Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Boo/Cidox.b

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.09.2014, 23:23   #1
Mr.dub
 
Boo/Cidox.b - Standard

Boo/Cidox.b



Hallo Leute, ich würde mich sehr um eure Hilfe freuen, ich habe wie der titel schon sagt eine Meldung von Avira Antivir, Es kommt beim Starten des Rechners zu einer Meldung/Fund diese kann ich nicht Posten da sie nur so angezeigt wird.

Ich habe mir bereits einige andere Themen hier im Forum von anderen Leuten mit dem selben Problem angeschaut und die schritte der Helfer soweit befolgt.

Dieser thread zb.: http://www.trojaner-board.de/158442-boo-cidox-b.html


Zitat von cosinus:
Zitat:
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Ich denke mal ab hier sollten wir anfangen.
TDSSKiller hat ihn entdeckt und ich habe noch nichts unternommen, werde aber wie oben gesagt auf Skip gehen.
Es bereitet mir Kopfschmerzen da ich immer so vorsichtig bin

Mfg Mr.dub


Edit* TDSSKiller Report habe Skip gewählt.

Code:
ATTFilter
00:11:07.0785 0x14f0  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
00:11:13.0051 0x14f0  ============================================================
00:11:13.0051 0x14f0  Current date / time: 2014/09/20 00:11:13.0051
00:11:13.0051 0x14f0  SystemInfo:
00:11:13.0051 0x14f0  
00:11:13.0051 0x14f0  OS Version: 6.1.7600 ServicePack: 0.0
00:11:13.0051 0x14f0  Product type: Workstation
00:11:13.0051 0x14f0  ComputerName: DADDY-PC
00:11:13.0051 0x14f0  UserName: Daddy
00:11:13.0051 0x14f0  Windows directory: C:\Windows
00:11:13.0051 0x14f0  System windows directory: C:\Windows
00:11:13.0051 0x14f0  Running under WOW64
00:11:13.0051 0x14f0  Processor architecture: Intel x64
00:11:13.0051 0x14f0  Number of processors: 8
00:11:13.0051 0x14f0  Page size: 0x1000
00:11:13.0051 0x14f0  Boot type: Normal boot
00:11:13.0051 0x14f0  ============================================================
00:11:14.0590 0x14f0  KLMD registered as C:\Windows\system32\drivers\07797485.sys
00:11:15.0048 0x14f0  System UUID: {629A7401-2B25-ED3A-3834-D3C84A959886}
00:11:15.0665 0x14f0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:11:15.0674 0x14f0  ============================================================
00:11:15.0674 0x14f0  \Device\Harddisk0\DR0:
00:11:15.0675 0x14f0  MBR partitions:
00:11:15.0675 0x14f0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4B178, BlocksNum 0xE8E0360
00:11:15.0706 0x14f0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1062B517, BlocksNum 0x29D5972A
00:11:15.0706 0x14f0  ============================================================
00:11:15.0925 0x14f0  C: <-> \Device\Harddisk0\DR0\Partition1
00:11:16.0135 0x14f0  D: <-> \Device\Harddisk0\DR0\Partition2
00:11:16.0135 0x14f0  ============================================================
00:11:16.0135 0x14f0  Initialize success
00:11:16.0135 0x14f0  ============================================================
00:11:30.0882 0x143c  ============================================================
00:11:30.0882 0x143c  Scan started
00:11:30.0882 0x143c  Mode: Manual; SigCheck; TDLFS; 
00:11:30.0882 0x143c  ============================================================
00:11:30.0883 0x143c  KSN ping started
00:11:33.0526 0x143c  KSN ping finished: true
00:11:38.0023 0x143c  ================ Scan system memory ========================
00:11:38.0023 0x143c  System memory - ok
00:11:38.0024 0x143c  ================ Scan services =============================
00:11:38.0388 0x143c  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
00:11:38.0563 0x143c  1394ohci - ok
00:11:38.0644 0x143c  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
00:11:38.0671 0x143c  ACPI - ok
00:11:38.0687 0x143c  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
00:11:38.0762 0x143c  AcpiPmi - ok
00:11:38.0970 0x143c  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:11:38.0993 0x143c  AdobeFlashPlayerUpdateSvc - ok
00:11:39.0061 0x143c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
00:11:39.0161 0x143c  adp94xx - ok
00:11:39.0209 0x143c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
00:11:39.0265 0x143c  adpahci - ok
00:11:39.0329 0x143c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
00:11:39.0372 0x143c  adpu320 - ok
00:11:39.0408 0x143c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:11:39.0465 0x143c  AeLookupSvc - ok
00:11:39.0510 0x143c  [ FB2BE0BAE9B3F248080CDBF91EF16C7F, 1ED963A18E4D0531FA42832E40B038BB4B9D8EB04DA4D4FE69A4C284958A2CDD ] AFBAgent        C:\Windows\system32\FBAgent.exe
00:11:39.0751 0x143c  AFBAgent - ok
00:11:39.0813 0x143c  [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD             C:\Windows\system32\drivers\afd.sys
00:11:39.0918 0x143c  AFD - ok
00:11:39.0950 0x143c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
00:11:39.0973 0x143c  agp440 - ok
00:11:40.0007 0x143c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
00:11:40.0039 0x143c  ALG - ok
00:11:40.0075 0x143c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
00:11:40.0100 0x143c  aliide - ok
00:11:40.0151 0x143c  [ 5989D711769200F0F3E145319250472B, 2740032FB3F92DAE5D5AA8D242AFAE79278E95E77F8FA236741320F4696F46FC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:11:40.0231 0x143c  AMD External Events Utility - ok
00:11:40.0269 0x143c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
00:11:40.0288 0x143c  amdide - ok
00:11:40.0306 0x143c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
00:11:40.0351 0x143c  AmdK8 - ok
00:11:40.0375 0x143c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
00:11:40.0436 0x143c  AmdPPM - ok
00:11:40.0482 0x143c  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata         C:\Windows\system32\drivers\amdsata.sys
00:11:40.0503 0x143c  amdsata - ok
00:11:40.0559 0x143c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
00:11:40.0595 0x143c  amdsbs - ok
00:11:40.0672 0x143c  [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata         C:\Windows\system32\drivers\amdxata.sys
00:11:40.0689 0x143c  amdxata - ok
00:11:40.0741 0x143c  [ 9C7F164B49CADC658D1B3C575782F346, 7C5FD203735041B6AEB2E551A63CE5F46DB41044BC72E7E77A72F316197C80DA ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
00:11:40.0798 0x143c  AmUStor - ok
00:11:40.0931 0x143c  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
00:11:40.0952 0x143c  AntiVirSchedulerService - ok
00:11:41.0025 0x143c  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
00:11:41.0046 0x143c  AntiVirService - ok
00:11:41.0113 0x143c  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
00:11:41.0173 0x143c  AppID - ok
00:11:41.0191 0x143c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
00:11:41.0258 0x143c  AppIDSvc - ok
00:11:41.0289 0x143c  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
00:11:41.0338 0x143c  Appinfo - ok
00:11:41.0367 0x143c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
00:11:41.0395 0x143c  arc - ok
00:11:41.0433 0x143c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
00:11:41.0462 0x143c  arcsas - ok
00:11:41.0691 0x143c  [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
00:11:41.0703 0x143c  ASLDRService - ok
00:11:41.0788 0x143c  [ 2DB34EDD17D3A8DA7105A19C95A3DD68, 5F76C140118B181427969237E364FD70B14FA36533061FD4D8EB2F4751706739 ] ASMMAP64        C:\Program Files\ATKGFNEX\ASMMAP64.sys
00:11:41.0804 0x143c  ASMMAP64 - ok
00:11:41.0891 0x143c  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:11:42.0039 0x143c  aspnet_state - ok
00:11:42.0063 0x143c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:11:42.0134 0x143c  AsyncMac - ok
00:11:42.0191 0x143c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
00:11:42.0211 0x143c  atapi - ok
00:11:42.0299 0x143c  [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr            C:\Windows\system32\DRIVERS\athrx.sys
00:11:42.0466 0x143c  athr - ok
00:11:42.0535 0x143c  [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
00:11:42.0558 0x143c  AtiHdmiService - ok
00:11:43.0071 0x143c  [ B5FB227A09A9EC28163FA4B45487C3C7, DD290CEC3AFBB8E74F1F113A792239B009CBFCE8ED5A816AE8393164BB0535A8 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
00:11:43.0512 0x143c  atikmdag - ok
00:11:43.0533 0x143c  [ 7C157574A181B19B9DCF5F339E25337E, 7CA78363CD420BFE4BFE9A38683CA9E31023AC573D9092666CDAEE6AF4998B60 ] ATKGFNEXSrv     C:\Program Files\ATKGFNEX\GFNEXSrv.exe
00:11:43.0584 0x143c  ATKGFNEXSrv - detected UnsignedFile.Multi.Generic ( 1 )
00:11:46.0001 0x143c  Detect skipped due to KSN trusted
00:11:46.0001 0x143c  ATKGFNEXSrv - ok
00:11:46.0069 0x143c  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
00:11:46.0099 0x143c  atksgt - ok
00:11:46.0155 0x143c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:11:46.0231 0x143c  AudioEndpointBuilder - ok
00:11:46.0291 0x143c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
00:11:46.0351 0x143c  AudioSrv - ok
00:11:46.0378 0x143c  [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
00:11:46.0400 0x143c  avgntflt - ok
00:11:46.0441 0x143c  [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
00:11:46.0466 0x143c  avipbb - ok
00:11:46.0544 0x143c  [ 05ABC09DC0DFA5DF79A0BB39F60636B7, FEDE900D991F1FB40BA0A44E05181A6A506DC8B5F365E78E523CB6DF2CDACC15 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
00:11:46.0557 0x143c  Avira.OE.ServiceHost - ok
00:11:46.0591 0x143c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
00:11:46.0608 0x143c  avkmgr - ok
00:11:46.0647 0x143c  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
00:11:46.0740 0x143c  AxInstSV - ok
00:11:46.0799 0x143c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
00:11:46.0888 0x143c  b06bdrv - ok
00:11:46.0947 0x143c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
00:11:47.0023 0x143c  b57nd60a - ok
00:11:47.0077 0x143c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
00:11:47.0130 0x143c  BDESVC - ok
00:11:47.0154 0x143c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:11:47.0212 0x143c  Beep - ok
00:11:47.0310 0x143c  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
00:11:47.0404 0x143c  BFE - ok
00:11:47.0642 0x143c  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll
00:11:47.0792 0x143c  BITS - ok
00:11:47.0835 0x143c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
00:11:47.0887 0x143c  blbdrive - ok
00:11:47.0935 0x143c  [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:11:47.0993 0x143c  bowser - ok
00:11:48.0015 0x143c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:11:48.0046 0x143c  BrFiltLo - ok
00:11:48.0092 0x143c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:11:48.0114 0x143c  BrFiltUp - ok
00:11:48.0164 0x143c  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll
00:11:48.0243 0x143c  Browser - ok
00:11:48.0275 0x143c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
00:11:48.0353 0x143c  Brserid - ok
00:11:48.0371 0x143c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
00:11:48.0414 0x143c  BrSerWdm - ok
00:11:48.0426 0x143c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
00:11:48.0483 0x143c  BrUsbMdm - ok
00:11:48.0500 0x143c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
00:11:48.0534 0x143c  BrUsbSer - ok
00:11:48.0616 0x143c  [ 3B6429C5B11408EF11EFEEE8C0F0682A, 2FC87B91122DC265B4CC2CFE58261DA604C89600F2683AB5294004C721127098 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
00:11:48.0645 0x143c  BstHdAndroidSvc - ok
00:11:48.0699 0x143c  [ 75EEDB477B68CF35D82F0654266053CE, E7A7F4E4781BE97603A0F08535D2EB247A1304B15EF7BAD748E63246AFFEFF35 ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
00:11:48.0723 0x143c  BstHdDrv - ok
00:11:48.0788 0x143c  [ 1DC18C9E1B4984389783E4F9DFC61AB1, 0F32EE280F5B9E0065A7AACED3D64373EC3BFC366906606A644AD0D4AD08E61C ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
00:11:48.0816 0x143c  BstHdLogRotatorSvc - ok
00:11:48.0836 0x143c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
00:11:48.0885 0x143c  BTHMODEM - ok
00:11:48.0943 0x143c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
00:11:49.0116 0x143c  bthserv - ok
00:11:49.0284 0x143c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:11:49.0352 0x143c  cdfs - ok
00:11:49.0412 0x143c  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
00:11:49.0457 0x143c  cdrom - ok
00:11:49.0502 0x143c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
00:11:49.0539 0x143c  CertPropSvc - ok
00:11:49.0570 0x143c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
00:11:49.0593 0x143c  circlass - ok
00:11:49.0621 0x143c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
00:11:49.0664 0x143c  CLFS - ok
00:11:49.0746 0x143c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:11:49.0763 0x143c  clr_optimization_v2.0.50727_32 - ok
00:11:49.0800 0x143c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:11:49.0814 0x143c  clr_optimization_v2.0.50727_64 - ok
00:11:49.0902 0x143c  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:11:50.0006 0x143c  clr_optimization_v4.0.30319_32 - ok
00:11:50.0061 0x143c  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:11:50.0125 0x143c  clr_optimization_v4.0.30319_64 - ok
00:11:50.0170 0x143c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
00:11:50.0196 0x143c  CmBatt - ok
00:11:50.0213 0x143c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
00:11:50.0229 0x143c  cmdide - ok
00:11:50.0281 0x143c  [ 937BEB186A735ACA91D717044A49D17E, 3A2BF72670C94D1A7656289F5284F082AB089C96D451F8C5CD9D0211064D3FB1 ] CNG             C:\Windows\system32\Drivers\cng.sys
00:11:50.0353 0x143c  CNG - ok
00:11:50.0389 0x143c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
00:11:50.0408 0x143c  Compbatt - ok
00:11:50.0446 0x143c  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
00:11:50.0491 0x143c  CompositeBus - ok
00:11:50.0507 0x143c  COMSysApp - ok
00:11:50.0521 0x143c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
00:11:50.0539 0x143c  crcdisk - ok
00:11:50.0585 0x143c  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:11:50.0649 0x143c  CryptSvc - ok
00:11:50.0716 0x143c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:11:50.0804 0x143c  DcomLaunch - ok
00:11:50.0867 0x143c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
00:11:50.0949 0x143c  defragsvc - ok
00:11:50.0992 0x143c  [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:11:51.0043 0x143c  DfsC - ok
00:11:51.0082 0x143c  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
00:11:51.0203 0x143c  Dhcp - ok
00:11:51.0234 0x143c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
00:11:51.0277 0x143c  discache - ok
00:11:51.0329 0x143c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
00:11:51.0350 0x143c  Disk - ok
00:11:51.0409 0x143c  [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:11:51.0451 0x143c  Dnscache - ok
00:11:51.0494 0x143c  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
00:11:51.0564 0x143c  dot3svc - ok
00:11:51.0639 0x143c  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
00:11:51.0750 0x143c  DPS - ok
00:11:51.0800 0x143c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:11:51.0846 0x143c  drmkaud - ok
00:11:51.0913 0x143c  [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:11:52.0007 0x143c  DXGKrnl - ok
00:11:52.0042 0x143c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
00:11:52.0105 0x143c  EapHost - ok
00:11:52.0642 0x143c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
00:11:52.0883 0x143c  ebdrv - ok
00:11:52.0911 0x143c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS             C:\Windows\System32\lsass.exe
00:11:52.0928 0x143c  EFS - ok
00:11:53.0051 0x143c  [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:11:53.0216 0x143c  ehRecvr - ok
00:11:53.0246 0x143c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
00:11:53.0303 0x143c  ehSched - ok
00:11:53.0365 0x143c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
00:11:53.0403 0x143c  elxstor - ok
00:11:53.0430 0x143c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
00:11:53.0492 0x143c  ErrDev - ok
00:11:53.0528 0x143c  [ 3C38648375B7F3988691F53A7AAE10A9, 2423EE67C8E9ACEA3526E5221177F5C63665820ED8A82F6DE0A9997389687C03 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
00:11:53.0561 0x143c  ETD - detected UnsignedFile.Multi.Generic ( 1 )
00:11:56.0214 0x143c  Detect skipped due to KSN trusted
00:11:56.0214 0x143c  ETD - ok
00:11:56.0270 0x143c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
00:11:56.0358 0x143c  EventSystem - ok
00:11:56.0395 0x143c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
00:11:56.0470 0x143c  exfat - ok
00:11:56.0501 0x143c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:11:56.0575 0x143c  fastfat - ok
00:11:56.0673 0x143c  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
00:11:56.0757 0x143c  Fax - ok
00:11:56.0791 0x143c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
00:11:56.0821 0x143c  fdc - ok
00:11:56.0848 0x143c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
00:11:56.0888 0x143c  fdPHost - ok
00:11:56.0904 0x143c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:11:56.0960 0x143c  FDResPub - ok
00:11:56.0994 0x143c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:11:57.0014 0x143c  FileInfo - ok
00:11:57.0033 0x143c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:11:57.0086 0x143c  Filetrace - ok
00:11:57.0130 0x143c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
00:11:57.0158 0x143c  flpydisk - ok
00:11:57.0194 0x143c  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:11:57.0225 0x143c  FltMgr - ok
00:11:57.0331 0x143c  [ CB5E4B9C319E3C6BB363EB7E58A4A051, C9DCF2C2A6AFE0A0F3E23A265843D0C423C08B2E54702C5B389CF293D9A6BAC5 ] FontCache       C:\Windows\system32\FntCache.dll
00:11:57.0421 0x143c  FontCache - ok
00:11:57.0479 0x143c  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:11:57.0496 0x143c  FontCache3.0.0.0 - ok
00:11:57.0515 0x143c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
00:11:57.0535 0x143c  FsDepends - ok
00:11:57.0597 0x143c  [ 8DE1B4F579F8F8897409856F3BB7A7D2, F6F6B2450951E875C3C236F7798F960FD4433EE6B0C57132CB3D32126BEE34E0 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
00:11:57.0621 0x143c  fssfltr - ok
00:11:57.0733 0x143c  [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
00:11:57.0826 0x143c  fsssvc - ok
00:11:57.0878 0x143c  [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:11:57.0901 0x143c  Fs_Rec - ok
00:11:57.0935 0x143c  [ AE87BA80D0EC3B57126ED2CDC15B24ED, 7E0EA3CDB78054D9A4E3B5142305943F2914536D80B8FC363414C8838D51D56C ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
00:11:57.0971 0x143c  fvevol - ok
00:11:58.0044 0x143c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
00:11:58.0066 0x143c  gagp30kx - ok
00:11:58.0150 0x143c  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
00:11:58.0244 0x143c  gpsvc - ok
00:11:58.0330 0x143c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:11:58.0343 0x143c  gupdate - ok
00:11:58.0370 0x143c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:11:58.0381 0x143c  gupdatem - ok
00:11:58.0401 0x143c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
00:11:58.0457 0x143c  hcw85cir - ok
00:11:58.0497 0x143c  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:11:58.0571 0x143c  HdAudAddService - ok
00:11:58.0601 0x143c  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
00:11:58.0632 0x143c  HDAudBus - ok
00:11:58.0647 0x143c  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
00:11:58.0711 0x143c  HECIx64 - ok
00:11:58.0760 0x143c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
00:11:58.0801 0x143c  HidBatt - ok
00:11:58.0821 0x143c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
