8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:36:18.0038 0x0ac8  NdisTapi - ok
16:36:18.0047 0x0ac8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:36:18.0077 0x0ac8  Ndisuio - ok
16:36:18.0091 0x0ac8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:36:18.0123 0x0ac8  NdisWan - ok
16:36:18.0134 0x0ac8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:36:18.0163 0x0ac8  NDProxy - ok
16:36:18.0173 0x0ac8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:36:18.0203 0x0ac8  NetBIOS - ok
16:36:18.0220 0x0ac8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:36:18.0254 0x0ac8  NetBT - ok
16:36:18.0264 0x0ac8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
16:36:18.0274 0x0ac8  Netlogon - ok
16:36:18.0300 0x0ac8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:36:18.0339 0x0ac8  Netman - ok
16:36:18.0370 0x0ac8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:36:18.0380 0x0ac8  NetMsmqActivator - ok
16:36:18.0385 0x0ac8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:36:18.0395 0x0ac8  NetPipeActivator - ok
16:36:18.0426 0x0ac8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:36:18.0467 0x0ac8  netprofm - ok
16:36:18.0473 0x0ac8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:36:18.0483 0x0ac8  NetTcpActivator - ok
16:36:18.0488 0x0ac8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:36:18.0497 0x0ac8  NetTcpPortSharing - ok
16:36:18.0510 0x0ac8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:36:18.0519 0x0ac8  nfrd960 - ok
16:36:18.0539 0x0ac8  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:36:18.0556 0x0ac8  NlaSvc - ok
16:36:18.0565 0x0ac8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:36:18.0595 0x0ac8  Npfs - ok
16:36:18.0616 0x0ac8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:36:18.0646 0x0ac8  nsi - ok
16:36:18.0652 0x0ac8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:36:18.0682 0x0ac8  nsiproxy - ok
16:36:18.0749 0x0ac8  [ E453ACF4E7D44E5530B5D5F2B9CA8563, 85EEBCBB3187A21282619A0264C10E9E52EFE4387F3425D3D279EF460DA3AD06 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:36:18.0796 0x0ac8  Ntfs - ok
16:36:18.0811 0x0ac8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:36:18.0840 0x0ac8  Null - ok
16:36:18.0864 0x0ac8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:36:18.0876 0x0ac8  nvraid - ok
16:36:18.0887 0x0ac8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:36:18.0899 0x0ac8  nvstor - ok
16:36:18.0911 0x0ac8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:36:18.0921 0x0ac8  nv_agp - ok
16:36:18.0937 0x0ac8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:36:18.0949 0x0ac8  ohci1394 - ok
16:36:18.0984 0x0ac8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:36:18.0994 0x0ac8  ose - ok
16:36:19.0167 0x0ac8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:36:19.0299 0x0ac8  osppsvc - ok
16:36:19.0346 0x0ac8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:36:19.0364 0x0ac8  p2pimsvc - ok
16:36:19.0386 0x0ac8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:36:19.0407 0x0ac8  p2psvc - ok
16:36:19.0422 0x0ac8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:36:19.0433 0x0ac8  Parport - ok
16:36:19.0454 0x0ac8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:36:19.0463 0x0ac8  partmgr - ok
16:36:19.0475 0x0ac8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:36:19.0494 0x0ac8  PcaSvc - ok
16:36:19.0517 0x0ac8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:36:19.0529 0x0ac8  pci - ok
16:36:19.0538 0x0ac8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:36:19.0546 0x0ac8  pciide - ok
16:36:19.0563 0x0ac8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:36:19.0575 0x0ac8  pcmcia - ok
         