00:11:58.0860 0x143c  HidBth - ok
00:11:58.0885 0x143c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
00:11:58.0920 0x143c  HidIr - ok
00:11:58.0950 0x143c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
00:11:59.0007 0x143c  hidserv - ok
00:11:59.0066 0x143c  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
00:11:59.0104 0x143c  HidUsb - ok
00:11:59.0132 0x143c  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:11:59.0186 0x143c  hkmsvc - ok
00:11:59.0247 0x143c  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:11:59.0307 0x143c  HomeGroupListener - ok
00:11:59.0337 0x143c  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:11:59.0392 0x143c  HomeGroupProvider - ok
00:11:59.0443 0x143c  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
00:11:59.0464 0x143c  HpSAMD - ok
00:11:59.0558 0x143c  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:11:59.0716 0x143c  HTTP - ok
00:11:59.0746 0x143c  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
00:11:59.0764 0x143c  hwpolicy - ok
00:11:59.0817 0x143c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
00:11:59.0844 0x143c  i8042prt - ok
00:11:59.0904 0x143c  [ BBB3B6DF1ABB0FE35802EDE85CC1C011, 6E1FA8519A7D417969244E807D2863B39656169A925966045036A989A5EB611D ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
00:11:59.0927 0x143c  iaStor - ok
00:12:00.0001 0x143c  [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
00:12:00.0071 0x143c  iaStorV - ok
00:12:00.0208 0x143c  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:12:00.0273 0x143c  idsvc - ok
00:12:00.0314 0x143c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
00:12:00.0341 0x143c  iirsp - ok
00:12:00.0434 0x143c  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
00:12:00.0569 0x143c  IKEEXT - ok
00:12:00.0947 0x143c  [ DCF6AFBA140AF3F880A427C2656BE44D, 8D97B9E5B35106BA74253F3DCC5672F08C7112F56E2BA882A3BBB0D7102F965C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:12:01.0112 0x143c  IntcAzAudAddService - ok
00:12:01.0152 0x143c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
00:12:01.0170 0x143c  intelide - ok
00:12:01.0188 0x143c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
00:12:01.0225 0x143c  intelppm - ok
00:12:01.0266 0x143c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:12:01.0332 0x143c  IPBusEnum - ok
00:12:01.0361 0x143c  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:12:01.0435 0x143c  IpFilterDriver - ok
00:12:01.0585 0x143c  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:12:01.0689 0x143c  iphlpsvc - ok
00:12:01.0722 0x143c  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
00:12:01.0759 0x143c  IPMIDRV - ok
00:12:01.0781 0x143c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
00:12:01.0850 0x143c  IPNAT - ok
00:12:01.0913 0x143c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:12:01.0953 0x143c  IRENUM - ok
00:12:01.0968 0x143c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
00:12:01.0991 0x143c  isapnp - ok
00:12:02.0008 0x143c  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
00:12:02.0043 0x143c  iScsiPrt - ok
00:12:02.0073 0x143c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
00:12:02.0096 0x143c  kbdclass - ok
00:12:02.0113 0x143c  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
00:12:02.0145 0x143c  kbdhid - ok
00:12:02.0192 0x143c  [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
00:12:02.0207 0x143c  kbfiltr - ok
00:12:02.0233 0x143c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso          C:\Windows\system32\lsass.exe
00:12:02.0249 0x143c  KeyIso - ok
00:12:02.0264 0x143c  [ 16C1B906FC5EAD84769F90B736B6BF0E, 2FD11B1A6C208CBA4FB97DB2E48B9A487C7649B1FCF5F761B2A0E4D6A02E61EC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:12:02.0289 0x143c  KSecDD - ok
00:12:02.0323 0x143c  [ 0B711550C56444879D71C7DAABDA6C83, A598E0817B0B943457068AD196FD5C9DB9C4135C9901B9B6EAFD1D3B3F4F0E2F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
00:12:02.0354 0x143c  KSecPkg - ok
00:12:02.0398 0x143c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
00:12:02.0459 0x143c  ksthunk - ok
00:12:02.0538 0x143c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:12:02.0642 0x143c  KtmRm - ok
00:12:02.0708 0x143c  [ B4A3A05B0F9C81D098B96AB6AA915042, 76A63A00926E8ADE44994CEE282B086A2F5573430874AC60A6CFE0F80D5CCE9A ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
00:12:02.0750 0x143c  L1C - ok
00:12:02.0785 0x143c  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\system32\srvsvc.dll
00:12:02.0839 0x143c  LanmanServer - ok
00:12:02.0879 0x143c  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:12:02.0944 0x143c  LanmanWorkstation - ok
00:12:03.0062 0x143c  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
00:12:03.0079 0x143c  lirsgt - ok
00:12:03.0151 0x143c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:12:03.0214 0x143c  lltdio - ok
00:12:03.0279 0x143c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:12:03.0379 0x143c  lltdsvc - ok
00:12:03.0406 0x143c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:12:03.0470 0x143c  lmhosts - ok
00:12:03.0559 0x143c  [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:12:03.0580 0x143c  LMS - detected UnsignedFile.Multi.Generic ( 1 )
00:12:05.0973 0x143c  Detect skipped due to KSN trusted
00:12:05.0973 0x143c  LMS - ok
00:12:06.0014 0x143c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
00:12:06.0040 0x143c  LSI_FC - ok
00:12:06.0086 0x143c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
00:12:06.0110 0x143c  LSI_SAS - ok
00:12:06.0138 0x143c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:12:06.0163 0x143c  LSI_SAS2 - ok
00:12:06.0198 0x143c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:12:06.0226 0x143c  LSI_SCSI - ok
00:12:06.0240 0x143c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
00:12:06.0307 0x143c  luafv - ok
00:12:06.0327 0x143c  [ 085435AE1A124361304044029B5CC644, FEEDB68A3A31B31DD2550591E220A25FCAA8EF1A4BC87EA2750E73E2BE56848D ] lullaby         C:\Windows\system32\DRIVERS\lullaby.sys
00:12:06.0342 0x143c  lullaby - ok
00:12:06.0386 0x143c  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:12:06.0429 0x143c  Mcx2Svc - ok
00:12:06.0455 0x143c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
00:12:06.0474 0x143c  megasas - ok
00:12:06.0504 0x143c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
00:12:06.0533 0x143c  MegaSR - ok
00:12:06.0551 0x143c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
00:12:06.0604 0x143c  MMCSS - ok
00:12:06.0635 0x143c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
00:12:06.0690 0x143c  Modem - ok
00:12:06.0714 0x143c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:12:06.0751 0x143c  monitor - ok
00:12:06.0770 0x143c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
00:12:06.0790 0x143c  mouclass - ok
00:12:06.0811 0x143c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
00:12:06.0841 0x143c  mouhid - ok
00:12:06.0868 0x143c  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
00:12:06.0888 0x143c  mountmgr - ok
00:12:06.0961 0x143c  [ F60E017313E0F1EEB21D87C434CF538D, 5418A716AD23E21FFF7CDACD0C4EF2CD7F1D45E391E72196B4D036DBF9E9559C ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:12:06.0981 0x143c  MozillaMaintenance - ok
00:12:07.0020 0x143c  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
00:12:07.0045 0x143c  mpio - ok
00:12:07.0072 0x143c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:12:07.0128 0x143c  mpsdrv - ok
00:12:07.0193 0x143c  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:12:07.0341 0x143c  MpsSvc - ok
00:12:07.0380 0x143c  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:12:07.0428 0x143c  MRxDAV - ok
00:12:07.0467 0x143c  [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:12:07.0529 0x143c  mrxsmb - ok
00:12:07.0566 0x143c  [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:12:07.0697 0x143c  mrxsmb10 - ok
00:12:07.0717 0x143c  [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:12:07.0758 0x143c  mrxsmb20 - ok
00:12:07.0779 0x143c  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
00:12:07.0797 0x143c  msahci - ok
00:12:07.0817 0x143c  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
00:12:07.0842 0x143c  msdsm - ok
00:12:07.0892 0x143c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
00:12:07.0915 0x143c  MSDTC - ok
00:12:07.0934 0x143c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:12:07.0990 0x143c  Msfs - ok
00:12:08.0030 0x143c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
00:12:08.0085 0x143c  mshidkmdf - ok
00:12:08.0090 0x143c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
00:12:08.0109 0x143c  msisadrv - ok
00:12:08.0147 0x143c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:12:08.0223 0x143c  MSiSCSI - ok
00:12:08.0228 0x143c  msiserver - ok
00:12:08.0259 0x143c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:12:08.0323 0x143c  MSKSSRV - ok
00:12:08.0341 0x143c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:12:08.0399 0x143c  MSPCLOCK - ok
00:12:08.0416 0x143c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:12:08.0462 0x143c  MSPQM - ok
00:12:08.0494 0x143c  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:12:08.0536 0x143c  MsRPC - ok
00:12:08.0556 0x143c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
00:12:08.0579 0x143c  mssmbios - ok
00:12:08.0630 0x143c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:12:08.0689 0x143c  MSTEE - ok
00:12:08.0705 0x143c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
00:12:08.0737 0x143c  MTConfig - ok
00:12:08.0769 0x143c  [ 032D35C996F21D19A205A7C8F0B76F3C, 1A1C5BD7204BB937A05E201BCC0840B2C8E4B273D8E1D6D9407264FB4C57F014 ] MTsensor        C:\Windows\system32\DRIVERS\ATK64AMD.sys
00:12:08.0785 0x143c  MTsensor - ok
00:12:08.0798 0x143c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
00:12:08.0821 0x143c  Mup - ok
00:12:08.0858 0x143c  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
00:12:08.0948 0x143c  napagent - ok
00:12:09.0001 0x143c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:12:09.0067 0x143c  NativeWifiP - ok
00:12:09.0160 0x143c  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:12:09.0252 0x143c  NDIS - ok
00:12:09.0297 0x143c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
00:12:09.0353 0x143c  NdisCap - ok
00:12:09.0401 0x143c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:12:09.0452 0x143c  NdisTapi - ok
00:12:09.0487 0x143c  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:12:09.0533 0x143c  Ndisuio - ok
00:12:09.0549 0x143c  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:12:09.0623 0x143c  NdisWan - ok
00:12:09.0656 0x143c  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:12:09.0707 0x143c  NDProxy - ok
00:12:09.0729 0x143c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:12:09.0792 0x143c  NetBIOS - ok
00:12:09.0823 0x143c  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
00:12:09.0896 0x143c  NetBT - ok
00:12:09.0925 0x143c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon        C:\Windows\system32\lsass.exe
00:12:09.0941 0x143c  Netlogon - ok
00:12:09.0969 0x143c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
00:12:10.0044 0x143c  Netman - ok
00:12:10.0084 0x143c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:12:10.0112 0x143c  NetMsmqActivator - ok
00:12:10.0120 0x143c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:12:10.0137 0x143c  NetPipeActivator - ok
00:12:10.0183 0x143c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
00:12:10.0258 0x143c  netprofm - ok
00:12:10.0293 0x143c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:12:10.0310 0x143c  NetTcpActivator - ok
00:12:10.0326 0x143c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:12:10.0346 0x143c  NetTcpPortSharing - ok
00:12:10.0374 0x143c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
00:12:10.0395 0x143c  nfrd960 - ok
00:12:10.0436 0x143c  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:12:10.0500 0x143c  NlaSvc - ok
00:12:10.0522 0x143c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:12:10.0605 0x143c  Npfs - ok
00:12:10.0654 0x143c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
00:12:10.0699 0x143c  nsi - ok
00:12:10.0723 0x143c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:12:10.0780 0x143c  nsiproxy - ok
00:12:10.0867 0x143c  [ 378E0E0DFEA67D98AE6EA53ADBBD76BC, 2A78A36A729B271FE54A54E507EBC9AD9B9D764DBCB58AC3CBB8FC76D0075391 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:12:10.0986 0x143c  Ntfs - ok
00:12:11.0001 0x143c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
00:12:11.0052 0x143c  Null - ok
00:12:11.0100 0x143c  [ 785298579B5F9B4032152DFBB992FDB6, 873346A9B2C71C4F3F8B9C6B6AF34AD3675D029DAEA93876350ACBCEE19145D5 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
00:12:11.0150 0x143c  nusb3hub - ok
00:12:11.0173 0x143c  [ DF2750481B4964814467C974F2B0EEF1, 573FE5B5867C207355F0D6BBAE744EC5D2539F02DDC25E1470AE2D1E00954C3C ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:12:11.0199 0x143c  nusb3xhc - ok
00:12:11.0225 0x143c  [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:12:11.0249 0x143c  nvraid - ok
00:12:11.0287 0x143c  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:12:11.0314 0x143c  nvstor - ok
00:12:11.0340 0x143c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
00:12:11.0365 0x143c  nv_agp - ok
00:12:11.0464 0x143c  [ 1F0E05DFF4F5A833168E49BE1256F002, A858267572033C185293B0FD15B2BFDA679D0771A14C0ADF24461B529DBAD8DF ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:12:11.0502 0x143c  odserv - ok
00:12:11.0527 0x143c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
00:12:11.0569 0x143c  ohci1394 - ok
00:12:11.0629 0x143c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:12:11.0647 0x143c  ose - ok
00:12:11.0796 0x143c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
00:12:11.0857 0x143c  p2pimsvc - ok
00:12:11.0900 0x143c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
00:12:11.0953 0x143c  p2psvc - ok
00:12:11.0991 0x143c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
00:12:12.0015 0x143c  Parport - ok
00:12:12.0056 0x143c  [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:12:12.0076 0x143c  partmgr - ok
00:12:12.0107 0x143c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:12:12.0148 0x143c  PcaSvc - ok
00:12:12.0159 0x143c  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
00:12:12.0175 0x143c  pci - ok
00:12:12.0180 0x143c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
00:12:12.0196 0x143c  pciide - ok
00:12:12.0225 0x143c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
00:12:12.0253 0x143c  pcmcia - ok
00:12:12.0260 0x143c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
00:12:12.0279 0x143c  pcw - ok
00:12:12.0322 0x143c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:12:12.0430 0x143c  PEAUTH - ok
00:12:12.0539 0x143c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
00:12:12.0571 0x143c  PerfHost - ok
00:12:12.0653 0x143c  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
00:12:12.0813 0x143c  pla - ok
00:12:12.0866 0x143c  [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:12:12.0931 0x143c  PlugPlay - ok
00:12:12.0965 0x143c  PnkBstrA - ok
00:12:12.0984 0x143c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
00:12:13.0019 0x143c  PNRPAutoReg - ok
00:12:13.0051 0x143c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
00:12:13.0079 0x143c  PNRPsvc - ok
00:12:13.0125 0x143c  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:12:13.0205 0x143c  PolicyAgent - ok
00:12:13.0243 0x143c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
00:12:13.0299 0x143c  Power - ok
00:12:13.0347 0x143c  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:12:13.0411 0x143c  PptpMiniport - ok
00:12:13.0450 0x143c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
00:12:13.0485 0x143c  Processor - ok
00:12:13.0516 0x143c  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll
00:12:13.0579 0x143c  ProfSvc - ok
00:12:13.0612 0x143c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:12:13.0628 0x143c  ProtectedStorage - ok
00:12:13.0663 0x143c  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
00:12:13.0716 0x143c  Psched - ok
00:12:13.0812 0x143c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
00:12:13.0961 0x143c  ql2300 - ok
00:12:13.0997 0x143c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
00:12:14.0021 0x143c  ql40xx - ok
00:12:14.0057 0x143c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
00:12:14.0096 0x143c  QWAVE - ok
00:12:14.0148 0x143c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:12:14.0182 0x143c  QWAVEdrv - ok
00:12:14.0204 0x143c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:12:14.0253 0x143c  RasAcd - ok
00:12:14.0296 0x143c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
00:12:14.0339 0x143c  RasAgileVpn - ok
00:12:14.0361 0x143c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
00:12:14.0417 0x143c  RasAuto - ok
00:12:14.0444 0x143c  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:12:14.0507 0x143c  Rasl2tp - ok
00:12:14.0554 0x143c  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
00:12:14.0650 0x143c  RasMan - ok
00:12:14.0699 0x143c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:12:14.0760 0x143c  RasPppoe - ok
00:12:14.0782 0x143c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:12:14.0838 0x143c  RasSstp - ok
00:12:14.0869 0x143c  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:12:14.0947 0x143c  rdbss - ok
00:12:14.0967 0x143c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
00:12:15.0033 0x143c  rdpbus - ok
00:12:15.0088 0x143c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:12:15.0200 0x143c  RDPCDD - ok
00:12:15.0246 0x143c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:12:15.0283 0x143c  RDPENCDD - ok
00:12:15.0290 0x143c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
00:12:15.0349 0x143c  RDPREFMP - ok
00:12:15.0398 0x143c  [ 074AC702D8B8B660B0E1371555995386, 4D038797AF891BB6FE4503178C3A9C918620FEA80AFB36083B836B2547271952 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:12:15.0453 0x143c  RDPWD - ok
00:12:15.0488 0x143c  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
00:12:15.0516 0x143c  rdyboost - ok
00:12:15.0536 0x143c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:12:15.0593 0x143c  RemoteAccess - ok
00:12:15.0636 0x143c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:12:15.0680 0x143c  RemoteRegistry - ok
00:12:15.0732 0x143c  [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
00:12:15.0748 0x143c  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
00:12:18.0806 0x143c  Detect skipped due to KSN trusted
00:12:18.0806 0x143c  RichVideo - ok
00:12:18.0839 0x143c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
00:12:18.0891 0x143c  RpcEptMapper - ok
00:12:18.0918 0x143c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
00:12:18.0946 0x143c  RpcLocator - ok
00:12:18.0984 0x143c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
00:12:19.0039 0x143c  RpcSs - ok
00:12:19.0081 0x143c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:12:19.0131 0x143c  rspndr - ok
00:12:19.0181 0x143c  [ 483C537E69FA97C77F7FE0E2E1C1F102, B5DCC1C669126C558057B328F86071F35B2FF55A0C595A05FC16F2E893BA48E4 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
00:12:19.0472 0x143c  RTHDMIAzAudService - ok
00:12:19.0632 0x143c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs           C:\Windows\system32\lsass.exe
00:12:19.0697 0x143c  SamSs - ok
00:12:19.0717 0x143c  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
00:12:19.0739 0x143c  sbp2port - ok