Alt 02.09.2014, 12:14   #8
Batzke95
 
Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher - Standard

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher



Code:
ATTFilter
16:36:19.0589 0x0ac8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:36:19.0597 0x0ac8  pcw - ok
16:36:19.0620 0x0ac8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:36:19.0668 0x0ac8  PEAUTH - ok
16:36:19.0723 0x0ac8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:36:19.0734 0x0ac8  PerfHost - ok
16:36:19.0785 0x0ac8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:36:19.0851 0x0ac8  pla - ok
16:36:19.0884 0x0ac8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:36:19.0904 0x0ac8  PlugPlay - ok
16:36:19.0929 0x0ac8  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
16:36:19.0939 0x0ac8  PnkBstrA - ok
16:36:19.0948 0x0ac8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:36:19.0958 0x0ac8  PNRPAutoReg - ok
16:36:19.0969 0x0ac8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:36:19.0986 0x0ac8  PNRPsvc - ok
16:36:20.0007 0x0ac8  [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64         C:\Windows\system32\DRIVERS\point64.sys
16:36:20.0015 0x0ac8  Point64 - ok
16:36:20.0049 0x0ac8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:36:20.0090 0x0ac8  PolicyAgent - ok
16:36:20.0116 0x0ac8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:36:20.0150 0x0ac8  Power - ok
16:36:20.0165 0x0ac8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:36:20.0195 0x0ac8  PptpMiniport - ok
16:36:20.0204 0x0ac8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:36:20.0215 0x0ac8  Processor - ok
16:36:20.0248 0x0ac8  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:36:20.0264 0x0ac8  ProfSvc - ok
16:36:20.0284 0x0ac8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:36:20.0294 0x0ac8  ProtectedStorage - ok
16:36:20.0304 0x0ac8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:36:20.0335 0x0ac8  Psched - ok
16:36:20.0383 0x0ac8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:36:20.0427 0x0ac8  ql2300 - ok
16:36:20.0436 0x0ac8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:36:20.0447 0x0ac8  ql40xx - ok
16:36:20.0464 0x0ac8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:36:20.0485 0x0ac8  QWAVE - ok
16:36:20.0495 0x0ac8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:36:20.0510 0x0ac8  QWAVEdrv - ok
16:36:20.0525 0x0ac8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:36:20.0553 0x0ac8  RasAcd - ok
16:36:20.0569 0x0ac8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:36:20.0599 0x0ac8  RasAgileVpn - ok
16:36:20.0607 0x0ac8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:36:20.0640 0x0ac8  RasAuto - ok
16:36:20.0653 0x0ac8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:36:20.0684 0x0ac8  Rasl2tp - ok
16:36:20.0706 0x0ac8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:36:20.0743 0x0ac8  RasMan - ok
16:36:20.0752 0x0ac8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:36:20.0784 0x0ac8  RasPppoe - ok
16:36:20.0789 0x0ac8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:36:20.0820 0x0ac8  RasSstp - ok
16:36:20.0836 0x0ac8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:36:20.0872 0x0ac8  rdbss - ok
16:36:20.0884 0x0ac8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:36:20.0896 0x0ac8  rdpbus - ok
16:36:20.0905 0x0ac8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:36:20.0934 0x0ac8  RDPCDD - ok
16:36:20.0947 0x0ac8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:36:20.0976 0x0ac8  RDPENCDD - ok
16:36:20.0985 0x0ac8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:36:21.0014 0x0ac8  RDPREFMP - ok
16:36:21.0044 0x0ac8  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:36:21.0058 0x0ac8  RDPWD - ok
16:36:21.0077 0x0ac8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:36:21.0089 0x0ac8  rdyboost - ok
16:36:21.0106 0x0ac8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:36:21.0138 0x0ac8  RemoteAccess - ok
16:36:21.0145 0x0ac8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:36:21.0181 0x0ac8  RemoteRegistry - ok
16:36:21.0203 0x0ac8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:36:21.0219 0x0ac8  RFCOMM - ok
16:36:21.0268 0x0ac8  [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
16:36:21.0280 0x0ac8  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
16:36:21.0280 0x0ac8  Detect skipped due to KSN trusted
16:36:21.0280 0x0ac8  RichVideo - ok
16:36:21.0288 0x0ac8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:36:21.0319 0x0ac8  RpcEptMapper - ok
16:36:21.0330 0x0ac8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:36:21.0340 0x0ac8  RpcLocator - ok
16:36:21.0362 0x0ac8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:36:21.0404 0x0ac8  RpcSs - ok
16:36:21.0412 0x0ac8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:36:21.0443 0x0ac8  rspndr - ok
16:36:21.0483 0x0ac8  [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:36:21.0500 0x0ac8  RTL8167 - ok
16:36:21.0504 0x0ac8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
16:36:21.0514 0x0ac8  SamSs - ok
16:36:21.0534 0x0ac8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:36:21.0544 0x0ac8  sbp2port - ok
16:36:21.0560 0x0ac8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:36:21.0595 0x0ac8  SCardSvr - ok
16:36:21.0608 0x0ac8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:36:21.0637 0x0ac8  scfilter - ok
16:36:21.0678 0x0ac8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:36:21.0737 0x0ac8  Schedule - ok
16:36:21.0763 0x0ac8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:36:21.0793 0x0ac8  SCPolicySvc - ok
16:36:21.0809 0x0ac8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:36:21.0824 0x0ac8  SDRSVC - ok
16:36:21.0828 0x0ac8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:36:21.0858 0x0ac8  secdrv - ok
16:36:21.0869 0x0ac8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:36:21.0899 0x0ac8  seclogon - ok
16:36:21.0905 0x0ac8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:36:21.0936 0x0ac8  SENS - ok
16:36:21.0947 0x0ac8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:36:21.0958 0x0ac8  SensrSvc - ok
16:36:21.0969 0x0ac8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:36:21.0979 0x0ac8  Serenum - ok
16:36:21.0992 0x0ac8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:36:22.0004 0x0ac8  Serial - ok
16:36:22.0016 0x0ac8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:36:22.0027 0x0ac8  sermouse - ok
16:36:22.0037 0x0ac8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:36:22.0069 0x0ac8  SessionEnv - ok
16:36:22.0072 0x0ac8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:36:22.0084 0x0ac8  sffdisk - ok
16:36:22.0097 0x0ac8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:36:22.0109 0x0ac8  sffp_mmc - ok
16:36:22.0112 0x0ac8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:36:22.0124 0x0ac8  sffp_sd - ok
16:36:22.0137 0x0ac8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:36:22.0147 0x0ac8  sfloppy - ok
16:36:22.0177 0x0ac8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:36:22.0216 0x0ac8  SharedAccess - ok
16:36:22.0237 0x0ac8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:36:22.0277 0x0ac8  ShellHWDetection - ok
16:36:22.0281 0x0ac8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:36:22.0291 0x0ac8  SiSRaid2 - ok
16:36:22.0296 0x0ac8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:36:22.0306 0x0ac8  SiSRaid4 - ok
16:36:22.0324 0x0ac8  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:36:22.0337 0x0ac8  SkypeUpdate - ok
16:36:22.0349 0x0ac8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:36:22.0381 0x0ac8  Smb - ok
16:36:22.0392 0x0ac8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:36:22.0403 0x0ac8  SNMPTRAP - ok
16:36:22.0407 0x0ac8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:36:22.0415 0x0ac8  spldr - ok
16:36:22.0447 0x0ac8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:36:22.0472 0x0ac8  Spooler - ok
16:36:22.0576 0x0ac8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:36:22.0699 0x0ac8  sppsvc - ok
16:36:22.0715 0x0ac8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:36:22.0747 0x0ac8  sppuinotify - ok
16:36:22.0773 0x0ac8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:36:22.0794 0x0ac8  srv - ok
16:36:22.0825 0x0ac8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:36:22.0845 0x0ac8  srv2 - ok
16:36:22.0857 0x0ac8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:36:22.0870 0x0ac8  srvnet - ok
16:36:22.0888 0x0ac8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:36:22.0923 0x0ac8  SSDPSRV - ok
16:36:22.0931 0x0ac8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:36:22.0963 0x0ac8  SstpSvc - ok
16:36:23.0006 0x0ac8  [ B5C26A6A92C9A6CD64399D2B06D29464, 6CAF09892D4C516361125AAF5387D5BF306EC26133EE45DBBC35C8B6190BAD24 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:36:23.0032 0x0ac8  Steam Client Service - ok
16:36:23.0042 0x0ac8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:36:23.0051 0x0ac8  stexstor - ok
16:36:23.0087 0x0ac8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:36:23.0117 0x0ac8  stisvc - ok
16:36:23.0157 0x0ac8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:36:23.0167 0x0ac8  swenum - ok
16:36:23.0199 0x0ac8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:36:23.0243 0x0ac8  swprv - ok
16:36:23.0305 0x0ac8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:36:23.0367 0x0ac8  SysMain - ok
16:36:23.0386 0x0ac8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:36:23.0403 0x0ac8  TabletInputService - ok
16:36:23.0420 0x0ac8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:36:23.0457 0x0ac8  TapiSrv - ok
16:36:23.0468 0x0ac8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:36:23.0500 0x0ac8  TBS - ok
16:36:23.0570 0x0ac8  [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:36:23.0622 0x0ac8  Tcpip - ok
16:36:23.0673 0x0ac8  [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:36:23.0726 0x0ac8  TCPIP6 - ok
16:36:23.0748 0x0ac8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:36:23.0759 0x0ac8  tcpipreg - ok
16:36:23.0775 0x0ac8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:36:23.0784 0x0ac8  TDPIPE - ok
16:36:23.0805 0x0ac8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:36:23.0814 0x0ac8  TDTCP - ok
16:36:23.0833 0x0ac8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:36:23.0863 0x0ac8  tdx - ok
16:36:23.0876 0x0ac8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:36:23.0885 0x0ac8  TermDD - ok
16:36:23.0917 0x0ac8  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
16:36:23.0964 0x0ac8  TermService - ok
16:36:23.0973 0x0ac8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:36:23.0990 0x0ac8  Themes - ok
16:36:24.0007 0x0ac8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:36:24.0039 0x0ac8  THREADORDER - ok
16:36:24.0048 0x0ac8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:36:24.0080 0x0ac8  TrkWks - ok
16:36:24.0126 0x0ac8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:36:24.0159 0x0ac8  TrustedInstaller - ok
16:36:24.0176 0x0ac8  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:36:24.0204 0x0ac8  tssecsrv - ok
16:36:24.0215 0x0ac8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:36:24.0225 0x0ac8  TsUsbFlt - ok
16:36:24.0234 0x0ac8  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:36:24.0243 0x0ac8  TsUsbGD - ok
16:36:24.0258 0x0ac8  tswNT - ok
16:36:24.0264 0x0ac8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:36:24.0295 0x0ac8  tunnel - ok
16:36:24.0299 0x0ac8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:36:24.0309 0x0ac8  uagp35 - ok
16:36:24.0330 0x0ac8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:36:24.0366 0x0ac8  udfs - ok
16:36:24.0381 0x0ac8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:36:24.0393 0x0ac8  UI0Detect - ok
16:36:24.0403 0x0ac8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:36:24.0412 0x0ac8  uliagpkx - ok
16:36:24.0424 0x0ac8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:36:24.0434 0x0ac8  umbus - ok
16:36:24.0449 0x0ac8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:36:24.0459 0x0ac8  UmPass - ok
16:36:24.0477 0x0ac8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:36:24.0516 0x0ac8  upnphost - ok
16:36:24.0543 0x0ac8  [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:36:24.0552 0x0ac8  USBAAPL64 - ok
16:36:24.0576 0x0ac8  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:36:24.0590 0x0ac8  usbaudio - ok
16:36:24.0609 0x0ac8  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:36:24.0620 0x0ac8  usbccgp - ok
16:36:24.0643 0x0ac8  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:36:24.0657 0x0ac8  usbcir - ok
16:36:24.0677 0x0ac8  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:36:24.0686 0x0ac8  usbehci - ok
16:36:24.0696 0x0ac8  [ 573D192E268F0C5B486B7E96F661E538, 0F32BD82CA7B5D4DE234EFC6527EF4C854BD15B3057FE4A0151C70115493FFDC ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
16:36:24.0704 0x0ac8  usbfilter - ok
16:36:24.0725 0x0ac8  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:36:24.0743 0x0ac8  usbhub - ok
16:36:24.0755 0x0ac8  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:36:24.0764 0x0ac8  usbohci - ok
16:36:24.0771 0x0ac8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:36:24.0783 0x0ac8  usbprint - ok
16:36:24.0810 0x0ac8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:36:24.0821 0x0ac8  USBSTOR - ok
16:36:24.0838 0x0ac8  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:36:24.0847 0x0ac8  usbuhci - ok
16:36:24.0872 0x0ac8  [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
16:36:24.0881 0x0ac8  usb_rndisx - ok
16:36:24.0890 0x0ac8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:36:24.0921 0x0ac8  UxSms - ok
16:36:24.0961 0x0ac8  [ 34AF631F8D8BDBE77E7FBD99FF147D3F, B767E46330C27F3C6BDF3E1EC363B8BE702B7B3CC793698B829460EAA2426EE1 ] V0640Vid        C:\Windows\system32\DRIVERS\V0640Vid.sys
16:36:24.0977 0x0ac8  V0640Vid - ok
16:36:24.0995 0x0ac8  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
16:36:25.0005 0x0ac8  VaultSvc - ok
16:36:25.0015 0x0ac8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:36:25.0024 0x0ac8  vdrvroot - ok