00:12:19.0773 0x143c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:12:19.0841 0x143c  SCardSvr - ok
00:12:19.0860 0x143c  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
00:12:19.0910 0x143c  scfilter - ok
00:12:19.0980 0x143c  [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule        C:\Windows\system32\schedsvc.dll
00:12:20.0073 0x143c  Schedule - ok
00:12:20.0108 0x143c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:12:20.0145 0x143c  SCPolicySvc - ok
00:12:20.0182 0x143c  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:12:20.0240 0x143c  SDRSVC - ok
00:12:20.0252 0x143c  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
00:12:20.0303 0x143c  seclogon - ok
00:12:20.0322 0x143c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
00:12:20.0360 0x143c  SENS - ok
00:12:20.0379 0x143c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
00:12:20.0423 0x143c  SensrSvc - ok
00:12:20.0454 0x143c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
00:12:20.0487 0x143c  Serenum - ok
00:12:20.0509 0x143c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
00:12:20.0534 0x143c  Serial - ok
00:12:20.0555 0x143c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
00:12:20.0614 0x143c  sermouse - ok
00:12:20.0652 0x143c  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
00:12:20.0691 0x143c  SessionEnv - ok
00:12:20.0711 0x143c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
00:12:20.0740 0x143c  sffdisk - ok
00:12:20.0754 0x143c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
00:12:20.0774 0x143c  sffp_mmc - ok
00:12:20.0791 0x143c  [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
00:12:20.0812 0x143c  sffp_sd - ok
00:12:20.0832 0x143c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
00:12:20.0879 0x143c  sfloppy - ok
00:12:20.0924 0x143c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:12:21.0004 0x143c  SharedAccess - ok
00:12:21.0052 0x143c  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:12:21.0101 0x143c  ShellHWDetection - ok
00:12:21.0138 0x143c  [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
00:12:21.0176 0x143c  SiSGbeLH - ok
00:12:21.0208 0x143c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:12:21.0228 0x143c  SiSRaid2 - ok
00:12:21.0250 0x143c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
00:12:21.0272 0x143c  SiSRaid4 - ok
00:12:21.0292 0x143c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:12:21.0336 0x143c  Smb - ok
00:12:21.0386 0x143c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:12:21.0420 0x143c  SNMPTRAP - ok
00:12:21.0518 0x143c  [ 2114518E55B380A3ACC28B2C27FD499A, 5EB378ECE4AD1E1C843CF21D46A5A3DE85CB8BBF1DF7292D54200F4ECFAE301A ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
00:12:21.0677 0x143c  SNP2UVC - ok
00:12:21.0711 0x143c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
00:12:21.0727 0x143c  spldr - ok
00:12:21.0779 0x143c  [ F8E1FA03CB70D54A9892AC88B91D1E7B, 55EECAAD4C7EC0868BE937F4ADDA026AFDFCC614E94DE4B3248BFF2BE7FF13E8 ] Spooler         C:\Windows\System32\spoolsv.exe
00:12:21.0810 0x143c  Spooler - ok
00:12:21.0970 0x143c  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
00:12:22.0168 0x143c  sppsvc - ok
00:12:22.0190 0x143c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
00:12:22.0246 0x143c  sppuinotify - ok
00:12:22.0347 0x143c  [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd            C:\Windows\system32\Drivers\sptd.sys
00:12:22.0347 0x143c  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB, sha256: C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA
00:12:22.0349 0x143c  sptd - detected LockedFile.Multi.Generic ( 1 )
00:12:25.0302 0x143c  Detect skipped due to KSN trusted
00:12:25.0302 0x143c  sptd - ok
00:12:25.0361 0x143c  [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:12:25.0454 0x143c  srv - ok
00:12:25.0487 0x143c  [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:12:25.0545 0x143c  srv2 - ok
00:12:25.0577 0x143c  [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:12:25.0624 0x143c  srvnet - ok
00:12:25.0658 0x143c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:12:25.0706 0x143c  SSDPSRV - ok
00:12:25.0736 0x143c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:12:25.0787 0x143c  SstpSvc - ok
00:12:25.0896 0x143c  [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
00:12:25.0946 0x143c  Steam Client Service - ok
00:12:26.0009 0x143c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
00:12:26.0027 0x143c  stexstor - ok
00:12:26.0080 0x143c  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
00:12:26.0160 0x143c  stisvc - ok
00:12:26.0177 0x143c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
00:12:26.0197 0x143c  swenum - ok
00:12:26.0249 0x143c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
00:12:26.0337 0x143c  swprv - ok
00:12:26.0434 0x143c  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
00:12:26.0548 0x143c  SysMain - ok
00:12:26.0578 0x143c  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:12:26.0626 0x143c  TabletInputService - ok
00:12:26.0682 0x143c  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:12:26.0747 0x143c  TapiSrv - ok
00:12:26.0763 0x143c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
00:12:26.0818 0x143c  TBS - ok
00:12:26.0933 0x143c  [ F18F56EFC0BFB9C87BA01C37B27F4DA5, 868EF8102EAB18E5EEC4B3032392BB4559B442A489026381F86875193325F63C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:12:27.0092 0x143c  Tcpip - ok
00:12:27.0198 0x143c  [ F18F56EFC0BFB9C87BA01C37B27F4DA5, 868EF8102EAB18E5EEC4B3032392BB4559B442A489026381F86875193325F63C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
00:12:27.0262 0x143c  TCPIP6 - ok
00:12:27.0314 0x143c  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:12:27.0357 0x143c  tcpipreg - ok
00:12:27.0394 0x143c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:12:27.0442 0x143c  TDPIPE - ok
00:12:27.0474 0x143c  [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:12:27.0515 0x143c  TDTCP - ok
00:12:27.0527 0x143c  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:12:27.0589 0x143c  tdx - ok
00:12:27.0628 0x143c  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
00:12:27.0647 0x143c  TermDD - ok
00:12:27.0691 0x143c  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
00:12:27.0764 0x143c  TermService - ok
00:12:27.0791 0x143c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
00:12:27.0828 0x143c  Themes - ok
00:12:27.0857 0x143c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
00:12:27.0894 0x143c  THREADORDER - ok
00:12:27.0930 0x143c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
00:12:27.0972 0x143c  TrkWks - ok
00:12:28.0019 0x143c  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:12:28.0055 0x143c  TrustedInstaller - ok
00:12:28.0072 0x143c  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:12:28.0145 0x143c  tssecsrv - ok
00:12:28.0312 0x143c  [ CDAD7034AF9562835F29FB50A5F54832, CEBEAAF387A6B6A7CE20839E29988F47A7CD381BEDD8B127ECD5E0548BCC68FA ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
00:12:28.0433 0x143c  TuneUp.UtilitiesSvc - ok
00:12:28.0493 0x143c  [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
00:12:28.0511 0x143c  TuneUpUtilitiesDrv - ok
00:12:28.0548 0x143c  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:12:28.0600 0x143c  tunnel - ok
00:12:28.0633 0x143c  [ C45A3E051C65106A28982CAED125F855, 9164708ABC6B1BA804B8297AA4EEBC65C4BDD4D399AD6CBAB9C66BB7AA9020E8 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
00:12:28.0649 0x143c  TurboB - ok
00:12:28.0725 0x143c  [ BAEF86EBEAECE76573FA822DEA256F6C, B845AB0AACCCF4C2D4A8DD152C57C52416C5938FB3FEB670DB5434FA95620F3B ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
00:12:28.0737 0x143c  TurboBoost - ok
00:12:28.0754 0x143c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
00:12:28.0773 0x143c  uagp35 - ok
00:12:28.0806 0x143c  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:12:28.0890 0x143c  udfs - ok
00:12:28.0919 0x143c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:12:28.0949 0x143c  UI0Detect - ok
00:12:28.0973 0x143c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
00:12:29.0035 0x143c  uliagpkx - ok
00:12:29.0141 0x143c  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
00:12:29.0175 0x143c  umbus - ok
00:12:29.0216 0x143c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
00:12:29.0233 0x143c  UmPass - ok
00:12:29.0367 0x143c  [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
00:12:29.0529 0x143c  UNS - detected UnsignedFile.Multi.Generic ( 1 )
00:12:32.0854 0x143c  Detect skipped due to KSN trusted
00:12:32.0854 0x143c  UNS - ok
00:12:32.0897 0x143c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
00:12:32.0955 0x143c  upnphost - ok
00:12:32.0979 0x143c  [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:12:33.0009 0x143c  usbccgp - ok
00:12:33.0041 0x143c  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
00:12:33.0087 0x143c  usbcir - ok
00:12:33.0123 0x143c  [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
00:12:33.0150 0x143c  usbehci - ok
00:12:33.0181 0x143c  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
00:12:33.0242 0x143c  usbhub - ok
00:12:33.0271 0x143c  [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
00:12:33.0306 0x143c  usbohci - ok
00:12:33.0341 0x143c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
00:12:33.0374 0x143c  usbprint - ok
00:12:33.0422 0x143c  [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:12:33.0471 0x143c  USBSTOR - ok
00:12:33.0494 0x143c  [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
00:12:33.0532 0x143c  usbuhci - ok
00:12:33.0696 0x143c  [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
00:12:33.0754 0x143c  usbvideo - ok
00:12:33.0782 0x143c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
00:12:33.0830 0x143c  UxSms - ok
00:12:33.0851 0x143c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc        C:\Windows\system32\lsass.exe
00:12:33.0867 0x143c  VaultSvc - ok
00:12:33.0897 0x143c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
00:12:33.0915 0x143c  vdrvroot - ok
00:12:33.0961 0x143c  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
00:12:34.0011 0x143c  vds - ok
00:12:34.0035 0x143c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:12:34.0056 0x143c  vga - ok
00:12:34.0069 0x143c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:12:34.0124 0x143c  VgaSave - ok
00:12:34.0145 0x143c  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
00:12:34.0177 0x143c  vhdmp - ok
00:12:34.0194 0x143c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
00:12:34.0213 0x143c  viaide - ok
00:12:34.0229 0x143c  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
00:12:34.0251 0x143c  volmgr - ok
00:12:34.0275 0x143c  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:12:34.0327 0x143c  volmgrx - ok
00:12:34.0341 0x143c  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
00:12:34.0376 0x143c  volsnap - ok
00:12:34.0401 0x143c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
00:12:34.0428 0x143c  vsmraid - ok
00:12:34.0567 0x143c  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
00:12:34.0718 0x143c  VSS - ok
00:12:34.0741 0x143c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
00:12:34.0776 0x143c  vwifibus - ok
00:12:34.0791 0x143c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
00:12:34.0832 0x143c  vwififlt - ok
00:12:34.0863 0x143c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
00:12:34.0888 0x143c  vwifimp - ok
00:12:34.0938 0x143c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
00:12:35.0012 0x143c  W32Time - ok
00:12:35.0038 0x143c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
00:12:35.0076 0x143c  WacomPen - ok
00:12:35.0112 0x143c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
00:12:35.0175 0x143c  WANARP - ok
00:12:35.0180 0x143c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:12:35.0217 0x143c  Wanarpv6 - ok
00:12:35.0296 0x143c  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
00:12:35.0426 0x143c  wbengine - ok
00:12:35.0450 0x143c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
00:12:35.0505 0x143c  WbioSrvc - ok
00:12:35.0559 0x143c  [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:12:35.0639 0x143c  wcncsvc - ok
00:12:35.0667 0x143c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:12:35.0717 0x143c  WcsPlugInService - ok
00:12:35.0753 0x143c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
00:12:35.0770 0x143c  Wd - ok
00:12:35.0811 0x143c  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:12:35.0889 0x143c  Wdf01000 - ok
00:12:35.0914 0x143c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:12:35.0947 0x143c  WdiServiceHost - ok
00:12:35.0970 0x143c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:12:35.0992 0x143c  WdiSystemHost - ok
00:12:36.0023 0x143c  [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient       C:\Windows\System32\webclnt.dll
00:12:36.0085 0x143c  WebClient - ok
00:12:36.0120 0x143c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:12:36.0186 0x143c  Wecsvc - ok
00:12:36.0203 0x143c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:12:36.0268 0x143c  wercplsupport - ok
00:12:36.0307 0x143c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:12:36.0368 0x143c  WerSvc - ok
00:12:36.0405 0x143c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
00:12:36.0446 0x143c  WfpLwf - ok
00:12:36.0480 0x143c  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
00:12:36.0503 0x143c  WimFltr - ok
00:12:36.0514 0x143c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
00:12:36.0532 0x143c  WIMMount - ok
00:12:36.0551 0x143c  WinDefend - ok
00:12:36.0560 0x143c  WinHttpAutoProxySvc - ok
00:12:36.0627 0x143c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:12:36.0677 0x143c  Winmgmt - ok
00:12:36.0893 0x143c  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
00:12:37.0065 0x143c  WinRM - ok
00:12:37.0134 0x143c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:12:37.0198 0x143c  Wlansvc - ok
00:12:37.0337 0x143c  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:12:37.0461 0x143c  wlidsvc - ok
00:12:37.0495 0x143c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
00:12:37.0528 0x143c  WmiAcpi - ok
00:12:37.0568 0x143c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:12:37.0596 0x143c  wmiApSrv - ok
00:12:37.0634 0x143c  WMPNetworkSvc - ok
00:12:37.0654 0x143c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:12:37.0703 0x143c  WPCSvc - ok
00:12:37.0720 0x143c  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:12:37.0755 0x143c  WPDBusEnum - ok
00:12:37.0780 0x143c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:12:37.0834 0x143c  ws2ifsl - ok
00:12:37.0882 0x143c  [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc          C:\Windows\System32\wscsvc.dll
00:12:37.0930 0x143c  wscsvc - ok
00:12:37.0933 0x143c  WSearch - ok
00:12:38.0084 0x143c  [ 38340204A2D0228F1E87740FC5E554A7, 57181ED34E73DD17B590803C770A086C57754F229C6F587637B8FBB5D6519603 ] wuauserv        C:\Windows\system32\wuaueng.dll
00:12:38.0275 0x143c  wuauserv - ok
00:12:38.0300 0x143c  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:12:38.0348 0x143c  WudfPf - ok
00:12:38.0402 0x143c  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:12:38.0468 0x143c  WUDFRd - ok
00:12:38.0510 0x143c  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:12:38.0575 0x143c  wudfsvc - ok
00:12:38.0614 0x143c  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
00:12:38.0665 0x143c  WwanSvc - ok
00:12:38.0763 0x143c  [ 74983ADDCA2D9618512C088D856D6615, C4592EFC1206BD813221814FD529AD38ED26E4AE086613EB95D3D5E20448A1F0 ] {B154377D-700F-42cc-9474-23858FBDF4BD} C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl
00:12:38.0779 0x143c  {B154377D-700F-42cc-9474-23858FBDF4BD} - ok
00:12:38.0800 0x143c  ================ Scan global ===============================
00:12:38.0820 0x143c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
00:12:38.0853 0x143c  [ 0CB6EBF4B461A6043353C570BD72A1E1, B6DA0AE56A7DC373F60CA1EF69E4D55E6F2EEB0D62AB78D555C5F85EB389A356 ] C:\Windows\system32\winsrv.dll
00:12:38.0875 0x143c  [ 0CB6EBF4B461A6043353C570BD72A1E1, B6DA0AE56A7DC373F60CA1EF69E4D55E6F2EEB0D62AB78D555C5F85EB389A356 ] C:\Windows\system32\winsrv.dll
00:12:38.0910 0x143c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:12:39.0079 0x143c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
00:12:39.0095 0x143c  [ Global ] - ok
00:12:39.0096 0x143c  ================ Scan MBR ==================================
00:12:39.0117 0x143c  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
00:12:41.0228 0x143c  \Device\Harddisk0\DR0 - ok
00:12:41.0230 0x143c  ================ Scan VBR ==================================
00:12:41.0254 0x143c  [ 1D5A4C505F70AD283EEA61A893FA2FDF ] \Device\Harddisk0\DR0\Partition1
00:12:41.0257 0x143c  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
00:12:41.0257 0x143c  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
00:12:43.0651 0x143c  [ 49AB2F696E91DF00265D64A54C592637 ] \Device\Harddisk0\DR0\Partition2
00:12:43.0655 0x143c  \Device\Harddisk0\DR0\Partition2 - ok
00:12:43.0655 0x143c  ================ Scan generic autorun ======================
00:12:43.0802 0x143c  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
00:12:43.0847 0x143c  AdobeAAMUpdater-1.0 - ok
00:12:43.0890 0x143c  [ 819CB14FC5EF910B6D4C5AB77793C53F, 96F2FE5400C278D9C1E3FAA28B699DEC63F297D61C03A85FD63ADEA411B00869 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
00:12:43.0899 0x143c  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
00:12:46.0491 0x143c  Detect skipped due to KSN trusted
00:12:46.0491 0x143c  StartCCC - ok
00:12:46.0541 0x143c  [ 087A06DB98D0E84C0DE90EE308707E63, 96E8CDC492115A93B1B244196947E45D3C30CF64F538EAB634E0B02BEFBF1607 ] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
00:12:46.0549 0x143c  NUSB3MON - detected UnsignedFile.Multi.Generic ( 1 )
00:12:48.0995 0x143c  Detect skipped due to KSN trusted
00:12:48.0996 0x143c  NUSB3MON - ok
00:12:49.0132 0x143c  [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
00:12:49.0168 0x143c  avgnt - ok
00:12:49.0250 0x143c  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:12:49.0412 0x143c  Sidebar - ok
00:12:49.0439 0x143c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:12:49.0460 0x143c  mctadmin - ok
00:12:49.0514 0x143c  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:12:49.0566 0x143c  Sidebar - ok
00:12:49.0604 0x143c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:12:49.0624 0x143c  mctadmin - ok
00:12:49.0731 0x143c  [ 7A6A4EDC0CEF9DE9CAFFDFE36D991FD4, 29078B41C8E977E06D925936325B1BE41F478CE53B1F5D2408A7C414240DC0B2 ] C:\Users\Daddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
00:12:49.0803 0x143c  Spotify Web Helper - ok
00:12:49.0806 0x143c  Waiting for KSN requests completion. In queue: 6
00:12:50.0806 0x143c  Waiting for KSN requests completion. In queue: 6
00:12:51.0806 0x143c  Waiting for KSN requests completion. In queue: 6
00:12:52.0859 0x143c  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
00:12:52.0875 0x143c  Win FW state via NFP2: enabled
00:12:55.0258 0x143c  ============================================================
00:12:55.0258 0x143c  Scan finished
00:12:55.0258 0x143c  ============================================================
00:12:55.0268 0x18ac  Detected object count: 1
00:12:55.0268 0x18ac  Actual detected object count: 1
00:13:06.0746 0x18ac  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
00:13:06.0747 0x18ac  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
         

Geändert von Mr.dub (20.09.2014 um 00:17 Uhr)

Alt 20.09.2014, 00:18   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Boo/Cidox.b - Standard

Boo/Cidox.b



Hi,

Einträge mit TDSS-Killer löschen. Windows neu starten, neues Log mit TDSS-Killer machen. Und auch bitte FRST:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 20.09.2014, 00:48   #3
Mr.dub
 
Boo/Cidox.b - Standard

Boo/Cidox.b



Hier: FRST


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Daddy (administrator) on DADDY-PC on 20-09-2014 00:39:27
Running from C:\Users\Daddy\Desktop
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Daddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [807696 2013-12-20] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\Run: [Spotify Web Helper] => C:\Users\Daddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-27] (Spotify Ltd)
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: {28dc369f-039f-11df-bcea-e0cb4e560368} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: {5cbbe385-02d0-11df-898a-e0cb4e560368} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: {e2d2cf65-030e-11df-9307-e0cb4e560368} - H:\Autorun.exe
IFEO\hd-apkhandler.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hd-runapp.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hd-startlauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPF63F852A-B6EE-41A6-AA53-09BE44511160&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6AF504B4-561F-4237-9FC2-AEDC2A6F0D97&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6AF504B4-561F-4237-9FC2-AEDC2A6F0D97&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {DAA0E028-948E-4052-AE09-9E30A6C11D43} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=6ea1bed0-7e74-4987-94c1-46ea1336f438&apn_sauid=34A2857F-02CB-46D4-8840-742E0E352357
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Daddy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Daddy\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Daddy\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Daddy\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2011-07-26]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2011-07-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-04-23]