16:36:25.0052 0x0ac8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:36:25.0095 0x0ac8  vds - ok
16:36:25.0104 0x0ac8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:36:25.0116 0x0ac8  vga - ok
16:36:25.0128 0x0ac8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:36:25.0158 0x0ac8  VgaSave - ok
16:36:25.0179 0x0ac8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:36:25.0192 0x0ac8  vhdmp - ok
16:36:25.0207 0x0ac8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:36:25.0215 0x0ac8  viaide - ok
16:36:25.0220 0x0ac8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:36:25.0230 0x0ac8  volmgr - ok
16:36:25.0256 0x0ac8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:36:25.0272 0x0ac8  volmgrx - ok
16:36:25.0288 0x0ac8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:36:25.0302 0x0ac8  volsnap - ok
16:36:25.0330 0x0ac8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:36:25.0341 0x0ac8  vsmraid - ok
16:36:25.0396 0x0ac8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:36:25.0470 0x0ac8  VSS - ok
16:36:25.0482 0x0ac8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:36:25.0494 0x0ac8  vwifibus - ok
16:36:25.0508 0x0ac8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:36:25.0523 0x0ac8  vwififlt - ok
16:36:25.0534 0x0ac8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:36:25.0548 0x0ac8  vwifimp - ok
16:36:25.0570 0x0ac8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:36:25.0609 0x0ac8  W32Time - ok
16:36:25.0622 0x0ac8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:36:25.0632 0x0ac8  WacomPen - ok
16:36:25.0646 0x0ac8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:36:25.0677 0x0ac8  WANARP - ok
16:36:25.0681 0x0ac8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:36:25.0711 0x0ac8  Wanarpv6 - ok
16:36:25.0763 0x0ac8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:36:25.0814 0x0ac8  wbengine - ok
16:36:25.0835 0x0ac8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:36:25.0855 0x0ac8  WbioSrvc - ok
16:36:25.0866 0x0ac8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:36:25.0890 0x0ac8  wcncsvc - ok
16:36:25.0904 0x0ac8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:36:25.0915 0x0ac8  WcsPlugInService - ok
16:36:25.0918 0x0ac8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:36:25.0927 0x0ac8  Wd - ok
16:36:25.0966 0x0ac8  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:36:25.0993 0x0ac8  Wdf01000 - ok
16:36:26.0005 0x0ac8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:36:26.0022 0x0ac8  WdiServiceHost - ok
16:36:26.0026 0x0ac8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:36:26.0043 0x0ac8  WdiSystemHost - ok
16:36:26.0058 0x0ac8  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
16:36:26.0079 0x0ac8  WebClient - ok
16:36:26.0088 0x0ac8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:36:26.0125 0x0ac8  Wecsvc - ok
16:36:26.0140 0x0ac8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:36:26.0173 0x0ac8  wercplsupport - ok
16:36:26.0178 0x0ac8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:36:26.0211 0x0ac8  WerSvc - ok
16:36:26.0214 0x0ac8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:36:26.0243 0x0ac8  WfpLwf - ok
16:36:26.0258 0x0ac8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:36:26.0266 0x0ac8  WIMMount - ok
16:36:26.0297 0x0ac8  WinDefend - ok
16:36:26.0302 0x0ac8  WinHttpAutoProxySvc - ok
16:36:26.0354 0x0ac8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:36:26.0389 0x0ac8  Winmgmt - ok
16:36:26.0465 0x0ac8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:36:26.0548 0x0ac8  WinRM - ok
16:36:26.0575 0x0ac8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:36:26.0587 0x0ac8  WinUsb - ok
16:36:26.0633 0x0ac8  [ 0F695800783C3F9E577B94BF1E71D95A, EA10AA7D61167ED0AB5C741C42DAA32A4906C46F85D593D4ED00656318451DE4 ] WLANBelkinService C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
16:36:26.0636 0x0ac8  WLANBelkinService - detected UnsignedFile.Multi.Generic ( 1 )
16:36:26.0636 0x0ac8  Detect skipped due to KSN trusted
16:36:26.0637 0x0ac8  WLANBelkinService - ok
16:36:26.0671 0x0ac8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:36:26.0709 0x0ac8  Wlansvc - ok
16:36:26.0724 0x0ac8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:36:26.0734 0x0ac8  WmiAcpi - ok
16:36:26.0754 0x0ac8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:36:26.0769 0x0ac8  wmiApSrv - ok
16:36:26.0783 0x0ac8  WMPNetworkSvc - ok
16:36:26.0796 0x0ac8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:36:26.0805 0x0ac8  WPCSvc - ok
16:36:26.0815 0x0ac8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:36:26.0830 0x0ac8  WPDBusEnum - ok
16:36:26.0838 0x0ac8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:36:26.0867 0x0ac8  ws2ifsl - ok
16:36:26.0878 0x0ac8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:36:26.0896 0x0ac8  wscsvc - ok
16:36:26.0898 0x0ac8  WSearch - ok
16:36:26.0978 0x0ac8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:36:27.0044 0x0ac8  wuauserv - ok
16:36:27.0072 0x0ac8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:36:27.0083 0x0ac8  WudfPf - ok
16:36:27.0101 0x0ac8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:36:27.0114 0x0ac8  WUDFRd - ok
16:36:27.0134 0x0ac8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:36:27.0146 0x0ac8  wudfsvc - ok
16:36:27.0165 0x0ac8  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:36:27.0186 0x0ac8  WwanSvc - ok
16:36:27.0215 0x0ac8  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
16:36:27.0225 0x0ac8  xusb21 - ok
16:36:27.0266 0x0ac8  ================ Scan global ===============================
16:36:27.0284 0x0ac8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:36:27.0309 0x0ac8  [ 9E479C2B605C25DA4971ABA36250FAEF, 1D1D5CE908A6B17CDFA257A46121D7C938B56277B0F5256FBA29DF93352EAA3D ] C:\Windows\system32\winsrv.dll
16:36:27.0321 0x0ac8  [ 9E479C2B605C25DA4971ABA36250FAEF, 1D1D5CE908A6B17CDFA257A46121D7C938B56277B0F5256FBA29DF93352EAA3D ] C:\Windows\system32\winsrv.dll
16:36:27.0340 0x0ac8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:36:27.0364 0x0ac8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:36:27.0371 0x0ac8  [ Global ] - ok
16:36:27.0372 0x0ac8  ================ Scan MBR ==================================
16:36:27.0381 0x0ac8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:36:27.0543 0x0ac8  \Device\Harddisk0\DR0 - ok
16:36:27.0544 0x0ac8  ================ Scan VBR ==================================
16:36:27.0546 0x0ac8  [ 9610C77DA5E23C3AECA92E2D52FABC7A ] \Device\Harddisk0\DR0\Partition1
16:36:27.0564 0x0ac8  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
16:36:27.0564 0x0ac8  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
16:36:29.0943 0x0ac8  [ 9E1977327432C5762A805BF11DC23C78 ] \Device\Harddisk0\DR0\Partition2
16:36:29.0974 0x0ac8  \Device\Harddisk0\DR0\Partition2 - ok
16:36:29.0974 0x0ac8  ================ Scan generic autorun ======================
16:36:30.0081 0x0ac8  [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
16:36:30.0141 0x0ac8  IntelliPoint - ok
16:36:30.0472 0x0ac8  [ FBDF607ED7EF0467639DB501E1FD938C, 040528158D85D13122DB043144A982D6DC8744E75D140DB17A9BA5B93DC6B74D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:36:30.0745 0x0ac8  RtHDVCpl - ok
16:36:30.0767 0x0ac8  G Data AntiVirus Tray Application - ok
16:36:30.0767 0x0ac8  GDFirewallTray - ok
16:36:30.0835 0x0ac8  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:36:30.0863 0x0ac8  Adobe ARM - ok
16:36:30.0902 0x0ac8  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
16:36:30.0910 0x0ac8  APSDaemon - ok
16:36:30.0956 0x0ac8  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
16:36:30.0966 0x0ac8  UpdateLBPShortCut - ok
16:36:30.0998 0x0ac8  [ CD1E74BC24CB1D1544406741F46F4D61, 658529854926471AE413D8A365C8E6500AEBDC33A562607DAB185F1571A5524B ] C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe
16:36:31.0008 0x0ac8  MDS_Menu - ok
16:36:31.0044 0x0ac8  [ 572024F59132BC3A2AC5E60A6C48D31E, 8BC1BA9BAB555DDF246100A511E9B54FB790F0F871868DCB54B0F83AA9E7306B ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
16:36:31.0052 0x0ac8  CLMLServer - ok
16:36:31.0092 0x0ac8  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
16:36:31.0103 0x0ac8  UpdateP2GoShortCut - ok
16:36:31.0125 0x0ac8  [ 54986909FA8EB661E0B3BF258935588D, CF42472CD6F5D96F2A37C6B1E752E8AA622B045AC9D4C2AFAF9EC1605BCEDEA9 ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
16:36:31.0133 0x0ac8  RemoteControl9 - ok
16:36:31.0145 0x0ac8  [ E347862038C50FE3A5023D785C80B3E5, 6DC25B56FCD097ECE7A18859B7F6A14BC52ED09AD0C7481689FEB8DDC47F1075 ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
16:36:31.0153 0x0ac8  BDRegion - ok
16:36:31.0205 0x0ac8  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
16:36:31.0216 0x0ac8  UpdatePPShortCut - ok
16:36:31.0257 0x0ac8  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
16:36:31.0267 0x0ac8  UCam_Menu - ok
16:36:31.0287 0x0ac8  [ 9D56299FA5C9B3D9E67FF3ACB301139F, 202A0542BEA33C5F78A406EF9479EB7BD42FCBEAC9F49F38F6ECC48554117811 ] C:\Program Files (x86)\lg_fwupdate\lgfw.exe
16:36:31.0294 0x0ac8  LGODDFU - ok
16:36:31.0336 0x0ac8  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe
16:36:31.0347 0x0ac8  UpdatePSTShortCut - ok
16:36:31.0419 0x0ac8  [ 4452B3D4116EC5F81ACF33A80F264473, 8C7037DFCCB5165385DF67082E5183A3155574773B15C2FAB811F31C93D3325E ] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe
16:36:31.0434 0x0ac8  Live! Central 2 - detected UnsignedFile.Multi.Generic ( 1 )
16:36:31.0434 0x0ac8  Detect skipped due to KSN trusted
16:36:31.0434 0x0ac8  Live! Central 2 - ok
16:36:31.0439 0x0ac8  [ 4791A9FFA41B6744B4B5C9C6572E4EBB, 67B52BDA297F95570EAA4B0C7F0FAFBAC2FB4A69603EB45E712086D26A47379B ] C:\Windows\V0640Mon.exe
16:36:31.0448 0x0ac8  V0640Mon.exe - ok
16:36:31.0493 0x0ac8  [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
16:36:31.0502 0x0ac8  iTunesHelper - ok
16:36:31.0554 0x0ac8  [ 8DDA2B606279753601F9415DA503CA63, 2C9AD8218E150B6D50817991377ED3230A1672EFBD7AE29D0CD9E55E2418C800 ] C:\Program Files (x86)\QuickTime\QTTask.exe
16:36:31.0569 0x0ac8  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
16:36:31.0569 0x0ac8  Detect skipped due to KSN trusted
16:36:31.0569 0x0ac8  QuickTime Task - ok
16:36:31.0628 0x0ac8  [ 4CB7CEE3F7540B0BEDBD158D75F06509, 73348467A976AF06928B402E12A622BB1B5BD8BB2AC6446117E1FD1EEAFED217 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:36:31.0649 0x0ac8  StartCCC - ok
16:36:31.0686 0x0ac8  [ 5E7601CCBC2A98A4457E50612E0AEE73, 3F5FDCF1BEC5B134433F62ADD5C2931F700F2B7CBEDB0A98EF1362BF6E9FAC03 ] C:\Program Files (x86)\Drakonia Configurator\hid.exe
16:36:31.0695 0x0ac8  GamingMouse - detected UnsignedFile.Multi.Generic ( 1 )
16:36:31.0695 0x0ac8  Detect skipped due to KSN trusted
16:36:31.0695 0x0ac8  GamingMouse - ok
16:36:31.0759 0x0ac8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:36:31.0800 0x0ac8  Sidebar - ok
16:36:31.0835 0x0ac8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:36:31.0852 0x0ac8  mctadmin - ok
16:36:31.0881 0x0ac8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:36:31.0920 0x0ac8  Sidebar - ok
16:36:31.0926 0x0ac8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:36:31.0943 0x0ac8  mctadmin - ok
16:36:32.0033 0x0ac8  [ AFD67CED4279C1FBA095F1603D18E59F, 0F4E580D5F13EA0198D32D29A8500E193B18F266CCF354778032CAFD496337E1 ] C:\Program Files (x86)\Steam\steam.exe
16:36:32.0083 0x0ac8  Steam - ok
16:36:32.0157 0x0ac8  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:36:32.0205 0x0ac8  Sidebar - ok
16:36:32.0207 0x0ac8  LightScribe Control Panel - ok
16:36:32.0257 0x0ac8  [ 026FCF998F9C5986BB31DA44FB571BBF, 4163733DCB9721B5C8FF0BFF66AE22AB9B886622B8FD992D0AF1963BCFCAFE3C ] C:\Users\Basti\Desktop\Isos uns Setups\WinRemoteService_v1.2.9_portable\Windows Remote Service\WindowsRemoteService.exe
16:36:32.0265 0x0ac8  Windows Remote Service - detected UnsignedFile.Multi.Generic ( 1 )
16:36:32.0265 0x0ac8  Detect skipped due to KSN trusted
16:36:32.0265 0x0ac8  Windows Remote Service - ok
16:36:32.0831 0x0ac8  [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
16:36:33.0340 0x0ac8  Skype - ok
16:36:33.0410 0x0ac8  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
16:36:33.0431 0x0ac8  RESTART_STICKY_NOTES - ok
16:36:33.0607 0x0ac8  [ 978B3D42B75CAF33553577E78E612709, 4B999342B616A7566F198F937A6B5E81BC7F9D2155CE8238D58239B5CD8BFDCE ] C:\Program Files (x86)\Origin\Origin.exe
16:36:33.0694 0x0ac8  EADM - ok
16:36:33.0700 0x0ac8  LightScribe Control Panel - ok
16:36:33.0772 0x0ac8  [ AFD67CED4279C1FBA095F1603D18E59F, 0F4E580D5F13EA0198D32D29A8500E193B18F266CCF354778032CAFD496337E1 ] C:\Program Files (x86)\Steam\steam.exe
16:36:33.0821 0x0ac8  Steam - ok
16:36:34.0375 0x0ac8  [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
16:36:34.0882 0x0ac8  Skype - ok
16:36:34.0963 0x0ac8  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:36:35.0011 0x0ac8  Sidebar - ok
16:36:35.0126 0x0ac8  [ DC34596BFCF0BD472AA1D48449D8A7DF, B1A1AD8A72D585525CC4FEA4984EAD0AC0077640D2A4CF478BAA10BA3F08711A ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
16:36:35.0216 0x0ac8  DAEMON Tools Lite - ok
16:36:35.0232 0x0ac8  Pando Media Booster - ok
16:36:35.0256 0x0ac8  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
16:36:35.0277 0x0ac8  RESTART_STICKY_NOTES - ok
16:36:35.0346 0x0ac8  [ 862753AE696BD34EFCCB2A422E273C08, 5FA9423D35A236FACCE5A2AC5B7F50570804796E178EC0F79A412F41710D612B ] C:\Users\Basti\AppData\Local\Temp\CTPBSeq.exe
16:36:35.0350 0x0ac8  CTPostBootSequencer - detected UnsignedFile.Multi.Generic ( 1 )
16:36:35.0351 0x0ac8  Detect skipped due to KSN trusted
16:36:35.0351 0x0ac8  CTPostBootSequencer - ok
16:36:35.0358 0x0ac8  Win FW state via NFP2: enabled
16:36:37.0737 0x0ac8  ============================================================
16:36:37.0737 0x0ac8  Scan finished
16:36:37.0737 0x0ac8  ============================================================
16:36:37.0742 0x1050  Detected object count: 1
16:36:37.0742 0x1050  Actual detected object count: 1
16:36:50.0411 0x1050  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
16:36:50.0411 0x1050  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
         