Chrome: 
=======
CHR Profile: C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-05-15]
CHR Extension: (Google Translate) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-02-22]
CHR Extension: (Google Drive) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-23]
CHR Extension: (Slinky Elegant) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2014-02-22]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-22]
CHR Extension: (Google Search) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-23]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2014-05-02]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-02-22]
CHR Extension: (AdBlock) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-02]
CHR Extension: (Dropbox) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-02-22]
CHR Extension: (Google Play) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-02-22]
CHR Extension: (Google Maps) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-02-22]
CHR Extension: (Hangouts) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-02-23]
CHR Extension: (Google Wallet) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-03]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-02-22]
CHR Extension: (Context Menu Search) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2014-07-30]
CHR Extension: (Gmail) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-01] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-08-03] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-07] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl [146928 2009-09-02] (CyberLink Corp.)
U3 tmlwf; No ImagePath
U3 tmwfp; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-20 00:37 - 2014-09-20 00:39 - 00068418 _____ () C:\Users\Daddy\Desktop\Addition.txt
2014-09-20 00:36 - 2014-09-20 00:39 - 00016673 _____ () C:\Users\Daddy\Desktop\FRST.txt
2014-09-20 00:36 - 2014-09-20 00:39 - 00000000 ____D () C:\FRST
2014-09-20 00:21 - 2014-09-20 00:28 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-20 00:20 - 2014-09-20 00:20 - 02105856 _____ (Farbar) C:\Users\Daddy\Desktop\FRST64.exe
2014-09-19 23:54 - 2014-09-19 23:54 - 490967222 _____ () C:\Windows\MEMORY.DMP
2014-09-19 23:54 - 2014-09-19 23:54 - 00275960 _____ () C:\Windows\Minidump\091914-22978-01.dmp
2014-09-19 23:23 - 2014-09-19 23:23 - 00001265 _____ () C:\Users\Daddy\Desktop\Neues Textdokument.txt
2014-09-19 22:50 - 2014-09-19 22:50 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Daddy\Desktop\tdsskiller.exe
2014-09-19 21:58 - 2014-09-19 21:58 - 00003288 ____N () C:\bootsqm.dat
2014-09-19 20:38 - 2014-09-20 00:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-19 20:38 - 2014-09-19 20:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-19 20:38 - 2014-09-19 20:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-19 20:38 - 2014-09-19 20:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-19 20:38 - 2014-09-19 20:38 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-19 20:31 - 2014-09-19 20:31 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-09-18 21:45 - 2014-09-18 21:45 - 12789816 _____ () C:\Users\Daddy\Downloads\Warriors-MP3.zip
2014-09-16 19:14 - 2014-09-16 19:17 - 00000000 ____D () C:\Users\Daddy\Desktop\alex mod
2014-09-12 18:38 - 2014-09-12 18:38 - 00275960 _____ () C:\Windows\Minidump\091214-19983-01.dmp
2014-09-09 11:52 - 2014-09-09 11:52 - 00275960 _____ () C:\Windows\Minidump\090914-21840-01.dmp
2014-09-07 16:04 - 2014-09-07 16:04 - 00000824 _____ () C:\Users\Daddy\Desktop\teeworlds.lnk
2014-09-07 15:06 - 2014-09-08 18:47 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Teeworlds
2014-09-05 18:12 - 2014-09-05 18:21 - 00393216 _____ () C:\Windows\system32\Ikeext.etl
2014-08-31 13:50 - 2014-08-31 13:50 - 00275960 _____ () C:\Windows\Minidump\083114-31590-01.dmp
2014-08-30 14:11 - 2014-08-30 14:11 - 00000000 ____D () C:\Users\Daddy\Documents\NeocoreGames
2014-08-29 17:10 - 2014-08-29 17:23 - 34888568 _____ (Riot Games) C:\Users\Daddy\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-08-27 00:27 - 2014-08-27 00:28 - 00000000 ____D () C:\Users\Daddy\LAN
2014-08-27 00:10 - 2014-08-27 00:11 - 00011264 ___SH () C:\Users\Daddy\Downloads\Thumbs.db
2014-08-27 00:10 - 2014-08-27 00:10 - 00010752 ___SH () C:\Users\Daddy\Desktop\Thumbs.db

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-20 00:39 - 2014-09-20 00:37 - 00068418 _____ () C:\Users\Daddy\Desktop\Addition.txt
2014-09-20 00:39 - 2014-09-20 00:36 - 00016673 _____ () C:\Users\Daddy\Desktop\FRST.txt
2014-09-20 00:39 - 2014-09-20 00:36 - 00000000 ____D () C:\FRST
2014-09-20 00:37 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-20 00:37 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-20 00:33 - 2010-01-09 00:38 - 01277012 _____ () C:\Windows\WindowsUpdate.log
2014-09-20 00:29 - 2014-05-25 22:55 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-20 00:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-20 00:29 - 2009-07-14 06:51 - 00184143 _____ () C:\Windows\setupact.log
2014-09-20 00:28 - 2014-09-20 00:21 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-20 00:26 - 2014-09-19 20:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-20 00:20 - 2014-09-20 00:20 - 02105856 _____ (Farbar) C:\Users\Daddy\Desktop\FRST64.exe
2014-09-20 00:11 - 2010-01-29 20:35 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8284BB31-0CBF-4504-9CF4-17F940177E7E}
2014-09-19 23:54 - 2014-09-19 23:54 - 490967222 _____ () C:\Windows\MEMORY.DMP
2014-09-19 23:54 - 2014-09-19 23:54 - 00275960 _____ () C:\Windows\Minidump\091914-22978-01.dmp
2014-09-19 23:54 - 2010-01-22 20:56 - 00000000 ____D () C:\Windows\Minidump
2014-09-19 23:51 - 2012-04-23 18:01 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000UA.job
2014-09-19 23:23 - 2014-09-19 23:23 - 00001265 _____ () C:\Users\Daddy\Desktop\Neues Textdokument.txt
2014-09-19 23:23 - 2014-05-25 22:55 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 22:50 - 2014-09-19 22:50 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Daddy\Desktop\tdsskiller.exe
2014-09-19 21:58 - 2014-09-19 21:58 - 00003288 ____N () C:\bootsqm.dat
2014-09-19 21:46 - 2009-07-29 07:10 - 00000000 __SHD () C:\Recovery
2014-09-19 21:09 - 2010-01-09 01:48 - 00001755 _____ () C:\Windows\system32\ServiceFilter.ini
2014-09-19 20:38 - 2014-09-19 20:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-19 20:38 - 2014-09-19 20:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-19 20:38 - 2014-09-19 20:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-19 20:38 - 2014-09-19 20:38 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-19 20:31 - 2014-09-19 20:31 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-09-19 16:12 - 2010-01-16 20:53 - 00000000 ____D () C:\Users\Daddy
2014-09-19 12:52 - 2012-04-23 18:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-18 23:12 - 2009-08-04 11:51 - 00698374 _____ () C:\Windows\system32\perfh007.dat
2014-09-18 23:12 - 2009-08-04 11:51 - 00149038 _____ () C:\Windows\system32\perfc007.dat
2014-09-18 23:12 - 2009-07-14 07:13 - 01616954 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-18 21:45 - 2014-09-18 21:45 - 12789816 _____ () C:\Users\Daddy\Downloads\Warriors-MP3.zip
2014-09-18 17:51 - 2012-04-23 18:01 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000Core.job
2014-09-17 15:10 - 2010-01-22 19:43 - 00355754 _____ () C:\Windows\PFRO.log
2014-09-16 19:17 - 2014-09-16 19:14 - 00000000 ____D () C:\Users\Daddy\Desktop\alex mod
2014-09-16 19:14 - 2014-03-15 23:43 - 00000000 ___RD () C:\Users\Daddy\Dokumente
2014-09-14 03:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-12 18:44 - 2014-02-22 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-12 18:44 - 2013-11-01 18:40 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-12 18:44 - 2012-07-14 18:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-12 18:38 - 2014-09-12 18:38 - 00275960 _____ () C:\Windows\Minidump\091214-19983-01.dmp
2014-09-12 14:02 - 2011-07-26 13:20 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Skype
2014-09-12 13:55 - 2014-08-11 02:01 - 00000000 ___RD () C:\Users\Daddy\Desktop\*
2014-09-09 11:52 - 2014-09-09 11:52 - 00275960 _____ () C:\Windows\Minidump\090914-21840-01.dmp
2014-09-08 18:47 - 2014-09-07 15:06 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Teeworlds
2014-09-07 16:04 - 2014-09-07 16:04 - 00000824 _____ () C:\Users\Daddy\Desktop\teeworlds.lnk
2014-09-05 18:21 - 2014-09-05 18:12 - 00393216 _____ () C:\Windows\system32\Ikeext.etl
2014-09-05 18:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-08-31 20:59 - 2014-05-18 10:45 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-08-31 20:59 - 2014-05-18 10:45 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-08-31 20:59 - 2014-02-22 18:21 - 00000000 ____D () C:\Users\Daddy\Downloads\Games
2014-08-31 20:59 - 2010-01-09 01:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-31 13:50 - 2014-08-31 13:50 - 00275960 _____ () C:\Windows\Minidump\083114-31590-01.dmp
2014-08-30 14:11 - 2014-08-30 14:11 - 00000000 ____D () C:\Users\Daddy\Documents\NeocoreGames
2014-08-30 13:58 - 2010-01-16 22:30 - 00000000 ____D () C:\Users\Daddy\Documents\My Games
2014-08-30 02:54 - 2014-05-10 17:32 - 00000000 ____D () C:\Users\Daddy\AppData\Local\Battle.net
2014-08-29 17:23 - 2014-08-29 17:10 - 34888568 _____ (Riot Games) C:\Users\Daddy\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-08-29 16:31 - 2010-07-30 00:13 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-08-29 14:11 - 2012-05-26 19:47 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-08-29 14:09 - 2014-05-10 17:32 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-27 16:35 - 2014-04-30 17:19 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Spotify
2014-08-27 16:04 - 2014-04-30 17:20 - 00000000 ____D () C:\Users\Daddy\AppData\Local\Spotify
2014-08-27 00:28 - 2014-08-27 00:27 - 00000000 ____D () C:\Users\Daddy\LAN
2014-08-27 00:11 - 2014-08-27 00:10 - 00011264 ___SH () C:\Users\Daddy\Downloads\Thumbs.db
2014-08-27 00:10 - 2014-08-27 00:10 - 00010752 ___SH () C:\Users\Daddy\Desktop\Thumbs.db

Some content of TEMP:
====================
C:\Users\Daddy\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Daddy\AppData\Local\Temp\AskSLib.dll
C:\Users\Daddy\AppData\Local\Temp\avgnt.exe
C:\Users\Daddy\AppData\Local\Temp\ETDUninst.dll
C:\Users\Daddy\AppData\Local\Temp\Gw2.exe
C:\Users\Daddy\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Daddy\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Daddy\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Daddy\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Daddy\AppData\Local\Temp\nscB8AA.exe
C:\Users\Daddy\AppData\Local\Temp\nse9714.exe
C:\Users\Daddy\AppData\Local\Temp\nseC251.exe
C:\Users\Daddy\AppData\Local\Temp\nseE648.exe
C:\Users\Daddy\AppData\Local\Temp\nseEA3F.exe
C:\Users\Daddy\AppData\Local\Temp\nshBB3A.exe
C:\Users\Daddy\AppData\Local\Temp\nsnF183.exe
C:\Users\Daddy\AppData\Local\Temp\nss595A.exe
C:\Users\Daddy\AppData\Local\Temp\nsx5C38.exe
C:\Users\Daddy\AppData\Local\Temp\nszBED7.exe
C:\Users\Daddy\AppData\Local\Temp\sonarinst.exe
C:\Users\Daddy\AppData\Local\Temp\SPSetup.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34012332.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34013515.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34014036.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34014716.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34015670.exe
C:\Users\Daddy\AppData\Local\Temp\tmp101d6250.exe
C:\Users\Daddy\AppData\Local\Temp\UpdateFlashPlayer_d67338fd.exe
C:\Users\Daddy\AppData\Local\Temp\utt7C3C.tmp.exe
C:\Users\Daddy\AppData\Local\Temp\{345C2D7F-B8B8-4156-8BA3-C36AC0B21119}.exe
C:\Users\Daddy\AppData\Local\Temp\{68CB2CC0-30D1-411C-A47A-8813A14F810E}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 18:29

==================== End Of Log ============================
         
--- --- ---

--- --- ---




Hier Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Daddy at 2014-09-20 00:39:50
Running from C:\Users\Daddy\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Actualização do Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0816-0000-0000000FF1CE}_PROHYBRIDR_{CCDE3C71-5F35-477F-BA90-1A399C91C10C}) (Version:  - Microsoft)
Actualização do Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0816-0000-0000000FF1CE}_PROHYBRIDR_{CF0BC77F-1B63-44BF-BCFE-3A8CBB9077D1}) (Version:  - Microsoft)
Actualização do Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0816-0000-0000000FF1CE}_PROHYBRIDR_{A1A8C49E-BB40-4852-853E-B5A1F6BB2A3C}) (Version:  - Microsoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0408-0000-0000000FF1CE}_PROHYBRIDR_{08A4BDB3-7A63-4F59-B9FA-EE80ADE88DC2}) (Version:  - Microsoft)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0408-0000-0000000FF1CE}_PROHYBRIDR_{C52A655D-F8AE-485D-908D-62CEC754B6A4}) (Version:  - Microsoft)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0408-0000-0000000FF1CE}_PROHYBRIDR_{054186C0-F351-472E-84E8-D5E16FA08241}) (Version:  - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.7 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.25 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3301 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.3301 - CyberLink Corp.) Hidden
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 2.0.36.1260 - eCareme Technologies, Inc.)
ASUS_N_Series_Screensaver (HKLM-x32\...\ASUS_N_Series_Screensaver) (Version:  - )
ATI Catalyst Install Manager (HKLM\...\{FEC0590D-D4DE-DB7C-C625-657FC30CF927}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0054 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0008 - ASUS)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1118.1260.23275 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help English (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help French (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help German (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
ccc-core-static (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
ccc-utility64 (Version: 2009.1118.1260.23275 - ATI) Hidden
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.4 - ASUS)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink MediaShow Espresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.0.0526 - CyberLink Corp.)
CyberLink MediaShow Espresso (x32 Version: 5.0.0526 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3509a - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3509a - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2311 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.2311 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Express Gate (HKLM-x32\...\{B5A5627C-0173-4DB2-ADA8-740479370F67}) (Version: 1.2.13.31 - DeviceVM, Inc.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.4 - ASUS)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.43.806 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.43.806 - DVDVideoSoft Ltd.)
Frontlines: Fuel of War (HKLM-x32\...\{C711E88C-9DC2-4254-A989-D6E017844DDF}) (Version: 1.3.0 - THQ)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
iTNC530 (340494) (HKLM-x32\...\{4E31D9A6-245B-41A6-949D-C7B029A703D2}) (Version:  - )
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.370 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM-x32\...\{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help §ó·sµ{¦¡ (KB963678) (HKLM-x32\...\{90120000-0016-0404-0000-0000000FF1CE}_PROHYBRIDR_{15EEA099-97F0-4952-8597-88472FF062D2}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office Excel MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM-x32\...\{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version:  - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM-x32\...\{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help §ó·sµ{¦¡ (KB963669) (HKLM-x32\...\{90120000-0018-0404-0000-0000000FF1CE}_PROHYBRIDR_{A7688131-70CB-4945-BAFA-11053AC34D75}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Russian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Chinese (Traditional)) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Dutch) 2007 (x32 Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Greek) 2007 (x32 Version: 12.0.4518.1029 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Hebrew) 2007 (x32 Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Portugal)) 2007 (x32 Version: 12.0.4518.1029 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Greek) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Hebrew) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM-x32\...\{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help §ó·sµ{¦¡ (KB963665) (HKLM-x32\...\{90120000-001B-0404-0000-0000000FF1CE}_PROHYBRIDR_{AD30F628-2AAE-43E0-A0D8-CDFA976E6A9E}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Office Word MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mini Ninjas (HKLM-x32\...\Steam App 35000) (Version:  - IO Interactive)
Mise à jour Microsoft Office Excel 2007 Help  (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version:  - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version:  - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version:  - Microsoft)
Mise à jour Microsoft Office Word 2007 Help  (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version:  - Microsoft)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040D-0000-0000000FF1CE}_PROHYBRIDR_{18E2D7BF-CC18-4CE8-B875-D2934B6086E2}) (Version:  - Microsoft)
òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040D-0000-0000000FF1CE}_PROHYBRIDR_{54B50AC9-2088-4F43-B39A-0F10F53D425E}) (Version:  - Microsoft)
òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040D-0000-0000000FF1CE}_PROHYBRIDR_{CAB664CE-BBA4-4A81-A358-6CC6F7852FC9}) (Version:  - Microsoft)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5995 - Realtek Semiconductor Corp.)
Skype™ 5.3 (HKLM-x32\...\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}) (Version: 5.3.120 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.2600 - SRS Labs, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Incredible Adventures of Van Helsing (HKLM-x32\...\Steam App 215530) (Version:  - NeocoreGames)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version:  - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version:  - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.14 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1479915848-3698468020-625273048-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1479915848-3698468020-625273048-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03FB7F63-5D99-48EC-9211-C4B530E13022} - System32\Tasks\{7CE09AFD-F27D-4CC6-95DF-6B78B6C0737A} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {04FDDD85-815E-4A9F-9C21-66FD7B9135FB} - System32\Tasks\{5320897F-DAD3-479F-967B-957E295E5F78} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {0E8B92FF-2344-42EC-940A-A7EAADFE2AEF} - System32\Tasks\{1AE9A9AA-F359-4C3E-866B-22EE2BD42932} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {13F69D18-EF62-4803-8651-40586B4AF5A7} - System32\Tasks\{7D0C89A6-220B-479A-9B1E-AAA3DEA304BB} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {1C88F5C9-CA1B-4280-9AFF-904574457AF7} - System32\Tasks\{49FBB1A9-7005-496A-B715-7D3962B5E024} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {24E7EF90-132F-4B78-BEFF-4D6B6ECF9D8E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {2B174B4D-076C-446E-B5F5-B04A6F260FFB} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {35EABD2C-7C07-479F-9063-85675E9143D8} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-09-24] ()
Task: {38D61FA6-8F8F-4193-B111-7FF1ADD77226} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {3A738DE0-C3D1-4241-AFEA-180513F73F1A} - System32\Tasks\{0D8E092B-7116-4886-BCAC-7627887EF2AA} => D:\instalProgramm\Heidenhein530\itnclaunch.EXE
Task: {3D66CA82-4A87-4BA3-9DEF-1A36F5CB9F02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {3E68CC0A-8389-407C-B4AC-E007F7B2ED9D} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-19] (ASUS)
Task: {410ED00F-F415-47D1-89C8-6E862CA00E54} - System32\Tasks\{6D6A9425-F02A-43D6-A553-C587497647D4} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {48969814-923F-43CF-80F3-CCFCF784B12A} - System32\Tasks\{36B9F202-3088-4A3E-8B26-47D0161CA57E} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {4BBE6869-0A00-42ED-8027-28BB3F043CBA} - System32\Tasks\{607FA0ED-22CE-403C-837B-D549F42090A1} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {4CC6320B-D55F-4294-9BA5-38DD55FD365D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: {4D323374-00EE-4734-B9C5-B47F71926DD1} - System32\Tasks\{494EE43C-A27A-43A0-937B-5B4EA1D6E8FB} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {4D77AADB-6644-4333-884A-4C1BD8148B14} - System32\Tasks\{E8DADE2A-5473-42C6-9344-14506B5983B5} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {4D8174D8-8C48-4798-989F-E1D11AC01D19} - System32\Tasks\{2F6A8821-B72B-4910-A57E-98FD5947BC08} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {4DAADFD2-C855-43BA-9B51-57E089636DA0} - System32\Tasks\{8CED5A9F-82EB-4418-BF6E-CDE2DDD8C6A7} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {52440FE5-978C-4486-AB75-1C9C65D646B8} - System32\Tasks\{26BB7E51-C4CD-4E48-B6FA-FB511AB151C0} => D:\Games\Age of Methology\Aomx_NoCD_Loader.exe
Task: {557CF159-390C-43F6-82BF-4187958A6CBA} - System32\Tasks\{05E31DAB-50C1-41BA-8954-7B04BA17DA5C} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {59D4328B-BBF7-43F0-A6C3-8BCA27D9FDF3} - System32\Tasks\{31B41EC3-EBA4-4626-B54E-3CA65FF1C52D} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {6007466A-A073-41AA-BB76-6D26ECBCFE1D} - System32\Tasks\{D1CBAB85-EC92-4A2F-88D2-6214CF46A01F} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {64AC7B93-F5F9-4A71-A314-219580DFE7CB} - System32\Tasks\{10FE5C06-6AA8-464C-BA26-83E0FD85E4E5} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {6645F1A3-4028-4450-8C64-3D1BF9334054} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-12-18] (TuneUp Software)
Task: {693B50B5-C49C-42A1-A042-82FF3398EBFB} - System32\Tasks\{641B5D20-6881-4819-ABA0-2AF5C8EEF11C} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {6986E9B5-4985-4AD4-9CB0-B7E80BF17FC3} - System32\Tasks\{DBBBD1E3-BA6A-4163-9960-C2EEA8A6C5DE} => D:\Programm\EXSLWINX\SERVER\START.EXE
Task: {69A7F967-803D-4AB2-A263-89732B0D8C26} - System32\Tasks\{A2A5F72B-9E61-46CF-B641-388450FFDB53} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {723429FF-39A4-4FCC-83C1-A616479148F0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000UA => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-23] (Google Inc.)
Task: {76043709-D083-422E-9BA2-8A796852F385} - System32\Tasks\{780431C9-23E9-42B6-B10B-A70599291CBA} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {89D93805-A4D1-4663-94B9-82BF919FEDE8} - System32\Tasks\{5B90A7D2-6D0B-4799-95A1-5B6E52C7B3E2} => D:\Programm\EXSLWINX\SERVER\START.EXE
Task: {8C2FAF10-77AF-419A-8A74-3AD966CEF703} - System32\Tasks\{30B3D042-F41F-480B-B11C-ECD101665044} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {98F2A7E1-597B-4D5F-ACB2-854E962E8140} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-11-07] (ATK)
Task: {99841740-F097-4D61-9AA2-41D408664D9E} - System32\Tasks\{CEC6E2F5-3C23-408B-8FDA-34C16D2C1360} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {9C1B9D41-825A-4463-9B4A-E92FCF7A3B01} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000Core => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-23] (Google Inc.)
Task: {9C7C43D9-0E96-43A4-B5D5-B3AA584B9198} - System32\Tasks\{E15888B0-8F1E-401D-8144-7695B9325BB1} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {9D09A5CD-6EDE-4382-B28B-B20A143FC65C} - System32\Tasks\{AEF5FBFA-CA52-472B-97E8-FC5E6893A756} => D:\instalProgramm\Heidenhein530\itnclaunch.EXE
Task: {A1BF1D2D-CE47-44D1-8DDE-CD553F10EE05} - System32\Tasks\{C470D71A-3519-44CC-8066-96A3224D308E} => D:\instalProgramm\Heidenhein530\itnclaunch.EXE
Task: {A7E7B620-CF25-4105-B18A-150A375953AB} - System32\Tasks\{A471E529-3D65-470F-A463-15758124F143} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {A838D148-7567-4012-8743-4C1D662C41FC} - System32\Tasks\{C1AEC165-46AE-4B9C-9958-22D272FEEEBA} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {ABE662F0-C969-4F59-8AA2-B909D95D9164} - System32\Tasks\Google Updater and Installer => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-23] (Google Inc.)
Task: {AC8B95FD-2D22-4C72-B2A7-A77E3ECD7DDB} - System32\Tasks\{191E7276-23ED-4C67-AA4A-F9709B102C0D} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {AD1F90BA-DCBD-4966-B2DE-93E38E056838} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {BB64D2E1-448B-41C7-B8FB-0398FC9CAA75} - System32\Tasks\{0A888769-12DB-4EDC-B5CF-C7B84D527FD8} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2011-06-15] (Skype Technologies S.A.)
Task: {BFECEE00-AD3A-4442-92BA-B336336BB48D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C6C0B8E9-F5E7-43FF-B751-92AB33C7F2DE} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-11-12] ()
Task: {C7422ED8-20DF-4F40-A594-067CF0BB1D02} - System32\Tasks\{EAD94CDE-E99A-4441-B7C2-AA0B19937CF4} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {C88308E3-4169-4D5D-90FF-F5D2364283F6} - System32\Tasks\{3996EB8C-5DA5-485D-A362-565DF638AE5E} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {CB0ABD3C-5877-4E19-9AF2-4FB2F25CAF0D} - System32\Tasks\{6A84EC5D-5E30-4604-85AD-0EAFE37B72D8} => D:\Programm\EXSLWINX\SERVER\START.EXE
Task: {DF9DBF63-6458-48E0-BDB6-7BF35EDED54F} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: {E05C4D93-54E1-41C4-A1A3-5D99D3F03214} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-09-23] (TODO: <Company name>)
Task: {E2AA4FCA-1D4A-4E43-814B-56125941B55F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {E69B5094-F91A-4C39-9FF5-3F25F3B02769} - System32\Tasks\{8ED09C41-6258-4FDC-9E23-6E45C6443E07} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {E835947D-E6BE-4B23-808A-7B84619EA857} - System32\Tasks\{EB22B261-09C8-4C69-8061-4AE6DDB547A8} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {EB759989-8844-4458-A7AE-093099D2F2ED} - System32\Tasks\{B35B384D-FDDD-4B70-BB1C-E912892B2508} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {EF3022F0-A857-43AD-97DB-00C3E68E701D} - System32\Tasks\{781FFB95-89B9-4A06-A967-37A5976C7996} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {EF9EF285-EC84-434B-BC50-95865B04468F} - System32\Tasks\{EA16595C-E528-47A7-A9C3-A881B326746E} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {F2336DD4-0215-469C-AFA3-77F9C21E1313} - System32\Tasks\{757B5A5A-7444-4C4D-93BE-13B1150C89B0} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {F2D80A1C-C4FA-4E95-B6BE-8DF344F8919F} - System32\Tasks\{4568D84C-4507-4470-BA3B-3FB391088878} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {F43044BA-EF13-41E3-8C4A-42E7B72A62EE} - System32\Tasks\{3139785A-5976-4507-AA87-8D61079CFDA2} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {FEF12DE6-41FD-4FCD-B53B-54AD8E39FC7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000Core.job => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000UA.job => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-09 01:48 - 2007-08-08 10:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2009-09-24 23:50 - 2009-09-24 23:50 - 00053888 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2008-10-01 09:02 - 2008-10-01 09:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-01-09 01:48 - 2007-11-30 21:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2009-11-27 07:29 - 2009-11-27 07:29 - 00148752 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2010-01-09 01:22 - 2010-01-09 01:22 - 00029968 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3617.20553__0d0f4b69e50e559b\SqliteShared.dll
2010-01-09 01:22 - 2010-01-09 01:22 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2011-12-30 01:12 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2009-11-12 20:10 - 2009-11-12 20:10 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2010-01-23 21:00 - 2013-11-01 18:46 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-10-23 23:40 - 2009-10-23 23:40 - 00041984 _____ () C:\Program Files\P4G\DevMng.dll
2009-09-11 22:27 - 2009-09-11 22:27 - 00029184 _____ () C:\Program Files\P4G\OvrClk.dll
2010-01-09 01:48 - 2007-03-10 04:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll
2013-12-18 11:01 - 2013-12-18 11:01 - 00742200 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2008-10-23 20:21 - 2008-10-23 20:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-01-09 01:41 - 2010-01-09 01:41 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2009-11-03 00:20 - 2009-11-03 00:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-03 00:23 - 2009-11-03 00:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-02-22 19:22 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Daddy\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:734E442A
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:B88E99C8

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\60155534.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\70804624.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\60155534.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\70804624.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk => C:\Windows\pss\SRS Premium Sound.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EeeStorageBackup => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe MySyncFolder
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0"
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: UfSeAgnt.exe => "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/19/2014 10:13:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rstrui.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc50f
Name des fehlerhaften Moduls: rstrui.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc50f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001d4d9
ID des fehlerhaften Prozesses: 0x129c
Startzeit der fehlerhaften Anwendung: 0xrstrui.exe0
Pfad der fehlerhaften Anwendung: rstrui.exe1
Pfad des fehlerhaften Moduls: rstrui.exe2
Berichtskennung: rstrui.exe3

Error: (09/19/2014 10:04:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rstrui.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc50f
Name des fehlerhaften Moduls: rstrui.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc50f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001d4d9
ID des fehlerhaften Prozesses: 0x2b4
Startzeit der fehlerhaften Anwendung: 0xrstrui.exe0
Pfad der fehlerhaften Anwendung: rstrui.exe1
Pfad des fehlerhaften Moduls: rstrui.exe2
Berichtskennung: rstrui.exe3

Error: (09/19/2014 09:16:41 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000154,0x0053c06c,00000000002B12C0,0,00000000002B02B0,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.