Alt 03.09.2014, 08:09   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher - Standard

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher



Starte TDSSkiller.exe mit Doppelklick.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Drücke auf Start Scan.
    Mache während dem Scan nichts am Rechner
  • Gehe sicher das Cure ( default ) angehackt ist !
  • Drücke Continue --> Reboot.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.



Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.09.2014, 10:28   #10
Batzke95
 
Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher - Standard

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher



Hier das TDSS log

Code:
ATTFilter
10:50:02.0993 0x17b4  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
10:50:06.0786 0x17b4  ============================================================
10:50:06.0786 0x17b4  Current date / time: 2014/09/03 10:50:06.0786
10:50:06.0786 0x17b4  SystemInfo:
10:50:06.0786 0x17b4  
10:50:06.0786 0x17b4  OS Version: 6.1.7601 ServicePack: 1.0
10:50:06.0786 0x17b4  Product type: Workstation
10:50:06.0786 0x17b4  ComputerName: KUNDEN-C2A4T6U6
10:50:06.0786 0x17b4  UserName: Basti
10:50:06.0786 0x17b4  Windows directory: C:\Windows
10:50:06.0786 0x17b4  System windows directory: C:\Windows
10:50:06.0786 0x17b4  Running under WOW64
10:50:06.0786 0x17b4  Processor architecture: Intel x64
10:50:06.0786 0x17b4  Number of processors: 6
10:50:06.0786 0x17b4  Page size: 0x1000
10:50:06.0786 0x17b4  Boot type: Normal boot
10:50:06.0786 0x17b4  ============================================================
10:50:07.0028 0x17b4  KLMD registered as C:\Windows\system32\drivers\94684036.sys
10:50:07.0254 0x17b4  System UUID: {274326C4-A3C0-1F5E-987D-4B96D8B40664}
10:50:07.0586 0x17b4  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:50:07.0605 0x17b4  ============================================================
10:50:07.0605 0x17b4  \Device\Harddisk0\DR0:
10:50:07.0605 0x17b4  MBR partitions:
10:50:07.0605 0x17b4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:50:07.0605 0x17b4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
10:50:07.0605 0x17b4  ============================================================
10:50:07.0632 0x17b4  C: <-> \Device\Harddisk0\DR0\Partition2
10:50:07.0632 0x17b4  ============================================================
10:50:07.0632 0x17b4  Initialize success
10:50:07.0632 0x17b4  ============================================================
10:50:46.0174 0x0e28  ============================================================
10:50:46.0174 0x0e28  Scan started
10:50:46.0174 0x0e28  Mode: Manual; 
10:50:46.0174 0x0e28  ============================================================
10:50:46.0174 0x0e28  KSN ping started
10:50:46.0189 0x0e28  KSN ping finished: false
10:50:47.0172 0x0e28  ================ Scan system memory ========================
10:50:47.0172 0x0e28  System memory - ok
10:50:47.0172 0x0e28  ================ Scan services =============================
10:50:47.0328 0x0e28  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:50:47.0328 0x0e28  1394ohci - ok
10:50:47.0406 0x0e28  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
10:50:47.0406 0x0e28  acedrv11 - ok
10:50:47.0437 0x0e28  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:50:47.0437 0x0e28  ACPI - ok
10:50:47.0453 0x0e28  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:50:47.0453 0x0e28  AcpiPmi - ok
10:50:47.0531 0x0e28  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:50:47.0531 0x0e28  AdobeARMservice - ok
10:50:47.0624 0x0e28  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:50:47.0624 0x0e28  AdobeFlashPlayerUpdateSvc - ok
10:50:47.0671 0x0e28  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:50:47.0671 0x0e28  adp94xx - ok
10:50:47.0702 0x0e28  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:50:47.0702 0x0e28  adpahci - ok
10:50:47.0734 0x0e28  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:50:47.0734 0x0e28  adpu320 - ok
10:50:47.0765 0x0e28  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:50:47.0765 0x0e28  AeLookupSvc - ok
10:50:47.0812 0x0e28  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\Windows\system32\drivers\afd.sys
10:50:47.0827 0x0e28  AFD - ok
10:50:47.0843 0x0e28  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:50:47.0843 0x0e28  agp440 - ok
10:50:47.0858 0x0e28  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:50:47.0874 0x0e28  ALG - ok
10:50:47.0890 0x0e28  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:50:47.0890 0x0e28  aliide - ok
10:50:47.0936 0x0e28  [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:50:47.0936 0x0e28  AMD External Events Utility - ok
10:50:47.0999 0x0e28  AMD FUEL Service - ok
10:50:47.0999 0x0e28  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:50:47.0999 0x0e28  amdide - ok
10:50:48.0030 0x0e28  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
10:50:48.0030 0x0e28  amdiox64 - ok
10:50:48.0046 0x0e28  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:50:48.0046 0x0e28  AmdK8 - ok
10:50:48.0342 0x0e28  [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:50:48.0576 0x0e28  amdkmdag - ok
10:50:48.0638 0x0e28  [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
10:50:48.0654 0x0e28  amdkmdap - ok
10:50:48.0670 0x0e28  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:50:48.0670 0x0e28  AmdPPM - ok
10:50:48.0701 0x0e28  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:50:48.0701 0x0e28  amdsata - ok
10:50:48.0748 0x0e28  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:50:48.0748 0x0e28  amdsbs - ok
10:50:48.0779 0x0e28  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:50:48.0779 0x0e28  amdxata - ok
10:50:48.0826 0x0e28  [ 2FBB00A7616106B95104574C6CD640C2, 06DE79B42EBBBBA01DAB289D4280E131D780066CD7E4499229CD5EB1E597A017 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
10:50:48.0826 0x0e28  amd_sata - ok
10:50:48.0872 0x0e28  [ 87D0D7645CB0D53220649BD5FE15D93E, 195B25BC640BE5D802F530FAA68D3325A6C076DE8A7E56833372C3B2B53B673B ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
10:50:48.0872 0x0e28  amd_xata - ok
10:50:48.0950 0x0e28  [ 9D267443B7CE8A29899B9C9FF9E846B8, D8775F01A5598DEC2B70F98FD5B7160CA56352DE81AB265B21B68BE234DD4E77 ] Ant App service C:\Program Files (x86)\Ant.com\File1 Package Manager\AppService.exe
10:50:48.0950 0x0e28  Ant App service - ok
10:50:48.0982 0x0e28  [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
10:50:48.0982 0x0e28  AODDriver4.2 - ok
10:50:49.0044 0x0e28  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:50:49.0060 0x0e28  AppID - ok
10:50:49.0106 0x0e28  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:50:49.0106 0x0e28  AppIDSvc - ok
10:50:49.0106 0x0e28  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\Windows\System32\appinfo.dll
10:50:49.0106 0x0e28  Appinfo - ok
10:50:49.0153 0x0e28  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:50:49.0153 0x0e28  Apple Mobile Device - ok
10:50:49.0184 0x0e28  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
10:50:49.0184 0x0e28  arc - ok
10:50:49.0200 0x0e28  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:50:49.0200 0x0e28  arcsas - ok
10:50:49.0231 0x0e28  [ 954950D11ADA98AC1B7EE3C770E4622C, D6D4700D7359AB84FB362305FBF2389B4EF51B4190EC2E0D4C7FEF80A06A0D0B ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
10:50:49.0231 0x0e28  asmthub3 - ok
10:50:49.0262 0x0e28  [ 01DBB05DB1DB95803E3C9F2B49AFE79C, 286310787F7EB7B237CB0082567BDA2F57D8F88C37015F6637FF6A6775CAA5AE ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
10:50:49.0278 0x0e28  asmtxhci - ok
10:50:49.0372 0x0e28  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:50:49.0372 0x0e28  aspnet_state - ok
10:50:49.0387 0x0e28  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:50:49.0387 0x0e28  AsyncMac - ok
10:50:49.0403 0x0e28  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:50:49.0403 0x0e28  atapi - ok
10:50:49.0450 0x0e28  [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:50:49.0450 0x0e28  AtiHDAudioService - ok
10:50:49.0496 0x0e28  [ 64F07381335E37C142F6D176705FFCA6, 8F7F633B891FE653D3298578897711A04E7B2B08E51CEE131C50102EFD45AC0E ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
10:50:49.0496 0x0e28  atksgt - ok
10:50:49.0528 0x0e28  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:50:49.0543 0x0e28  AudioEndpointBuilder - ok
10:50:49.0559 0x0e28  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:50:49.0574 0x0e28  AudioSrv - ok
10:50:49.0590 0x0e28  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:50:49.0606 0x0e28  AxInstSV - ok
10:50:49.0637 0x0e28  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
10:50:49.0637 0x0e28  b06bdrv - ok
10:50:49.0668 0x0e28  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:50:49.0668 0x0e28  b57nd60a - ok
10:50:49.0730 0x0e28  [ E49110A58A32E9450356686A95DD7763, 0C16196F48184907B92167AD6C4DA3A6039711AB99CB0D2D1BD37F935696303B ] BCMH43XX        C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
10:50:49.0746 0x0e28  BCMH43XX - ok
10:50:49.0746 0x0e28  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:50:49.0746 0x0e28  BDESVC - ok
10:50:49.0777 0x0e28  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:50:49.0777 0x0e28  Beep - ok
10:50:49.0808 0x0e28  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:50:49.0824 0x0e28  BFE - ok
10:50:49.0855 0x0e28  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:50:49.0871 0x0e28  BITS - ok
10:50:49.0902 0x0e28  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:50:49.0902 0x0e28  blbdrive - ok
10:50:49.0964 0x0e28  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:50:49.0980 0x0e28  Bonjour Service - ok
10:50:50.0011 0x0e28  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:50:50.0011 0x0e28  bowser - ok
10:50:50.0027 0x0e28  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
10:50:50.0027 0x0e28  BrFiltLo - ok
10:50:50.0042 0x0e28  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
10:50:50.0042 0x0e28  BrFiltUp - ok
10:50:50.0089 0x0e28  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:50:50.0089 0x0e28  Browser - ok
10:50:50.0105 0x0e28  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:50:50.0120 0x0e28  Brserid - ok
10:50:50.0120 0x0e28  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:50:50.0120 0x0e28  BrSerWdm - ok
10:50:50.0136 0x0e28  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:50:50.0136 0x0e28  BrUsbMdm - ok
10:50:50.0136 0x0e28  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:50:50.0136 0x0e28  BrUsbSer - ok
10:50:50.0167 0x0e28  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
10:50:50.0167 0x0e28  BthEnum - ok
10:50:50.0183 0x0e28  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:50:50.0183 0x0e28  BTHMODEM - ok
10:50:50.0198 0x0e28  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
10:50:50.0198 0x0e28  BthPan - ok
10:50:50.0245 0x0e28  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
10:50:50.0261 0x0e28  BTHPORT - ok
10:50:50.0292 0x0e28  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:50:50.0292 0x0e28  bthserv - ok
10:50:50.0308 0x0e28  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
10:50:50.0308 0x0e28  BTHUSB - ok
10:50:50.0323 0x0e28  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:50:50.0323 0x0e28  cdfs - ok
10:50:50.0354 0x0e28  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:50:50.0354 0x0e28  cdrom - ok
10:50:50.0370 0x0e28  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:50:50.0370 0x0e28  CertPropSvc - ok
10:50:50.0370 0x0e28  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:50:50.0386 0x0e28  circlass - ok
10:50:50.0401 0x0e28  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:50:50.0401 0x0e28  CLFS - ok
10:50:50.0526 0x0e28  [ 4642B5A3E0D2E61D08163DE95FC5B949, C1A502ED96EB4AF7FE8643AD139A0AAA5492583E6D83A3937443662CDD430FE4 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
10:50:50.0526 0x0e28  CLKMSVC10_9EC60124 - ok
10:50:50.0573 0x0e28  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:50:50.0573 0x0e28  clr_optimization_v2.0.50727_32 - ok
10:50:50.0604 0x0e28  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:50:50.0620 0x0e28  clr_optimization_v2.0.50727_64 - ok
10:50:50.0666 0x0e28  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:50:50.0666 0x0e28  clr_optimization_v4.0.30319_32 - ok
10:50:50.0682 0x0e28  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:50:50.0682 0x0e28  clr_optimization_v4.0.30319_64 - ok
10:50:50.0698 0x0e28  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
10:50:50.0698 0x0e28  CmBatt - ok
10:50:50.0713 0x0e28  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:50:50.0713 0x0e28  cmdide - ok
10:50:50.0760 0x0e28  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\Windows\system32\Drivers\cng.sys
10:50:50.0760 0x0e28  CNG - ok
10:50:50.0776 0x0e28  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
10:50:50.0776 0x0e28  Compbatt - ok
10:50:50.0807 0x0e28  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
10:50:50.0807 0x0e28  CompositeBus - ok
10:50:50.0822 0x0e28  COMSysApp - ok
10:50:50.0822 0x0e28  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:50:50.0822 0x0e28  crcdisk - ok
10:50:50.0885 0x0e28  [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:50:50.0885 0x0e28  CryptSvc - ok
10:50:50.0932 0x0e28  [ 580033E37BEB30E7176CAF46D8C282F3, 67B51B89E13831758486766357916592FB581FAFD27BD83DBAF4C658247C74D0 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
10:50:50.0932 0x0e28  CtClsFlt - ok
10:50:50.0978 0x0e28  [ C7259495924D21F1AFA26467D9F4DAE0, 7FF991D7FE660E7CAC682FC82B9C44EC38E267A0C3AAE0C4FAEE0853756AF5C8 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
10:50:50.0978 0x0e28  dc3d - ok
10:50:51.0010 0x0e28  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:50:51.0025 0x0e28  DcomLaunch - ok
10:50:51.0056 0x0e28  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:50:51.0056 0x0e28  defragsvc - ok
10:50:51.0088 0x0e28  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:50:51.0088 0x0e28  DfsC - ok
10:50:51.0119 0x0e28  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:50:51.0119 0x0e28  Dhcp - ok
10:50:51.0134 0x0e28  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:50:51.0134 0x0e28  discache - ok
10:50:51.0181 0x0e28  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
10:50:51.0181 0x0e28  Disk - ok
10:50:51.0197 0x0e28  DisplayFusionService - ok
10:50:51.0244 0x0e28  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:50:51.0244 0x0e28  Dnscache - ok
10:50:51.0259 0x0e28  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:50:51.0259 0x0e28  dot3svc - ok
10:50:51.0275 0x0e28  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:50:51.0275 0x0e28  DPS - ok
10:50:51.0306 0x0e28  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:50:51.0306 0x0e28  drmkaud - ok