Vorgang:
   Ein Vergleichsbereichvolume wird automatisch ausgewählt
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (09/19/2014 09:16:34 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000178,0x0053c06c,00000000002AD2C0,0,00000000002AC2B0,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.


Vorgang:
   Ein Vergleichsbereichvolume wird automatisch ausgewählt
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (09/19/2014 09:16:34 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000144,0x0053c06c,00000000002AD2C0,0,00000000002AC2B0,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.


Vorgang:
   Ein Vergleichsbereichvolume wird automatisch ausgewählt
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (09/19/2014 09:16:34 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000154,0x0053c06c,00000000002AC2B0,0,00000000000EEE90,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.


Vorgang:
   Ein Vergleichsbereichvolume wird automatisch ausgewählt
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (09/19/2014 09:16:21 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000178,0x0053c06c,00000000002AC2B0,0,00000000000EEE90,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.


Vorgang:
   Ein Vergleichsbereichvolume wird automatisch ausgewählt
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (09/19/2014 09:16:21 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000144,0x0053c06c,00000000002AA2B0,0,00000000000EE690,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.


Vorgang:
   Ein Vergleichsbereichvolume wird automatisch ausgewählt
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (09/19/2014 09:16:21 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000154,0x0053c06c,00000000002AA2B0,0,00000000000EE690,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.


Vorgang:
   Ein Vergleichsbereichvolume wird automatisch ausgewählt
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (09/19/2014 09:15:25 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000154,0x0053c06c,00000000000EEEA0,0,00000000000EDE90,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.


Vorgang:
   Ein Vergleichsbereichvolume wird automatisch ausgewählt
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider


System errors:
=============
Error: (09/20/2014 00:24:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Browser erreicht.

Error: (09/20/2014 00:05:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/20/2014 00:04:24 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎19.‎09.‎2014 um 23:55:28 unerwartet heruntergefahren.

Error: (09/19/2014 11:54:39 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000124 (0x0000000000000004, 0xfffffa8004bb3038, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP091914-22978-01

Error: (09/19/2014 11:54:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎19.‎09.‎2014 um 23:53:26 unerwartet heruntergefahren.

Error: (09/19/2014 11:20:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/19/2014 11:19:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎19.‎09.‎2014 um 23:18:32 unerwartet heruntergefahren.

Error: (09/19/2014 10:32:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/19/2014 10:32:06 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (09/19/2014 10:31:00 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-10 21:35:19.276
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-10 21:35:19.229
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-10 21:28:51.039
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-10 21:28:50.930
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 32%
Total physical RAM: 4020.53 MB
Available physical RAM: 2726.9 MB
Total Pagefile: 8039.2 MB
Available Pagefile: 6354.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:2.2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:334.67 GB) (Free:97.89 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=334.7 GB) - (Type=OF Extended)

==================== End Of Log ============================
         
__________________

Alt 20.09.2014, 00:49   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Boo/Cidox.b - Standard

Boo/Cidox.b



Neues Log vom TDSS-Killer nach dem Fix?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.09.2014, 00:51   #5
Mr.dub
 
Boo/Cidox.b - Standard

Boo/Cidox.b



Hier waren 2 die ich kenne also Programme die auch Vorinstalliert waren.
Trotzdem löschen ?

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver

die beiden kenne ich, kann es sein das sich da auch Viren Rein geschlichen haben ?
sind halt UnsignedFile, aber erst nachdem ich Denn Boo/Cidox.b gelöscht hatte.

*Edit habs eben nochmal drüber laufen lassen und es zeigt sie mir nicht mehr als Meldung an (davor skipped gemacht), beim ersten durchlaufen waren ca. 4-5 Funde die ich dann auch gelöscht habe.

*Edit2 Wahrscheinlich ist es "weg", davor hat sich immer der Internet Explorer (Benutze Chrome) Prozess geöffnet mehr Mals (6-7 stück) und ging bis zu 400.000k Arbeitsspeicher beim schließen dieser Prozesse öffneten sie sich wieder, nach einer gewissen zeit, ca.30min folgte ein Bluescreen.