10:50:51.0337 0x0e28  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:50:51.0353 0x0e28  dtsoftbus01 - ok
10:50:51.0384 0x0e28  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:50:51.0400 0x0e28  DXGKrnl - ok
10:50:51.0415 0x0e28  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:50:51.0415 0x0e28  EapHost - ok
10:50:51.0509 0x0e28  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
10:50:51.0587 0x0e28  ebdrv - ok
10:50:51.0602 0x0e28  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
10:50:51.0602 0x0e28  EFS - ok
10:50:51.0649 0x0e28  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:50:51.0665 0x0e28  ehRecvr - ok
10:50:51.0680 0x0e28  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:50:51.0680 0x0e28  ehSched - ok
10:50:51.0712 0x0e28  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:50:51.0712 0x0e28  elxstor - ok
10:50:51.0727 0x0e28  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:50:51.0727 0x0e28  ErrDev - ok
10:50:51.0758 0x0e28  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:50:51.0758 0x0e28  EventSystem - ok
10:50:51.0774 0x0e28  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:50:51.0790 0x0e28  exfat - ok
10:50:51.0805 0x0e28  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:50:51.0805 0x0e28  fastfat - ok
10:50:51.0852 0x0e28  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:50:51.0868 0x0e28  Fax - ok
10:50:51.0883 0x0e28  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
10:50:51.0883 0x0e28  fdc - ok
10:50:51.0914 0x0e28  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:50:51.0914 0x0e28  fdPHost - ok
10:50:51.0914 0x0e28  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:50:51.0914 0x0e28  FDResPub - ok
10:50:51.0930 0x0e28  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:50:51.0930 0x0e28  FileInfo - ok
10:50:51.0946 0x0e28  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:50:51.0946 0x0e28  Filetrace - ok
10:50:51.0946 0x0e28  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
10:50:51.0946 0x0e28  flpydisk - ok
10:50:51.0977 0x0e28  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:50:51.0977 0x0e28  FltMgr - ok
10:50:52.0024 0x0e28  [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache       C:\Windows\system32\FntCache.dll
10:50:52.0055 0x0e28  FontCache - ok
10:50:52.0086 0x0e28  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:50:52.0086 0x0e28  FontCache3.0.0.0 - ok
10:50:52.0086 0x0e28  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:50:52.0086 0x0e28  FsDepends - ok
10:50:52.0133 0x0e28  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:50:52.0133 0x0e28  Fs_Rec - ok
10:50:52.0148 0x0e28  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:50:52.0148 0x0e28  fvevol - ok
10:50:52.0180 0x0e28  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:50:52.0180 0x0e28  gagp30kx - ok
10:50:52.0211 0x0e28  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:50:52.0211 0x0e28  GEARAspiWDM - ok
10:50:52.0242 0x0e28  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:50:52.0258 0x0e28  gpsvc - ok
10:50:52.0320 0x0e28  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:50:52.0320 0x0e28  gupdate - ok
10:50:52.0336 0x0e28  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:50:52.0336 0x0e28  gupdatem - ok
10:50:52.0367 0x0e28  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
10:50:52.0367 0x0e28  hamachi - ok
10:50:52.0367 0x0e28  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:50:52.0382 0x0e28  hcw85cir - ok
10:50:52.0414 0x0e28  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:50:52.0414 0x0e28  HdAudAddService - ok
10:50:52.0445 0x0e28  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:50:52.0445 0x0e28  HDAudBus - ok
10:50:52.0460 0x0e28  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
10:50:52.0460 0x0e28  HidBatt - ok
10:50:52.0476 0x0e28  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:50:52.0476 0x0e28  HidBth - ok
10:50:52.0476 0x0e28  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:50:52.0476 0x0e28  HidIr - ok
10:50:52.0492 0x0e28  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:50:52.0492 0x0e28  hidserv - ok
10:50:52.0507 0x0e28  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:50:52.0507 0x0e28  HidUsb - ok
10:50:52.0523 0x0e28  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:50:52.0523 0x0e28  hkmsvc - ok
10:50:52.0554 0x0e28  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:50:52.0554 0x0e28  HomeGroupListener - ok
10:50:52.0585 0x0e28  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:50:52.0585 0x0e28  HomeGroupProvider - ok
10:50:52.0601 0x0e28  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:50:52.0601 0x0e28  HpSAMD - ok
10:50:52.0648 0x0e28  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:50:52.0663 0x0e28  HTTP - ok
10:50:52.0694 0x0e28  [ 8C7F1C56491A1CF8E32316052324D7F5, FFAB4953108A6E4F09AB34DC95DE3F3C8E50482C945928A8C9613CEB9669CA89 ] hugoio64        C:\Windows\system32\drivers\hugoio64.sys
10:50:52.0694 0x0e28  hugoio64 - ok
10:50:52.0710 0x0e28  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:50:52.0710 0x0e28  hwpolicy - ok
10:50:52.0726 0x0e28  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:50:52.0726 0x0e28  i8042prt - ok
10:50:52.0757 0x0e28  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:50:52.0772 0x0e28  iaStorV - ok
10:50:52.0835 0x0e28  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:50:52.0835 0x0e28  IDriverT - ok
10:50:52.0897 0x0e28  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:50:52.0913 0x0e28  idsvc - ok
10:50:52.0928 0x0e28  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:50:52.0928 0x0e28  iirsp - ok
10:50:52.0960 0x0e28  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
10:50:52.0991 0x0e28  IKEEXT - ok
10:50:53.0084 0x0e28  [ 589B94A9B73A0E819FF873743A480834, 49FA8EC38F1C78F38F818CC28F2734802739247F0B89A971D65FDAF3110041A8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:50:53.0131 0x0e28  IntcAzAudAddService - ok
10:50:53.0147 0x0e28  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:50:53.0147 0x0e28  intelide - ok
10:50:53.0162 0x0e28  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
10:50:53.0162 0x0e28  intelppm - ok
10:50:53.0178 0x0e28  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:50:53.0178 0x0e28  IPBusEnum - ok
10:50:53.0194 0x0e28  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:50:53.0194 0x0e28  IpFilterDriver - ok
10:50:53.0225 0x0e28  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:50:53.0240 0x0e28  iphlpsvc - ok
10:50:53.0256 0x0e28  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:50:53.0256 0x0e28  IPMIDRV - ok
10:50:53.0272 0x0e28  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:50:53.0287 0x0e28  IPNAT - ok
10:50:53.0334 0x0e28  [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:50:53.0350 0x0e28  iPod Service - ok
10:50:53.0365 0x0e28  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:50:53.0365 0x0e28  IRENUM - ok
10:50:53.0381 0x0e28  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:50:53.0381 0x0e28  isapnp - ok
10:50:53.0396 0x0e28  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:50:53.0396 0x0e28  iScsiPrt - ok
10:50:53.0412 0x0e28  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:50:53.0412 0x0e28  kbdclass - ok
10:50:53.0428 0x0e28  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:50:53.0428 0x0e28  kbdhid - ok
10:50:53.0443 0x0e28  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
10:50:53.0443 0x0e28  KeyIso - ok
10:50:53.0474 0x0e28  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:50:53.0474 0x0e28  KSecDD - ok
10:50:53.0490 0x0e28  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:50:53.0490 0x0e28  KSecPkg - ok
10:50:53.0506 0x0e28  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:50:53.0506 0x0e28  ksthunk - ok
10:50:53.0521 0x0e28  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:50:53.0537 0x0e28  KtmRm - ok
10:50:53.0568 0x0e28  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:50:53.0568 0x0e28  LanmanServer - ok
10:50:53.0599 0x0e28  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:50:53.0599 0x0e28  LanmanWorkstation - ok
10:50:53.0630 0x0e28  [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
10:50:53.0630 0x0e28  lirsgt - ok
10:50:53.0646 0x0e28  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:50:53.0662 0x0e28  lltdio - ok
10:50:53.0677 0x0e28  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:50:53.0677 0x0e28  lltdsvc - ok
10:50:53.0693 0x0e28  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:50:53.0693 0x0e28  lmhosts - ok
10:50:53.0724 0x0e28  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:50:53.0724 0x0e28  LSI_FC - ok
10:50:53.0724 0x0e28  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:50:53.0740 0x0e28  LSI_SAS - ok
10:50:53.0740 0x0e28  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:50:53.0740 0x0e28  LSI_SAS2 - ok
10:50:53.0755 0x0e28  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:50:53.0755 0x0e28  LSI_SCSI - ok
10:50:53.0771 0x0e28  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:50:53.0786 0x0e28  luafv - ok
10:50:53.0802 0x0e28  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:50:53.0802 0x0e28  Mcx2Svc - ok
10:50:53.0802 0x0e28  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:50:53.0818 0x0e28  megasas - ok
10:50:53.0833 0x0e28  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:50:53.0833 0x0e28  MegaSR - ok
10:50:53.0849 0x0e28  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:50:53.0849 0x0e28  MMCSS - ok
10:50:53.0864 0x0e28  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:50:53.0864 0x0e28  Modem - ok
10:50:53.0896 0x0e28  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:50:53.0896 0x0e28  monitor - ok
10:50:53.0911 0x0e28  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:50:53.0911 0x0e28  mouclass - ok
10:50:53.0911 0x0e28  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:50:53.0911 0x0e28  mouhid - ok
10:50:53.0927 0x0e28  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:50:53.0927 0x0e28  mountmgr - ok
10:50:53.0942 0x0e28  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:50:53.0942 0x0e28  mpio - ok
10:50:53.0958 0x0e28  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:50:53.0974 0x0e28  mpsdrv - ok
10:50:54.0005 0x0e28  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:50:54.0020 0x0e28  MpsSvc - ok
10:50:54.0036 0x0e28  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:50:54.0036 0x0e28  MRxDAV - ok
10:50:54.0067 0x0e28  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:50:54.0067 0x0e28  mrxsmb - ok
10:50:54.0083 0x0e28  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:50:54.0098 0x0e28  mrxsmb10 - ok
10:50:54.0114 0x0e28  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:50:54.0114 0x0e28  mrxsmb20 - ok
10:50:54.0114 0x0e28  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:50:54.0114 0x0e28  msahci - ok
10:50:54.0130 0x0e28  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:50:54.0130 0x0e28  msdsm - ok
10:50:54.0145 0x0e28  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:50:54.0145 0x0e28  MSDTC - ok
10:50:54.0176 0x0e28  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:50:54.0176 0x0e28  Msfs - ok
10:50:54.0176 0x0e28  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:50:54.0192 0x0e28  mshidkmdf - ok
10:50:54.0192 0x0e28  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:50:54.0208 0x0e28  msisadrv - ok
10:50:54.0223 0x0e28  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:50:54.0223 0x0e28  MSiSCSI - ok
10:50:54.0223 0x0e28  msiserver - ok
10:50:54.0254 0x0e28  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:50:54.0254 0x0e28  MSKSSRV - ok
10:50:54.0270 0x0e28  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:50:54.0270 0x0e28  MSPCLOCK - ok
10:50:54.0286 0x0e28  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:50:54.0286 0x0e28  MSPQM - ok
10:50:54.0301 0x0e28  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:50:54.0301 0x0e28  MsRPC - ok
10:50:54.0332 0x0e28  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:50:54.0332 0x0e28  mssmbios - ok
10:50:54.0332 0x0e28  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:50:54.0332 0x0e28  MSTEE - ok
10:50:54.0348 0x0e28  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
10:50:54.0348 0x0e28  MTConfig - ok
10:50:54.0364 0x0e28  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:50:54.0364 0x0e28  Mup - ok
10:50:54.0395 0x0e28  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:50:54.0395 0x0e28  napagent - ok
10:50:54.0442 0x0e28  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:50:54.0442 0x0e28  NativeWifiP - ok
10:50:54.0504 0x0e28  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:50:54.0535 0x0e28  NDIS - ok
10:50:54.0551 0x0e28  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:50:54.0551 0x0e28  NdisCap - ok
10:50:54.0566 0x0e28  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:50:54.0566 0x0e28  NdisTapi - ok
10:50:54.0582 0x0e28  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:50:54.0582 0x0e28  Ndisuio - ok
10:50:54.0598 0x0e28  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:50:54.0598 0x0e28  NdisWan - ok
10:50:54.0613 0x0e28  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:50:54.0613 0x0e28  NDProxy - ok
10:50:54.0629 0x0e28  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:50:54.0629 0x0e28  NetBIOS - ok
10:50:54.0644 0x0e28  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:50:54.0644 0x0e28  NetBT - ok
10:50:54.0660 0x0e28  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
10:50:54.0660 0x0e28  Netlogon - ok
10:50:54.0691 0x0e28  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:50:54.0691 0x0e28  Netman - ok
10:50:54.0738 0x0e28  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:54.0738 0x0e28  NetMsmqActivator - ok
10:50:54.0754 0x0e28  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:54.0769 0x0e28  NetPipeActivator - ok
10:50:54.0785 0x0e28  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:50:54.0800 0x0e28  netprofm - ok
10:50:54.0800 0x0e28  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:54.0800 0x0e28  NetTcpActivator - ok
10:50:54.0800 0x0e28  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:54.0816 0x0e28  NetTcpPortSharing - ok
10:50:54.0832 0x0e28  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:50:54.0832 0x0e28  nfrd960 - ok
10:50:54.0847 0x0e28  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:50:54.0847 0x0e28  NlaSvc - ok
10:50:54.0863 0x0e28  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:50:54.0863 0x0e28  Npfs - ok
10:50:54.0878 0x0e28  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:50:54.0878 0x0e28  nsi - ok
10:50:54.0894 0x0e28  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:50:54.0894 0x0e28  nsiproxy - ok
10:50:54.0956 0x0e28  [ E453ACF4E7D44E5530B5D5F2B9CA8563, 85EEBCBB3187A21282619A0264C10E9E52EFE4387F3425D3D279EF460DA3AD06 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:50:55.0003 0x0e28  Ntfs - ok
10:50:55.0003 0x0e28  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:50:55.0019 0x0e28  Null - ok
10:50:55.0050 0x0e28  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:50:55.0050 0x0e28  nvraid - ok
10:50:55.0066 0x0e28  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:50:55.0066 0x0e28  nvstor - ok
10:50:55.0097 0x0e28  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:50:55.0097 0x0e28  nv_agp - ok
10:50:55.0112 0x0e28  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:50:55.0112 0x0e28  ohci1394 - ok
10:50:55.0144 0x0e28  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:50:55.0159 0x0e28  ose - ok
10:50:55.0346 0x0e28  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:50:55.0456 0x0e28  osppsvc - ok
10:50:55.0487 0x0e28  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:50:55.0502 0x0e28  p2pimsvc - ok
10:50:55.0518 0x0e28  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:50:55.0534 0x0e28  p2psvc - ok
10:50:55.0549 0x0e28  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
10:50:55.0549 0x0e28  Parport - ok
10:50:55.0580 0x0e28  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:50:55.0580 0x0e28  partmgr - ok
10:50:55.0596 0x0e28  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:50:55.0596 0x0e28  PcaSvc - ok
10:50:55.0627 0x0e28  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:50:55.0627 0x0e28  pci - ok
10:50:55.0643 0x0e28  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:50:55.0643 0x0e28  pciide - ok
10:50:55.0658 0x0e28  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:50:55.0658 0x0e28  pcmcia - ok
10:50:55.0674 0x0e28  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:50:55.0674 0x0e28  pcw - ok
10:50:55.0690 0x0e28  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:50:55.0705 0x0e28  PEAUTH - ok
10:50:55.0752 0x0e28  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:50:55.0752 0x0e28  PerfHost - ok
10:50:55.0799 0x0e28  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:50:55.0830 0x0e28  pla - ok
10:50:55.0877 0x0e28  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:50:55.0892 0x0e28  PlugPlay - ok
10:50:55.0955 0x0e28  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
10:50:55.0955 0x0e28  PnkBstrA - ok
10:50:55.0970 0x0e28  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:50:55.0970 0x0e28  PNRPAutoReg - ok
10:50:55.0970 0x0e28  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:50:55.0986 0x0e28  PNRPsvc - ok
10:50:56.0017 0x0e28  [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64         C:\Windows\system32\DRIVERS\point64.sys
10:50:56.0017 0x0e28  Point64 - ok
10:50:56.0064 0x0e28  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:50:56.0064 0x0e28  PolicyAgent - ok
10:50:56.0095 0x0e28  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:50:56.0111 0x0e28  Power - ok
10:50:56.0126 0x0e28  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:50:56.0142 0x0e28  PptpMiniport - ok
10:50:56.0142 0x0e28  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
10:50:56.0142 0x0e28  Processor - ok
10:50:56.0189 0x0e28  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:50:56.0189 0x0e28  ProfSvc - ok
10:50:56.0220 0x0e28  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
10:50:56.0220 0x0e28  ProtectedStorage - ok
10:50:56.0236 0x0e28  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:50:56.0236 0x0e28  Psched - ok
10:50:56.0298 0x0e28  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:50:56.0329 0x0e28  ql2300 - ok
10:50:56.0345 0x0e28  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:50:56.0345 0x0e28  ql40xx - ok
10:50:56.0360 0x0e28  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:50:56.0376 0x0e28  QWAVE - ok
10:50:56.0376 0x0e28  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:50:56.0392 0x0e28  QWAVEdrv - ok
10:50:56.0392 0x0e28  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:50:56.0392 0x0e28  RasAcd - ok
10:50:56.0392 0x0e28  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:50:56.0392 0x0e28  RasAgileVpn - ok
10:50:56.0407 0x0e28  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:50:56.0407 0x0e28  RasAuto - ok
10:50:56.0423 0x0e28  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:50:56.0423 0x0e28  Rasl2tp - ok
10:50:56.0454 0x0e28  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:50:56.0454 0x0e28  RasMan - ok
10:50:56.0470 0x0e28  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:50:56.0470 0x0e28  RasPppoe - ok
10:50:56.0485 0x0e28  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:50:56.0485 0x0e28  RasSstp - ok
10:50:56.0501 0x0e28  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:50:56.0516 0x0e28  rdbss - ok
10:50:56.0532 0x0e28  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
10:50:56.0532 0x0e28  rdpbus - ok
10:50:56.0548 0x0e28  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:50:56.0548 0x0e28  RDPCDD - ok
10:50:56.0563 0x0e28  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:50:56.0563 0x0e28  RDPENCDD - ok
10:50:56.0579 0x0e28  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:50:56.0579 0x0e28  RDPREFMP - ok
10:50:56.0610 0x0e28  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:50:56.0626 0x0e28  RDPWD - ok
10:50:56.0641 0x0e28  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:50:56.0641 0x0e28  rdyboost - ok
10:50:56.0657 0x0e28  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:50:56.0657 0x0e28  RemoteAccess - ok
10:50:56.0672 0x0e28  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:50:56.0672 0x0e28  RemoteRegistry - ok
10:50:56.0704 0x0e28  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
10:50:56.0704 0x0e28  RFCOMM - ok
10:50:56.0782 0x0e28  [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
10:50:56.0782 0x0e28  RichVideo - ok
10:50:56.0797 0x0e28  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:50:56.0797 0x0e28  RpcEptMapper - ok
10:50:56.0797 0x0e28  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:50:56.0797 0x0e28  RpcLocator - ok
10:50:56.0828 0x0e28  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:50:56.0828 0x0e28  RpcSs - ok
10:50:56.0844 0x0e28  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:50:56.0844 0x0e28  rspndr - ok
10:50:56.0906 0x0e28  [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:50:56.0906 0x0e28  RTL8167 - ok
10:50:56.0922 0x0e28  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
10:50:56.0922 0x0e28  SamSs - ok
10:50:56.0938 0x0e28  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:50:56.0938 0x0e28  sbp2port - ok
10:50:56.0969 0x0e28  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:50:56.0969 0x0e28  SCardSvr - ok
10:50:56.0969 0x0e28  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:50:56.0984 0x0e28  scfilter - ok
10:50:57.0016 0x0e28  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:50:57.0047 0x0e28  Schedule - ok
10:50:57.0062 0x0e28  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:50:57.0062 0x0e28  SCPolicySvc - ok
10:50:57.0078 0x0e28  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:50:57.0094 0x0e28  SDRSVC - ok
10:50:57.0094 0x0e28  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:50:57.0094 0x0e28  secdrv - ok
10:50:57.0109 0x0e28  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:50:57.0109 0x0e28  seclogon - ok
10:50:57.0125 0x0e28  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:50:57.0125 0x0e28  SENS - ok
10:50:57.0140 0x0e28  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:50:57.0140 0x0e28  SensrSvc - ok
10:50:57.0172 0x0e28  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:50:57.0172 0x0e28  Serenum - ok
10:50:57.0203 0x0e28  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:50:57.0203 0x0e28  Serial - ok
10:50:57.0218 0x0e28  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:50:57.0218 0x0e28  sermouse - ok
10:50:57.0218 0x0e28  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:50:57.0234 0x0e28  SessionEnv - ok
10:50:57.0234 0x0e28  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:50:57.0234 0x0e28  sffdisk - ok
10:50:57.0250 0x0e28  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:50:57.0250 0x0e28  sffp_mmc - ok
10:50:57.0250 0x0e28  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:50:57.0250 0x0e28  sffp_sd - ok
10:50:57.0265 0x0e28  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:50:57.0265 0x0e28  sfloppy - ok
10:50:57.0296 0x0e28  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:50:57.0296 0x0e28  SharedAccess - ok
10:50:57.0312 0x0e28  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:50:57.0328 0x0e28  ShellHWDetection - ok
10:50:57.0343 0x0e28  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:50:57.0343 0x0e28  SiSRaid2 - ok
10:50:57.0343 0x0e28  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:50:57.0343 0x0e28  SiSRaid4 - ok
10:50:57.0359 0x0e28  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:50:57.0374 0x0e28  SkypeUpdate - ok
10:50:57.0374 0x0e28  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:50:57.0390 0x0e28  Smb - ok
10:50:57.0406 0x0e28  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:50:57.0406 0x0e28  SNMPTRAP - ok
10:50:57.0406 0x0e28  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:50:57.0406 0x0e28  spldr - ok
10:50:57.0452 0x0e28  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:50:57.0452 0x0e28  Spooler - ok
10:50:57.0546 0x0e28  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:50:57.0624 0x0e28  sppsvc - ok
10:50:57.0640 0x0e28  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:50:57.0655 0x0e28  sppuinotify - ok
10:50:57.0686 0x0e28  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:50:57.0702 0x0e28  srv - ok
10:50:57.0718 0x0e28  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:50:57.0718 0x0e28  srv2 - ok
10:50:57.0733 0x0e28  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:50:57.0749 0x0e28  srvnet - ok
10:50:57.0749 0x0e28  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:50:57.0764 0x0e28  SSDPSRV - ok
10:50:57.0780 0x0e28  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:50:57.0780 0x0e28  SstpSvc - ok
10:50:57.0842 0x0e28  [ B5C26A6A92C9A6CD64399D2B06D29464, 6CAF09892D4C516361125AAF5387D5BF306EC26133EE45DBBC35C8B6190BAD24 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:50:57.0858 0x0e28  Steam Client Service - ok
10:50:57.0874 0x0e28  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:50:57.0874 0x0e28  stexstor - ok
10:50:57.0905 0x0e28  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:50:57.0920 0x0e28  stisvc - ok
10:50:57.0936 0x0e28  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:50:57.0936 0x0e28  swenum - ok
10:50:57.0967 0x0e28  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:50:57.0967 0x0e28  swprv - ok
10:50:58.0030 0x0e28  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:50:58.0061 0x0e28  SysMain - ok
10:50:58.0076 0x0e28  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:50:58.0092 0x0e28  TabletInputService - ok
10:50:58.0108 0x0e28  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:50:58.0108 0x0e28  TapiSrv - ok
10:50:58.0123 0x0e28  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:50:58.0123 0x0e28  TBS - ok
10:50:58.0201 0x0e28  [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:50:58.0248 0x0e28  Tcpip - ok
10:50:58.0310 0x0e28  [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:50:58.0342 0x0e28  TCPIP6 - ok
10:50:58.0357 0x0e28  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:50:58.0357 0x0e28  tcpipreg - ok
10:50:58.0373 0x0e28  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:50:58.0373 0x0e28  TDPIPE - ok
10:50:58.0404 0x0e28  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:50:58.0404 0x0e28  TDTCP - ok
10:50:58.0404 0x0e28  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:50:58.0420 0x0e28  tdx - ok
10:50:58.0420 0x0e28  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:50:58.0420 0x0e28  TermDD - ok
10:50:58.0451 0x0e28  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
10:50:58.0466 0x0e28  TermService - ok
10:50:58.0466 0x0e28  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:50:58.0482 0x0e28  Themes - ok
10:50:58.0498 0x0e28  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:50:58.0498 0x0e28  THREADORDER - ok
10:50:58.0513 0x0e28  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:50:58.0513 0x0e28  TrkWks - ok
10:50:58.0560 0x0e28  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:50:58.0560 0x0e28  TrustedInstaller - ok
10:50:58.0576 0x0e28  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:50:58.0576 0x0e28  tssecsrv - ok
10:50:58.0607 0x0e28  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:50:58.0607 0x0e28  TsUsbFlt - ok
10:50:58.0607 0x0e28  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
10:50:58.0607 0x0e28  TsUsbGD - ok
10:50:58.0638 0x0e28  tswNT - ok
10:50:58.0654 0x0e28  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:50:58.0654 0x0e28  tunnel - ok
10:50:58.0654 0x0e28  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:50:58.0654 0x0e28  uagp35 - ok
10:50:58.0669 0x0e28  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:50:58.0685 0x0e28  udfs - ok
10:50:58.0716 0x0e28  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:50:58.0716 0x0e28  UI0Detect - ok
10:50:58.0732 0x0e28  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:50:58.0732 0x0e28  uliagpkx - ok
10:50:58.0747 0x0e28  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:50:58.0747 0x0e28  umbus - ok
10:50:58.0763 0x0e28  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
10:50:58.0763 0x0e28  UmPass - ok
10:50:58.0794 0x0e28  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:50:58.0794 0x0e28  upnphost - ok
10:50:58.0825 0x0e28  [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
10:50:58.0825 0x0e28  USBAAPL64 - ok
10:50:58.0872 0x0e28  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
10:50:58.0888 0x0e28  usbaudio - ok
10:50:58.0903 0x0e28  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:50:58.0903 0x0e28  usbccgp - ok
10:50:58.0919 0x0e28  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:50:58.0919 0x0e28  usbcir - ok
10:50:58.0950 0x0e28  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:50:58.0950 0x0e28  usbehci - ok
10:50:58.0981 0x0e28  [ 573D192E268F0C5B486B7E96F661E538, 0F32BD82CA7B5D4DE234EFC6527EF4C854BD15B3057FE4A0151C70115493FFDC ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
10:50:58.0981 0x0e28  usbfilter - ok
10:50:58.0997 0x0e28  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:50:59.0012 0x0e28  usbhub - ok
10:50:59.0012 0x0e28  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:50:59.0012 0x0e28  usbohci - ok
10:50:59.0028 0x0e28  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
10:50:59.0028 0x0e28  usbprint - ok
10:50:59.0059 0x0e28  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:50:59.0059 0x0e28  USBSTOR - ok
10:50:59.0090 0x0e28  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:50:59.0090 0x0e28  usbuhci - ok
10:50:59.0122 0x0e28  [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
10:50:59.0122 0x0e28  usb_rndisx - ok
10:50:59.0137 0x0e28  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:50:59.0137 0x0e28  UxSms - ok
10:50:59.0168 0x0e28  [ 34AF631F8D8BDBE77E7FBD99FF147D3F, B767E46330C27F3C6BDF3E1EC363B8BE702B7B3CC793698B829460EAA2426EE1 ] V0640Vid        C:\Windows\system32\DRIVERS\V0640Vid.sys
10:50:59.0168 0x0e28  V0640Vid - ok
10:50:59.0184 0x0e28  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
10:50:59.0200 0x0e28  VaultSvc - ok
10:50:59.0200 0x0e28  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:50:59.0200 0x0e28  vdrvroot - ok
10:50:59.0231 0x0e28  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:50:59.0246 0x0e28  vds - ok
10:50:59.0262 0x0e28  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:50:59.0262 0x0e28  vga - ok
10:50:59.0278 0x0e28  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:50:59.0278 0x0e28  VgaSave - ok
10:50:59.0293 0x0e28  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:50:59.0293 0x0e28  vhdmp - ok
10:50:59.0309 0x0e28  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:50:59.0309 0x0e28  viaide - ok
10:50:59.0324 0x0e28  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:50:59.0324 0x0e28  volmgr - ok
10:50:59.0340 0x0e28  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:50:59.0356 0x0e28  volmgrx - ok
10:50:59.0371 0x0e28  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:50:59.0371 0x0e28  volsnap - ok
10:50:59.0387 0x0e28  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:50:59.0402 0x0e28  vsmraid - ok
10:50:59.0449 0x0e28  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:50:59.0480 0x0e28  VSS - ok
10:50:59.0496 0x0e28  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:50:59.0496 0x0e28  vwifibus - ok
10:50:59.0527 0x0e28  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:50:59.0527 0x0e28  vwififlt - ok
10:50:59.0543 0x0e28  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:50:59.0543 0x0e28  vwifimp - ok
10:50:59.0558 0x0e28  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:50:59.0574 0x0e28  W32Time - ok
10:50:59.0590 0x0e28  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:50:59.0590 0x0e28  WacomPen - ok
10:50:59.0605 0x0e28  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:50:59.0605 0x0e28  WANARP - ok
10:50:59.0621 0x0e28  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:50:59.0621 0x0e28  Wanarpv6 - ok
10:50:59.0668 0x0e28  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:50:59.0699 0x0e28  wbengine - ok
10:50:59.0714 0x0e28  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:50:59.0714 0x0e28  WbioSrvc - ok
10:50:59.0730 0x0e28  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:50:59.0746 0x0e28  wcncsvc - ok
10:50:59.0746 0x0e28  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:50:59.0761 0x0e28  WcsPlugInService - ok
10:50:59.0761 0x0e28  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
10:50:59.0761 0x0e28  Wd - ok
10:50:59.0808 0x0e28  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:50:59.0824 0x0e28  Wdf01000 - ok
10:50:59.0839 0x0e28  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:50:59.0855 0x0e28  WdiServiceHost - ok
10:50:59.0855 0x0e28  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:50:59.0855 0x0e28  WdiSystemHost - ok
10:50:59.0870 0x0e28  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
10:50:59.0886 0x0e28  WebClient - ok
10:50:59.0886 0x0e28  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:50:59.0902 0x0e28  Wecsvc - ok
10:50:59.0902 0x0e28  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:50:59.0902 0x0e28  wercplsupport - ok
10:50:59.0917 0x0e28  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:50:59.0933 0x0e28  WerSvc - ok
10:50:59.0933 0x0e28  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:50:59.0933 0x0e28  WfpLwf - ok
10:50:59.0948 0x0e28  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:50:59.0948 0x0e28  WIMMount - ok
10:50:59.0964 0x0e28  WinDefend - ok
10:50:59.0980 0x0e28  WinHttpAutoProxySvc - ok
10:51:00.0026 0x0e28  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:51:00.0026 0x0e28  Winmgmt - ok
10:51:00.0104 0x0e28  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:51:00.0151 0x0e28  WinRM - ok
10:51:00.0229 0x0e28  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:51:00.0229 0x0e28  WinUsb - ok
10:51:00.0292 0x0e28  [ 0F695800783C3F9E577B94BF1E71D95A, EA10AA7D61167ED0AB5C741C42DAA32A4906C46F85D593D4ED00656318451DE4 ] WLANBelkinService C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
10:51:00.0292 0x0e28  WLANBelkinService - ok
10:51:00.0338 0x0e28  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:51:00.0354 0x0e28  Wlansvc - ok
10:51:00.0385 0x0e28  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
10:51:00.0385 0x0e28  WmiAcpi - ok
10:51:00.0401 0x0e28  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:51:00.0401 0x0e28  wmiApSrv - ok
10:51:00.0416 0x0e28  WMPNetworkSvc - ok
10:51:00.0432 0x0e28  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:51:00.0432 0x0e28  WPCSvc - ok
10:51:00.0463 0x0e28  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:51:00.0463 0x0e28  WPDBusEnum - ok
10:51:00.0463 0x0e28  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:51:00.0479 0x0e28  ws2ifsl - ok
10:51:00.0479 0x0e28  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:51:00.0494 0x0e28  wscsvc - ok
10:51:00.0494 0x0e28  WSearch - ok
10:51:00.0572 0x0e28  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:51:00.0635 0x0e28  wuauserv - ok
10:51:00.0650 0x0e28  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:51:00.0650 0x0e28  WudfPf - ok
10:51:00.0682 0x0e28  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:51:00.0682 0x0e28  WUDFRd - ok
10:51:00.0713 0x0e28  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:51:00.0728 0x0e28  wudfsvc - ok
10:51:00.0744 0x0e28  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:51:00.0744 0x0e28  WwanSvc - ok
10:51:00.0775 0x0e28  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
10:51:00.0791 0x0e28  xusb21 - ok
10:51:00.0869 0x0e28  ================ Scan global ===============================
10:51:00.0884 0x0e28  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:51:00.0931 0x0e28  [ 9E479C2B605C25DA4971ABA36250FAEF, 1D1D5CE908A6B17CDFA257A46121D7C938B56277B0F5256FBA29DF93352EAA3D ] C:\Windows\system32\winsrv.dll
10:51:00.0931 0x0e28  [ 9E479C2B605C25DA4971ABA36250FAEF, 1D1D5CE908A6B17CDFA257A46121D7C938B56277B0F5256FBA29DF93352EAA3D ] C:\Windows\system32\winsrv.dll
10:51:00.0962 0x0e28  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:51:00.0978 0x0e28  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:51:00.0994 0x0e28  [ Global ] - ok
10:51:00.0994 0x0e28  ================ Scan MBR ==================================
10:51:00.0994 0x0e28  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:51:01.0134 0x0e28  \Device\Harddisk0\DR0 - ok
10:51:01.0134 0x0e28  ================ Scan VBR ==================================
10:51:01.0134 0x0e28  [ 9610C77DA5E23C3AECA92E2D52FABC7A ] \Device\Harddisk0\DR0\Partition1
10:51:01.0165 0x0e28  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
10:51:01.0165 0x0e28  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
10:51:01.0165 0x0e28  [ 9E1977327432C5762A805BF11DC23C78 ] \Device\Harddisk0\DR0\Partition2
10:51:01.0196 0x0e28  \Device\Harddisk0\DR0\Partition2 - ok
10:51:01.0196 0x0e28  ================ Scan generic autorun ======================
10:51:01.0306 0x0e28  [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
10:51:01.0352 0x0e28  IntelliPoint - ok
10:51:01.0680 0x0e28  [ FBDF607ED7EF0467639DB501E1FD938C, 040528158D85D13122DB043144A982D6DC8744E75D140DB17A9BA5B93DC6B74D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:51:01.0914 0x0e28  RtHDVCpl - ok
10:51:01.0930 0x0e28  G Data AntiVirus Tray Application - ok
10:51:01.0930 0x0e28  GDFirewallTray - ok
10:51:02.0023 0x0e28  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:51:02.0039 0x0e28  Adobe ARM - ok
10:51:02.0101 0x0e28  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
10:51:02.0101 0x0e28  APSDaemon - ok
10:51:02.0164 0x0e28  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
10:51:02.0164 0x0e28  UpdateLBPShortCut - ok
10:51:02.0226 0x0e28  [ CD1E74BC24CB1D1544406741F46F4D61, 658529854926471AE413D8A365C8E6500AEBDC33A562607DAB185F1571A5524B ] C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe
10:51:02.0226 0x0e28  MDS_Menu - ok
10:51:02.0288 0x0e28  [ 572024F59132BC3A2AC5E60A6C48D31E, 8BC1BA9BAB555DDF246100A511E9B54FB790F0F871868DCB54B0F83AA9E7306B ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
10:51:02.0288 0x0e28  CLMLServer - ok
10:51:02.0320 0x0e28  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
10:51:02.0335 0x0e28  UpdateP2GoShortCut - ok
10:51:02.0351 0x0e28  [ 54986909FA8EB661E0B3BF258935588D, CF42472CD6F5D96F2A37C6B1E752E8AA622B045AC9D4C2AFAF9EC1605BCEDEA9 ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
10:51:02.0366 0x0e28  RemoteControl9 - ok
10:51:02.0366 0x0e28  [ E347862038C50FE3A5023D785C80B3E5, 6DC25B56FCD097ECE7A18859B7F6A14BC52ED09AD0C7481689FEB8DDC47F1075 ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
10:51:02.0366 0x0e28  BDRegion - ok
10:51:02.0429 0x0e28  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
10:51:02.0444 0x0e28  UpdatePPShortCut - ok
10:51:02.0491 0x0e28  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
10:51:02.0507 0x0e28  UCam_Menu - ok
10:51:02.0522 0x0e28  [ 9D56299FA5C9B3D9E67FF3ACB301139F, 202A0542BEA33C5F78A406EF9479EB7BD42FCBEAC9F49F38F6ECC48554117811 ] C:\Program Files (x86)\lg_fwupdate\lgfw.exe
10:51:02.0522 0x0e28  LGODDFU - ok
10:51:02.0585 0x0e28  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe
10:51:02.0600 0x0e28  UpdatePSTShortCut - ok
10:51:02.0663 0x0e28  [ 4452B3D4116EC5F81ACF33A80F264473, 8C7037DFCCB5165385DF67082E5183A3155574773B15C2FAB811F31C93D3325E ] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe
10:51:02.0678 0x0e28  Live! Central 2 - ok
10:51:02.0694 0x0e28  [ 4791A9FFA41B6744B4B5C9C6572E4EBB, 67B52BDA297F95570EAA4B0C7F0FAFBAC2FB4A69603EB45E712086D26A47379B ] C:\Windows\V0640Mon.exe
10:51:02.0694 0x0e28  V0640Mon.exe - ok
10:51:02.0741 0x0e28  [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
10:51:02.0741 0x0e28  iTunesHelper - ok
10:51:02.0803 0x0e28  [ 8DDA2B606279753601F9415DA503CA63, 2C9AD8218E150B6D50817991377ED3230A1672EFBD7AE29D0CD9E55E2418C800 ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:51:02.0819 0x0e28  QuickTime Task - ok
10:51:02.0866 0x0e28  [ 4CB7CEE3F7540B0BEDBD158D75F06509, 73348467A976AF06928B402E12A622BB1B5BD8BB2AC6446117E1FD1EEAFED217 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
10:51:02.0881 0x0e28  StartCCC - ok
10:51:02.0944 0x0e28  [ 5E7601CCBC2A98A4457E50612E0AEE73, 3F5FDCF1BEC5B134433F62ADD5C2931F700F2B7CBEDB0A98EF1362BF6E9FAC03 ] C:\Program Files (x86)\Drakonia Configurator\hid.exe
10:51:02.0944 0x0e28  GamingMouse - ok
10:51:03.0006 0x0e28  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:51:03.0037 0x0e28  Sidebar - ok
10:51:03.0053 0x0e28  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:51:03.0053 0x0e28  mctadmin - ok
10:51:03.0084 0x0e28  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:51:03.0100 0x0e28  Sidebar - ok
10:51:03.0115 0x0e28  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:51:03.0115 0x0e28  mctadmin - ok
10:51:03.0209 0x0e28  [ AFD67CED4279C1FBA095F1603D18E59F, 0F4E580D5F13EA0198D32D29A8500E193B18F266CCF354778032CAFD496337E1 ] C:\Program Files (x86)\Steam\steam.exe
10:51:03.0240 0x0e28  Steam - ok
10:51:03.0302 0x0e28  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
10:51:03.0334 0x0e28  Sidebar - ok
10:51:03.0334 0x0e28  LightScribe Control Panel - ok
10:51:03.0396 0x0e28  [ 026FCF998F9C5986BB31DA44FB571BBF, 4163733DCB9721B5C8FF0BFF66AE22AB9B886622B8FD992D0AF1963BCFCAFE3C ] C:\Users\Basti\Desktop\Isos uns Setups\WinRemoteService_v1.2.9_portable\Windows Remote Service\WindowsRemoteService.exe
10:51:03.0396 0x0e28  Windows Remote Service - ok
10:51:03.0926 0x0e28  [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
10:51:04.0285 0x0e28  Skype - ok
10:51:04.0348 0x0e28  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
10:51:04.0348 0x0e28  RESTART_STICKY_NOTES - ok
10:51:04.0488 0x0e28  [ 978B3D42B75CAF33553577E78E612709, 4B999342B616A7566F198F937A6B5E81BC7F9D2155CE8238D58239B5CD8BFDCE ] C:\Program Files (x86)\Origin\Origin.exe
10:51:04.0550 0x0e28  EADM - ok
10:51:04.0550 0x0e28  LightScribe Control Panel - ok
10:51:04.0613 0x0e28  [ AFD67CED4279C1FBA095F1603D18E59F, 0F4E580D5F13EA0198D32D29A8500E193B18F266CCF354778032CAFD496337E1 ] C:\Program Files (x86)\Steam\steam.exe
10:51:04.0644 0x0e28  Steam - ok
10:51:05.0159 0x0e28  [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
10:51:05.0518 0x0e28  Skype - ok
10:51:05.0596 0x0e28  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
10:51:05.0611 0x0e28  Sidebar - ok
10:51:05.0736 0x0e28  [ DC34596BFCF0BD472AA1D48449D8A7DF, B1A1AD8A72D585525CC4FEA4984EAD0AC0077640D2A4CF478BAA10BA3F08711A ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
10:51:05.0814 0x0e28  DAEMON Tools Lite - ok
10:51:05.0830 0x0e28  Pando Media Booster - ok
10:51:05.0845 0x0e28  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
10:51:05.0861 0x0e28  RESTART_STICKY_NOTES - ok
10:51:05.0939 0x0e28  [ 862753AE696BD34EFCCB2A422E273C08, 5FA9423D35A236FACCE5A2AC5B7F50570804796E178EC0F79A412F41710D612B ] C:\Users\Basti\AppData\Local\Temp\CTPBSeq.exe
10:51:05.0939 0x0e28  CTPostBootSequencer - ok
10:51:05.0954 0x0e28  Win FW state via NFP2: enabled
10:51:05.0954 0x0e28  ============================================================
10:51:05.0954 0x0e28  Scan finished
10:51:05.0954 0x0e28  ============================================================
10:51:05.0970 0x1204  Detected object count: 1
10:51:05.0970 0x1204  Actual detected object count: 1
10:51:25.0252 0x1204  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
10:51:25.0314 0x1204  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
10:51:25.0361 0x1204  \Device\Harddisk0\DR0\Partition1 - ok
10:51:25.0361 0x1204  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure 
10:51:25.0454 0x1204  KLMD registered as C:\Windows\system32\drivers\34976871.sys
10:51:30.0025 0x17f4  Deinitialize success
         

Alt 03.09.2014, 10:29   #11
Batzke95
 
Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher - Standard

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher



und das Cmbfx log

Code:
ATTFilter
ComboFix 14-08-31.01 - Basti 03.09.2014  11:00:21.1.6 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8138.6460 [GMT 2:00]
ausgeführt von:: c:\users\Basti\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\Common Files\Config\uninstinethnfd.exe
c:\program files (x86)\Common Files\Config\ver.xml
c:\program files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\RichMediaViewV1
c:\programdata\dsgsdgdsgdsgw.pad
c:\windows\IsUn0407.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Legacy_NETHFDRV
-------\Service_acedrv11
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-08-03 bis 2014-09-03  ))))))))))))))))))))))))))))))
.
.
2014-09-03 09:11 . 2014-09-03 09:11	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-09-03 09:11 . 2014-09-03 09:11	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2014-09-03 08:51 . 2014-09-03 08:51	--------	d-----w-	C:\TDSSKiller_Quarantine
2014-09-01 17:57 . 2014-09-01 17:57	163504	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-09-01 12:55 . 2014-09-01 12:57	--------	d-----w-	C:\FRST
2014-08-31 16:56 . 2014-08-31 16:56	--------	d-----w-	c:\users\Basti\AppData\Roaming\TuneUp Software
2014-08-31 16:55 . 2014-09-01 13:37	--------	d-----w-	c:\programdata\AVG2014
2014-08-31 16:44 . 2014-09-01 13:37	--------	d-----w-	c:\programdata\MFAData
2014-08-31 16:44 . 2014-08-31 16:44	--------	d--h--w-	c:\programdata\Common Files
2014-08-31 16:44 . 2014-08-31 16:44	--------	d-----w-	c:\users\Basti\AppData\Local\MFAData
2014-08-31 14:04 . 2014-08-31 14:05	--------	d-----w-	c:\users\Basti\AppData\Local\Origin
2014-08-31 13:52 . 2014-09-03 08:53	--------	d-----w-	c:\program files (x86)\Origin
2014-08-25 17:28 . 2014-09-01 12:32	--------	d-----w-	c:\users\Basti\AppData\Roaming\Yqnu
2014-08-25 17:28 . 2014-08-25 17:33	--------	d-----w-	c:\users\Basti\AppData\Roaming\Osug
2014-08-24 16:21 . 2014-08-24 16:21	--------	d-----w-	c:\program files (x86)\Glarysoft
2014-08-24 15:54 . 2014-08-24 16:05	--------	d-----w-	c:\program files (x86)\Google
2014-08-24 15:33 . 2014-08-31 18:15	--------	d-----w-	c:\users\Basti\AppData\Roaming\Ovco
2014-08-24 15:33 . 2014-08-24 15:38	--------	d-----w-	c:\users\Basti\AppData\Roaming\Imzec
2014-08-24 15:24 . 2014-08-24 15:24	687	----a-w-	C:\awhE8F7.tmp
2014-08-24 15:03 . 2014-08-24 15:06	--------	d--h--w-	c:\programdata\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-08-24 14:59 . 2014-09-01 12:32	--------	d-----w-	c:\programdata\AgumInij
2014-08-24 14:59 . 2014-08-24 14:59	687	----a-w-	C:\awhE3C9.tmp
2014-08-24 03:36 . 2014-09-01 12:31	--------	d-----w-	c:\programdata\AtlisUwmeh
2014-08-24 02:41 . 2014-08-24 02:41	687	----a-w-	C:\awhE003.tmp
2014-08-24 02:06 . 2014-08-24 02:06	687	----a-w-	C:\awhDBCD.tmp
2014-08-24 01:34 . 2014-08-21 03:43	11319192	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A29C0EEA-D312-4BD3-A0FB-880BCC6A9396}\mpengine.dll
2014-08-23 16:37 . 2014-08-23 16:37	687	----a-w-	C:\awh65CA.tmp
2014-08-22 12:45 . 2014-08-22 12:45	687	----a-w-	C:\awhE214.tmp
2014-08-21 14:10 . 2014-08-21 14:10	687	----a-w-	C:\awhE5BC.tmp
2014-08-20 13:34 . 2014-08-20 13:34	687	----a-w-	C:\awhE4C2.tmp
2014-08-19 20:13 . 2014-09-02 15:29	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-08-19 20:13 . 2014-08-31 18:35	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.ex1
2014-08-19 20:13 . 2014-08-19 20:13	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2014-08-19 16:47 . 2014-08-19 16:47	687	----a-w-	C:\awhFEE7.tmp
2014-08-19 13:04 . 2014-08-19 13:04	687	----a-w-	C:\awhDE7C.tmp
2014-08-18 20:50 . 2014-08-19 20:17	76152	----a-w-	c:\windows\system32\PnkBstrA.exe
2014-08-18 12:17 . 2014-08-18 12:34	--------	d-----w-	c:\users\Basti\AppData\Roaming\.minecraft
2014-08-18 11:03 . 2014-08-18 11:03	687	----a-w-	C:\awhEC41.tmp
2014-08-17 16:37 . 2014-08-17 16:37	687	----a-w-	C:\awhD326.tmp
2014-08-15 11:31 . 2014-08-15 11:31	687	----a-w-	C:\awhE455.tmp
2014-08-15 11:25 . 2014-08-15 11:25	--------	d-----w-	c:\program files (x86)\Drakonia Configurator
2014-08-15 11:25 . 2014-08-15 11:25	--------	d-----w-	c:\users\Basti\AppData\Roaming\MingGuan
2014-08-15 11:25 . 2014-08-15 11:25	1192533	----a-w-	c:\windows\unins000.exe
2014-08-15 10:05 . 2014-08-15 10:05	687	----a-w-	C:\awh8ACA.tmp
2014-08-14 14:05 . 2014-08-21 18:50	--------	d-----w-	c:\users\Basti\AppData\Local\Risen3
2014-08-14 14:05 . 2014-08-14 14:05	--------	d-----w-	c:\users\Basti\AppData\Roaming\ProtectDISC
2014-08-14 13:25 . 2014-08-14 13:25	--------	d-----w-	c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-08-14 13:24 . 2014-08-14 13:25	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2014-08-13 10:29 . 2014-08-13 10:29	687	----a-w-	C:\awhEA2F.tmp
2014-08-12 10:57 . 2014-08-12 10:57	687	----a-w-	C:\awhF94C.tmp
2014-08-11 12:50 . 2014-08-11 12:50	687	----a-w-	C:\awhED79.tmp
2014-08-11 12:15 . 2014-08-11 12:15	--------	d-----w-	c:\program files (x86)\Common Files\Java
2014-08-11 10:34 . 2014-08-11 10:34	687	----a-w-	C:\awhDDFF.tmp
2014-08-10 13:15 . 2014-08-10 13:15	687	----a-w-	C:\awhDC0C.tmp
2014-08-09 11:32 . 2014-08-09 11:32	687	----a-w-	C:\awhDD82.tmp
2014-08-08 09:44 . 2014-08-08 09:44	687	----a-w-	C:\awhEA6D.tmp
2014-08-07 12:20 . 2014-08-07 12:20	687	----a-w-	C:\awh933.tmp
2014-08-06 18:07 . 2014-08-06 18:07	687	----a-w-	C:\awhE752.tmp
2014-08-06 11:16 . 2014-08-06 11:16	687	----a-w-	C:\awhDF37.tmp
2014-08-05 11:14 . 2014-08-05 11:14	687	----a-w-	C:\awhF49A.tmp
2014-08-04 11:37 . 2014-08-04 11:37	687	----a-w-	C:\awhE002.tmp
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-02 15:29 . 2012-08-03 11:53	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-08-11 13:04 . 2013-06-28 18:07	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-05 07:20 . 2010-11-21 03:27	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-08-03 12:13 . 2014-08-03 12:13	687	----a-w-	C:\awhDB41.tmp
2014-08-02 16:37 . 2014-08-02 16:37	687	----a-w-	C:\awhED5.tmp
2014-08-02 00:02 . 2014-08-02 00:02	687	----a-w-	C:\awhDE8B.tmp
2014-08-01 07:12 . 2014-08-01 07:12	687	----a-w-	C:\awhE3D8.tmp
2014-07-31 12:40 . 2014-07-31 12:40	687	----a-w-	C:\awhF150.tmp
2014-07-30 11:17 . 2014-07-30 11:17	687	----a-w-	C:\awhE3F8.tmp
2014-07-29 12:55 . 2014-07-29 12:55	687	----a-w-	C:\awhEC32.tmp
2014-07-28 11:20 . 2014-07-28 11:20	687	----a-w-	C:\awhE669.tmp
2014-07-27 11:21 . 2014-07-27 11:21	687	----a-w-	C:\awhF3D0.tmp
2014-07-26 10:45 . 2014-07-26 10:45	687	----a-w-	C:\awhE30E.tmp
2014-07-25 11:50 . 2014-07-25 11:50	687	----a-w-	C:\awhE935.tmp
2014-07-23 11:19 . 2014-07-23 11:19	687	----a-w-	C:\awhDEF8.tmp
2014-07-22 20:41 . 2014-07-22 20:41	687	----a-w-	C:\awhEF0F.tmp
2014-07-22 14:15 . 2014-07-22 14:15	687	----a-w-	C:\awh6A40.tmp
2014-07-20 21:18 . 2014-07-20 21:18	687	----a-w-	C:\awh2FC.tmp
2014-07-20 17:47 . 2014-07-20 17:47	687	----a-w-	C:\awhFEB8.tmp
2014-07-20 15:26 . 2014-07-20 15:26	687	----a-w-	C:\awhF2C6.tmp
2014-07-19 18:43 . 2014-07-19 18:43	687	----a-w-	C:\awhED1.tmp
2014-07-14 12:38 . 2014-07-14 12:38	687	----a-w-	C:\awhE668.tmp
2014-07-12 11:11 . 2014-07-12 11:11	687	----a-w-	C:\awhF22A.tmp
2014-07-11 21:37 . 2014-07-11 21:37	687	----a-w-	C:\awhA723.tmp
2014-07-09 18:54 . 2012-07-31 14:51	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 18:54 . 2012-07-31 14:51	699056	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-08-13 1937600]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Windows Remote Service"="c:\users\Basti\Desktop\Isos uns Setups\WinRemoteService_v1.2.9_portable\Windows Remote Service\WindowsRemoteService.exe" [2013-05-24 173568]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-08-31 3600216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"MDS_Menu"="c:\program files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-12-15 103720]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-08-02 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-11-23 75048]
"LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" [2012-08-07 27760]
"Live! Central 2"="c:\program files (x86)\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe" [2009-11-04 426140]
"V0640Mon.exe"="c:\windows\V0640Mon.exe" [2009-09-22 28672]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"GamingMouse"="c:\program files (x86)\Drakonia Configurator\hid.exe" [2013-10-29 248832]
.
c:\users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2005-9-28 3088520]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Play Wireless USB Adapter Utility.lnk - c:\program files (x86)\Belkin\F7D4101\V1\PBN.exe [2009-11-25 110592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/08/07 15:19;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DisplayFusionService;DisplayFusionService;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WLANBelkinService;Belkin WLAN service;c:\program files (x86)\Belkin\F7D4101\V1\wlansrv.exe;c:\program files (x86)\Belkin\F7D4101\V1\wlansrv.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 Ant App service;File1 Application service;c:\program files (x86)\Ant.com\File1 Package Manager\AppService.exe;c:\program files (x86)\Ant.com\File1 Package Manager\AppService.exe [x]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 hugoio64;hugoio64;c:\windows\system32\drivers\hugoio64.sys;c:\windows\SYSNATIVE\drivers\hugoio64.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tswNT;toolstar*testWIN support driver;c:\users\ADMINI~1\AppData\Local\Temp\00013255\tswnt.sys;c:\users\ADMINI~1\AppData\Local\Temp\00013255\tswnt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 V0640Vid;Creative Live! Cam Socialize (VF0640) Driver;c:\windows\system32\DRIVERS\V0640Vid.sys;c:\windows\SYSNATIVE\DRIVERS\V0640Vid.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BCMH43XX;N+ Wireless USB Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwlhigh664.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_9EC60124
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-24 16:05	1104200	----a-w-	c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-09-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-31 18:54]
.
2014-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-24 15:54]
.
2014-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-24 15:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://facebook.com/
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&st=chrome&q=
mStart Page = about:newtab
mSearch Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&st=chrome&q=
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=93ece75e-2672-b8d2-08f9-8178b9479fc1&searchtype=ds&q={searchTerms}&installDate={installDate}
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\Basti\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Basti\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - c:\program files (x86)\Funmoods\1.5.23.22\bh\escort.dll
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-LightScribe Control Panel - c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-G Data AntiVirus Tray Application - c:\program files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
Wow6432Node-HKLM-Run-GDFirewallTray - c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
Wow6432Node-HKLM-Run-UpdateLBPShortCut - c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
Wow6432Node-HKLM-Run-UpdateP2GoShortCut - c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
Wow6432Node-HKLM-Run-UpdatePPShortCut - c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
Wow6432Node-HKLM-Run-UCam_Menu - c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
Wow6432Node-HKLM-Run-UpdatePSTShortCut - c:\program files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe
SafeBoot-40232351.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-BattlEye for A2 - c:\program files (x86)\Bohemia Interactive\ArmA 2BattlEye\UnInstallBE.exe
AddRemove-Pharao - c:\windows\IsUn0407.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} - c:\users\Basti\AppData\Local\SwvUpdater\Updater.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
   1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}"=hex:51,66,7a,6c,4c,1d,38,12,c4,b3,f8,
   71,26,0c,da,09,ef,fa,a0,a0,7b,93,40,e3
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
   72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
   b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\S-1-5-21-703785417-1565345126-2984759567-1001\Software\SecuROM\License information*]
"datasecu"=hex:7f,b5,d5,22,17,dc,9b,6b,60,a2,3c,1f,4e,73,5c,88,c3,16,ff,f7,a3,
   69,08,fc,78,92,6b,dd,fe,f0,7f,1a,f1,cd,1a,13,ae,cc,cd,8e,12,26,53,e7,bb,77,\
"rkeysecu"=hex:cf,fd,36,ed,8f,83,8f,67,d5,d5,68,a4,04,da,e7,c7
.
[HKEY_USERS\S-1-5-21-703785417-1565345126-2984759567-1001_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\SecuROM\License information*]
"datasecu"=hex:83,43,98,14,a8,cf,a6,87,b4,a3,b5,0e,15,24,c2,f1,9b,2a,87,f5,7b,
   a6,76,fd,4d,ed,99,12,33,29,74,12,ca,68,e9,36,5d,2c,1a,ac,5d,5c,7b,ee,58,f6,\
"rkeysecu"=hex:c9,b6,b0,b2,4c,53,ad,80,d3,25,3c,06,ec,18,e9,ac
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-09-03  11:25:37 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-09-03 09:25
.
Vor Suchlauf: 17 Verzeichnis(se), 235.721.650.176 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 240.502.272.000 Bytes frei
.
- - End Of File - - 78DBA6F11BD326A7AF32DDCCB0BB8F15
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 03.09.2014, 20:51   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher - Standard

Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher
4d36e972-e325-11ce-bfc1-08002be10318, bildschirm, branding, desktop, downloader, dvdvideosoft ltd., fehlercode 0x5, fehlercode 0xc0000005, fehlercode 0xc0000024, flash player, homepage, icreinstall, kunde, problem, realtek, security, software, svchost.exe, system, teredo, vcredist, werbung, win7 64, windows, windows explorer



Ähnliche Themen: Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher


  1. Internet Explorer öffnet sich mehrmals,eigenständig im Hintergrund.
    Plagegeister aller Art und deren Bekämpfung - 01.06.2015 (8)
  2. Internet Explorer öffnet sich im Hintergrund, zieht Internet und Chrome öffnet nicht mehr
    Alles rund um Windows - 12.03.2015 (38)
  3. Windows 7: Windows Explorer stürzt immer ab und "Unbekanter Fehler" öffnet sich unendlich oft
    Plagegeister aller Art und deren Bekämpfung - 03.01.2015 (17)
  4. Windows 7: Internetexplorer öffnet im Hintergrund Werbeseiten
    Log-Analyse und Auswertung - 13.12.2014 (13)
  5. Windows Explorer Ordner öffnet sich immer nach dem Hochfahren
    Alles rund um Windows - 04.05.2014 (16)
  6. Windows 7: Viel Werbung und Videos im Hintergrund
    Log-Analyse und Auswertung - 07.01.2014 (26)
  7. Windows XP: Internet Explorer öffnet sich immer wieder selbstständig
    Log-Analyse und Auswertung - 29.08.2013 (7)
  8. Internet Explorer öffnet sich ständig im Hintergrund!
    Plagegeister aller Art und deren Bekämpfung - 20.04.2013 (13)
  9. Internet Explorer öffnet sich im Hintergrund & spielt einen Sound ab
    Plagegeister aller Art und deren Bekämpfung - 03.12.2012 (1)
  10. Internet Explorer läuft im hintergrund und öffnet sich immer wieder neu.
    Log-Analyse und Auswertung - 09.07.2011 (51)
  11. Windows 7 Explorer öffnet und schließt sich sofort wieder
    Alles rund um Windows - 21.03.2011 (3)
  12. Windows 7 Explorer öffnet und schließt sich sofort wieder
    Alles rund um Windows - 27.10.2010 (8)
  13. Wave aus, klick geräusche,hintergrund musik, internet explorer mit werbung öffnet sich...was tun ?
    Plagegeister aller Art und deren Bekämpfung - 23.07.2010 (6)
  14. Internet Explorer öffnet sich im Hintergrund
    Log-Analyse und Auswertung - 22.07.2010 (20)
  15. Windows neuinstalliert, internet explorer öffnet sich immer noch selbsständig
    Plagegeister aller Art und deren Bekämpfung - 20.07.2010 (0)
  16. Windows 7 / Internet Explorer öffnet sich selbstständig mit Werbung
    Log-Analyse und Auswertung - 26.04.2010 (1)
  17. Windows Internet Explorer öffnet sich dauernd
    Plagegeister aller Art und deren Bekämpfung - 12.11.2009 (7)

Zum Thema Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher - Hallo, ich hatte seit einiger Zeit das Problem, dass ich in sämtlichen I-net Browsern Werbung von ad wizard u.ä. bekam und entfernte diese Addons aus dem Programmverzeichnis von Windows. Seitdem - Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher...
Archiv
Du betrachtest: Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.