Code:
ATTFilter
00:53:34.0403 0x0308  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
00:53:36.0777 0x0308  ============================================================
00:53:36.0777 0x0308  Current date / time: 2014/09/20 00:53:36.0777
00:53:36.0777 0x0308  SystemInfo:
00:53:36.0777 0x0308  
00:53:36.0777 0x0308  OS Version: 6.1.7600 ServicePack: 0.0
00:53:36.0778 0x0308  Product type: Workstation
00:53:36.0778 0x0308  ComputerName: DADDY-PC
00:53:36.0778 0x0308  UserName: Daddy
00:53:36.0778 0x0308  Windows directory: C:\Windows
00:53:36.0778 0x0308  System windows directory: C:\Windows
00:53:36.0778 0x0308  Running under WOW64
00:53:36.0778 0x0308  Processor architecture: Intel x64
00:53:36.0778 0x0308  Number of processors: 8
00:53:36.0778 0x0308  Page size: 0x1000
00:53:36.0778 0x0308  Boot type: Normal boot
00:53:36.0778 0x0308  ============================================================
00:53:36.0779 0x0308  BG loaded
00:53:37.0044 0x0308  System UUID: {629A7401-2B25-ED3A-3834-D3C84A959886}
00:53:37.0482 0x0308  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:53:37.0492 0x0308  ============================================================
00:53:37.0492 0x0308  \Device\Harddisk0\DR0:
00:53:37.0493 0x0308  MBR partitions:
00:53:37.0493 0x0308  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4B178, BlocksNum 0xE8E0360
00:53:37.0524 0x0308  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1062B517, BlocksNum 0x29D5972A
00:53:37.0524 0x0308  ============================================================
00:53:37.0556 0x0308  C: <-> \Device\Harddisk0\DR0\Partition1
00:53:37.0587 0x0308  D: <-> \Device\Harddisk0\DR0\Partition2
00:53:37.0587 0x0308  ============================================================
00:53:37.0587 0x0308  Initialize success
00:53:37.0587 0x0308  ============================================================
00:53:41.0767 0x0c2c  ============================================================
00:53:41.0767 0x0c2c  Scan started
00:53:41.0768 0x0c2c  Mode: Manual; SigCheck; TDLFS; 
00:53:41.0768 0x0c2c  ============================================================
00:53:41.0768 0x0c2c  KSN ping started
00:53:44.0230 0x0c2c  KSN ping finished: true
00:53:45.0502 0x0c2c  ================ Scan system memory ========================
00:53:45.0502 0x0c2c  System memory - ok
00:53:45.0502 0x0c2c  ================ Scan services =============================
00:53:45.0732 0x0c2c  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
00:53:45.0789 0x0c2c  1394ohci - ok
00:53:45.0833 0x0c2c  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
00:53:45.0851 0x0c2c  ACPI - ok
00:53:45.0869 0x0c2c  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
00:53:45.0883 0x0c2c  AcpiPmi - ok
00:53:46.0064 0x0c2c  [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:53:46.0081 0x0c2c  AdobeFlashPlayerUpdateSvc - ok
00:53:46.0152 0x0c2c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
00:53:46.0173 0x0c2c  adp94xx - ok
00:53:46.0226 0x0c2c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
00:53:46.0244 0x0c2c  adpahci - ok
00:53:46.0268 0x0c2c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
00:53:46.0282 0x0c2c  adpu320 - ok
00:53:46.0314 0x0c2c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:53:46.0346 0x0c2c  AeLookupSvc - ok
00:53:46.0404 0x0c2c  [ FB2BE0BAE9B3F248080CDBF91EF16C7F, 1ED963A18E4D0531FA42832E40B038BB4B9D8EB04DA4D4FE69A4C284958A2CDD ] AFBAgent        C:\Windows\system32\FBAgent.exe
00:53:46.0519 0x0c2c  AFBAgent - ok
00:53:46.0585 0x0c2c  [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD             C:\Windows\system32\drivers\afd.sys
00:53:46.0623 0x0c2c  AFD - ok
00:53:46.0647 0x0c2c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
00:53:46.0658 0x0c2c  agp440 - ok
00:53:46.0681 0x0c2c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
00:53:46.0695 0x0c2c  ALG - ok
00:53:46.0728 0x0c2c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
00:53:46.0738 0x0c2c  aliide - ok
00:53:46.0781 0x0c2c  [ 5989D711769200F0F3E145319250472B, 2740032FB3F92DAE5D5AA8D242AFAE79278E95E77F8FA236741320F4696F46FC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:53:46.0800 0x0c2c  AMD External Events Utility - ok
00:53:46.0823 0x0c2c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
00:53:46.0834 0x0c2c  amdide - ok
00:53:46.0859 0x0c2c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
00:53:46.0873 0x0c2c  AmdK8 - ok
00:53:46.0884 0x0c2c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
00:53:46.0897 0x0c2c  AmdPPM - ok
00:53:46.0936 0x0c2c  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata         C:\Windows\system32\drivers\amdsata.sys
00:53:46.0950 0x0c2c  amdsata - ok
00:53:46.0991 0x0c2c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
00:53:47.0004 0x0c2c  amdsbs - ok
00:53:47.0017 0x0c2c  [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata         C:\Windows\system32\drivers\amdxata.sys
00:53:47.0028 0x0c2c  amdxata - ok
00:53:47.0075 0x0c2c  [ 9C7F164B49CADC658D1B3C575782F346, 7C5FD203735041B6AEB2E551A63CE5F46DB41044BC72E7E77A72F316197C80DA ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
00:53:47.0087 0x0c2c  AmUStor - ok
00:53:47.0218 0x0c2c  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
00:53:47.0235 0x0c2c  AntiVirSchedulerService - ok
00:53:47.0279 0x0c2c  [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
00:53:47.0294 0x0c2c  AntiVirService - ok
00:53:47.0347 0x0c2c  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
00:53:47.0365 0x0c2c  AppID - ok
00:53:47.0382 0x0c2c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
00:53:47.0413 0x0c2c  AppIDSvc - ok
00:53:47.0446 0x0c2c  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
00:53:47.0461 0x0c2c  Appinfo - ok
00:53:47.0480 0x0c2c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
00:53:47.0492 0x0c2c  arc - ok
00:53:47.0524 0x0c2c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
00:53:47.0536 0x0c2c  arcsas - ok
00:53:47.0608 0x0c2c  [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
00:53:47.0620 0x0c2c  ASLDRService - ok
00:53:47.0671 0x0c2c  [ 2DB34EDD17D3A8DA7105A19C95A3DD68, 5F76C140118B181427969237E364FD70B14FA36533061FD4D8EB2F4751706739 ] ASMMAP64        C:\Program Files\ATKGFNEX\ASMMAP64.sys
00:53:47.0680 0x0c2c  ASMMAP64 - ok
00:53:47.0786 0x0c2c  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:53:47.0801 0x0c2c  aspnet_state - ok
00:53:47.0826 0x0c2c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:53:47.0856 0x0c2c  AsyncMac - ok
00:53:47.0920 0x0c2c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
00:53:47.0931 0x0c2c  atapi - ok
00:53:48.0003 0x0c2c  [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr            C:\Windows\system32\DRIVERS\athrx.sys
00:53:48.0102 0x0c2c  athr - ok
00:53:48.0176 0x0c2c  [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
00:53:48.0187 0x0c2c  AtiHdmiService - ok
00:53:48.0425 0x0c2c  [ B5FB227A09A9EC28163FA4B45487C3C7, DD290CEC3AFBB8E74F1F113A792239B009CBFCE8ED5A816AE8393164BB0535A8 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
00:53:48.0711 0x0c2c  atikmdag - ok
00:53:48.0746 0x0c2c  [ 7C157574A181B19B9DCF5F339E25337E, 7CA78363CD420BFE4BFE9A38683CA9E31023AC573D9092666CDAEE6AF4998B60 ] ATKGFNEXSrv     C:\Program Files\ATKGFNEX\GFNEXSrv.exe
00:53:48.0752 0x0c2c  ATKGFNEXSrv - detected UnsignedFile.Multi.Generic ( 1 )
00:53:51.0123 0x0c2c  Detect skipped due to KSN trusted
00:53:51.0123 0x0c2c  ATKGFNEXSrv - ok
00:53:51.0248 0x0c2c  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
00:53:51.0269 0x0c2c  atksgt - ok
00:53:51.0313 0x0c2c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:53:51.0363 0x0c2c  AudioEndpointBuilder - ok
00:53:51.0402 0x0c2c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
00:53:51.0458 0x0c2c  AudioSrv - ok
00:53:51.0481 0x0c2c  [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
00:53:51.0494 0x0c2c  avgntflt - ok
00:53:51.0544 0x0c2c  [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
00:53:51.0558 0x0c2c  avipbb - ok
00:53:51.0624 0x0c2c  [ 05ABC09DC0DFA5DF79A0BB39F60636B7, FEDE900D991F1FB40BA0A44E05181A6A506DC8B5F365E78E523CB6DF2CDACC15 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
00:53:51.0635 0x0c2c  Avira.OE.ServiceHost - ok
00:53:51.0661 0x0c2c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
00:53:51.0673 0x0c2c  avkmgr - ok
00:53:51.0707 0x0c2c  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
00:53:51.0725 0x0c2c  AxInstSV - ok
00:53:51.0780 0x0c2c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
00:53:51.0805 0x0c2c  b06bdrv - ok
00:53:51.0842 0x0c2c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
00:53:51.0863 0x0c2c  b57nd60a - ok
00:53:51.0905 0x0c2c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
00:53:51.0921 0x0c2c  BDESVC - ok
00:53:51.0938 0x0c2c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:53:51.0969 0x0c2c  Beep - ok
00:53:52.0016 0x0c2c  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
00:53:52.0062 0x0c2c  BFE - ok
00:53:52.0117 0x0c2c  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll
00:53:52.0170 0x0c2c  BITS - ok
00:53:52.0201 0x0c2c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
00:53:52.0217 0x0c2c  blbdrive - ok
00:53:52.0269 0x0c2c  [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:53:52.0285 0x0c2c  bowser - ok
00:53:52.0304 0x0c2c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:53:52.0321 0x0c2c  BrFiltLo - ok
00:53:52.0337 0x0c2c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:53:52.0351 0x0c2c  BrFiltUp - ok
00:53:52.0382 0x0c2c  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll
00:53:52.0416 0x0c2c  Browser - ok
00:53:52.0440 0x0c2c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
00:53:52.0461 0x0c2c  Brserid - ok
00:53:52.0484 0x0c2c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
00:53:52.0500 0x0c2c  BrSerWdm - ok
00:53:52.0517 0x0c2c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
00:53:52.0531 0x0c2c  BrUsbMdm - ok
00:53:52.0547 0x0c2c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
00:53:52.0560 0x0c2c  BrUsbSer - ok
00:53:52.0628 0x0c2c  [ 3B6429C5B11408EF11EFEEE8C0F0682A, 2FC87B91122DC265B4CC2CFE58261DA604C89600F2683AB5294004C721127098 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
00:53:52.0647 0x0c2c  BstHdAndroidSvc - ok
00:53:52.0701 0x0c2c  [ 75EEDB477B68CF35D82F0654266053CE, E7A7F4E4781BE97603A0F08535D2EB247A1304B15EF7BAD748E63246AFFEFF35 ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
00:53:52.0715 0x0c2c  BstHdDrv - ok
00:53:52.0740 0x0c2c  [ 1DC18C9E1B4984389783E4F9DFC61AB1, 0F32EE280F5B9E0065A7AACED3D64373EC3BFC366906606A644AD0D4AD08E61C ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
00:53:52.0758 0x0c2c  BstHdLogRotatorSvc - ok
00:53:52.0784 0x0c2c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
00:53:52.0800 0x0c2c  BTHMODEM - ok
00:53:52.0847 0x0c2c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
00:53:52.0878 0x0c2c  bthserv - ok
00:53:52.0912 0x0c2c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:53:52.0947 0x0c2c  cdfs - ok
00:53:52.0986 0x0c2c  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
00:53:53.0005 0x0c2c  cdrom - ok
00:53:53.0043 0x0c2c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
00:53:53.0078 0x0c2c  CertPropSvc - ok
00:53:53.0111 0x0c2c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
00:53:53.0125 0x0c2c  circlass - ok
00:53:53.0148 0x0c2c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
00:53:53.0167 0x0c2c  CLFS - ok
00:53:53.0221 0x0c2c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:53:53.0233 0x0c2c  clr_optimization_v2.0.50727_32 - ok
00:53:53.0265 0x0c2c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:53:53.0276 0x0c2c  clr_optimization_v2.0.50727_64 - ok
00:53:53.0366 0x0c2c  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:53:53.0382 0x0c2c  clr_optimization_v4.0.30319_32 - ok
00:53:53.0392 0x0c2c  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:53:53.0407 0x0c2c  clr_optimization_v4.0.30319_64 - ok
00:53:53.0446 0x0c2c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
00:53:53.0458 0x0c2c  CmBatt - ok
00:53:53.0479 0x0c2c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
00:53:53.0489 0x0c2c  cmdide - ok
00:53:53.0535 0x0c2c  [ 937BEB186A735ACA91D717044A49D17E, 3A2BF72670C94D1A7656289F5284F082AB089C96D451F8C5CD9D0211064D3FB1 ] CNG             C:\Windows\system32\Drivers\cng.sys
00:53:53.0561 0x0c2c  CNG - ok
00:53:53.0577 0x0c2c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
00:53:53.0588 0x0c2c  Compbatt - ok
00:53:53.0613 0x0c2c  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
00:53:53.0630 0x0c2c  CompositeBus - ok
00:53:53.0641 0x0c2c  COMSysApp - ok
00:53:53.0654 0x0c2c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
00:53:53.0664 0x0c2c  crcdisk - ok
00:53:53.0707 0x0c2c  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:53:53.0743 0x0c2c  CryptSvc - ok
00:53:53.0782 0x0c2c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:53:53.0835 0x0c2c  DcomLaunch - ok
00:53:53.0877 0x0c2c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
00:53:53.0916 0x0c2c  defragsvc - ok
00:53:53.0982 0x0c2c  [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:53:53.0999 0x0c2c  DfsC - ok
00:53:54.0038 0x0c2c  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
00:53:54.0061 0x0c2c  Dhcp - ok
00:53:54.0093 0x0c2c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
00:53:54.0124 0x0c2c  discache - ok
00:53:54.0165 0x0c2c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
00:53:54.0176 0x0c2c  Disk - ok
00:53:54.0211 0x0c2c  [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:53:54.0228 0x0c2c  Dnscache - ok
00:53:54.0265 0x0c2c  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
00:53:54.0306 0x0c2c  dot3svc - ok
00:53:54.0343 0x0c2c  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
00:53:54.0381 0x0c2c  DPS - ok
00:53:54.0416 0x0c2c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:53:54.0430 0x0c2c  drmkaud - ok
00:53:54.0480 0x0c2c  [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:53:54.0541 0x0c2c  DXGKrnl - ok
00:53:54.0570 0x0c2c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
00:53:54.0603 0x0c2c  EapHost - ok
00:53:54.0730 0x0c2c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
00:53:54.0840 0x0c2c  ebdrv - ok
00:53:54.0878 0x0c2c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS             C:\Windows\System32\lsass.exe
00:53:54.0892 0x0c2c  EFS - ok
00:53:54.0968 0x0c2c  [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:53:54.0997 0x0c2c  ehRecvr - ok
00:53:55.0026 0x0c2c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
00:53:55.0044 0x0c2c  ehSched - ok
00:53:55.0100 0x0c2c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
00:53:55.0123 0x0c2c  elxstor - ok
00:53:55.0155 0x0c2c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
00:53:55.0168 0x0c2c  ErrDev - ok
00:53:55.0240 0x0c2c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
00:53:55.0280 0x0c2c  EventSystem - ok
00:53:55.0323 0x0c2c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
00:53:55.0361 0x0c2c  exfat - ok
00:53:55.0385 0x0c2c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:53:55.0425 0x0c2c  fastfat - ok
00:53:55.0488 0x0c2c  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
00:53:55.0520 0x0c2c  Fax - ok
00:53:55.0544 0x0c2c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
00:53:55.0555 0x0c2c  fdc - ok
00:53:55.0589 0x0c2c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
00:53:55.0621 0x0c2c  fdPHost - ok
00:53:55.0635 0x0c2c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:53:55.0669 0x0c2c  FDResPub - ok
00:53:55.0702 0x0c2c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:53:55.0715 0x0c2c  FileInfo - ok
00:53:55.0731 0x0c2c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:53:55.0817 0x0c2c  Filetrace - ok
00:53:55.0840 0x0c2c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
00:53:55.0874 0x0c2c  flpydisk - ok
00:53:55.0929 0x0c2c  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:53:55.0969 0x0c2c  FltMgr - ok
00:53:56.0054 0x0c2c  [ CB5E4B9C319E3C6BB363EB7E58A4A051, C9DCF2C2A6AFE0A0F3E23A265843D0C423C08B2E54702C5B389CF293D9A6BAC5 ] FontCache       C:\Windows\system32\FntCache.dll
00:53:56.0117 0x0c2c  FontCache - ok
00:53:56.0166 0x0c2c  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:53:56.0178 0x0c2c  FontCache3.0.0.0 - ok
00:53:56.0191 0x0c2c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
00:53:56.0208 0x0c2c  FsDepends - ok
00:53:56.0273 0x0c2c  [ 8DE1B4F579F8F8897409856F3BB7A7D2, F6F6B2450951E875C3C236F7798F960FD4433EE6B0C57132CB3D32126BEE34E0 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
00:53:56.0292 0x0c2c  fssfltr - ok
00:53:56.0397 0x0c2c  [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
00:53:56.0484 0x0c2c  fsssvc - ok
00:53:56.0521 0x0c2c  [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:53:56.0541 0x0c2c  Fs_Rec - ok
00:53:56.0579 0x0c2c  [ AE87BA80D0EC3B57126ED2CDC15B24ED, 7E0EA3CDB78054D9A4E3B5142305943F2914536D80B8FC363414C8838D51D56C ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
00:53:56.0602 0x0c2c  fvevol - ok
00:53:56.0643 0x0c2c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
00:53:56.0655 0x0c2c  gagp30kx - ok
00:53:56.0703 0x0c2c  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
00:53:56.0756 0x0c2c  gpsvc - ok
00:53:56.0841 0x0c2c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:53:56.0852 0x0c2c  gupdate - ok
00:53:56.0896 0x0c2c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:53:56.0905 0x0c2c  gupdatem - ok
00:53:56.0934 0x0c2c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
00:53:56.0947 0x0c2c  hcw85cir - ok
00:53:56.0983 0x0c2c  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:53:57.0007 0x0c2c  HdAudAddService - ok
00:53:57.0033 0x0c2c  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
00:53:57.0051 0x0c2c  HDAudBus - ok
00:53:57.0069 0x0c2c  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
00:53:57.0079 0x0c2c  HECIx64 - ok
00:53:57.0095 0x0c2c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
00:53:57.0110 0x0c2c  HidBatt - ok
00:53:57.0122 0x0c2c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
00:53:57.0140 0x0c2c  HidBth - ok
00:53:57.0164 0x0c2c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
00:53:57.0180 0x0c2c  HidIr - ok
00:53:57.0208 0x0c2c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
00:53:57.0241 0x0c2c  hidserv - ok
00:53:57.0290 0x0c2c  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
00:53:57.0304 0x0c2c  HidUsb - ok
00:53:57.0335 0x0c2c  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:53:57.0369 0x0c2c  hkmsvc - ok
00:53:57.0395 0x0c2c  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:53:57.0414 0x0c2c  HomeGroupListener - ok
00:53:57.0439 0x0c2c  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:53:57.0457 0x0c2c  HomeGroupProvider - ok
00:53:57.0502 0x0c2c  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
00:53:57.0514 0x0c2c  HpSAMD - ok
00:53:57.0567 0x0c2c  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:53:57.0634 0x0c2c  HTTP - ok
00:53:57.0652 0x0c2c  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
00:53:57.0661 0x0c2c  hwpolicy - ok
00:53:57.0688 0x0c2c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
00:53:57.0705 0x0c2c  i8042prt - ok
00:53:57.0730 0x0c2c  [ BBB3B6DF1ABB0FE35802EDE85CC1C011, 6E1FA8519A7D417969244E807D2863B39656169A925966045036A989A5EB611D ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
00:53:57.0748 0x0c2c  iaStor - ok
00:53:57.0783 0x0c2c  [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
00:53:57.0802 0x0c2c  iaStorV - ok
00:53:57.0871 0x0c2c  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:53:57.0898 0x0c2c  idsvc - ok
00:53:57.0934 0x0c2c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
00:53:57.0949 0x0c2c  iirsp - ok
00:53:58.0042 0x0c2c  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
00:53:58.0111 0x0c2c  IKEEXT - ok
00:53:58.0231 0x0c2c  [ DCF6AFBA140AF3F880A427C2656BE44D, 8D97B9E5B35106BA74253F3DCC5672F08C7112F56E2BA882A3BBB0D7102F965C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:53:58.0349 0x0c2c  IntcAzAudAddService - ok
00:53:58.0386 0x0c2c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
00:53:58.0399 0x0c2c  intelide - ok
00:53:58.0422 0x0c2c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
00:53:58.0438 0x0c2c  intelppm - ok
00:53:58.0501 0x0c2c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:53:58.0545 0x0c2c  IPBusEnum - ok
00:53:58.0573 0x0c2c  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:53:58.0615 0x0c2c  IpFilterDriver - ok
00:53:58.0678 0x0c2c  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:53:58.0740 0x0c2c  iphlpsvc - ok
00:53:58.0792 0x0c2c  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
00:53:58.0808 0x0c2c  IPMIDRV - ok
00:53:58.0828 0x0c2c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
00:53:58.0873 0x0c2c  IPNAT - ok
00:53:58.0916 0x0c2c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:53:58.0937 0x0c2c  IRENUM - ok
00:53:58.0949 0x0c2c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
00:53:58.0959 0x0c2c  isapnp - ok
00:53:58.0977 0x0c2c  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
00:53:58.0991 0x0c2c  iScsiPrt - ok
00:53:59.0020 0x0c2c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
00:53:59.0033 0x0c2c  kbdclass - ok
00:53:59.0050 0x0c2c  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
00:53:59.0064 0x0c2c  kbdhid - ok
00:53:59.0096 0x0c2c  [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
00:53:59.0105 0x0c2c  kbfiltr - ok
00:53:59.0137 0x0c2c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso          C:\Windows\system32\lsass.exe
00:53:59.0150 0x0c2c  KeyIso - ok
00:53:59.0167 0x0c2c  [ 16C1B906FC5EAD84769F90B736B6BF0E, 2FD11B1A6C208CBA4FB97DB2E48B9A487C7649B1FCF5F761B2A0E4D6A02E61EC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:53:59.0179 0x0c2c  KSecDD - ok
00:53:59.0204 0x0c2c  [ 0B711550C56444879D71C7DAABDA6C83, A598E0817B0B943457068AD196FD5C9DB9C4135C9901B9B6EAFD1D3B3F4F0E2F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
00:53:59.0217 0x0c2c  KSecPkg - ok
00:53:59.0247 0x0c2c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
00:53:59.0280 0x0c2c  ksthunk - ok
00:53:59.0317 0x0c2c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:53:59.0357 0x0c2c  KtmRm - ok
00:53:59.0392 0x0c2c  [ B4A3A05B0F9C81D098B96AB6AA915042, 76A63A00926E8ADE44994CEE282B086A2F5573430874AC60A6CFE0F80D5CCE9A ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
00:53:59.0406 0x0c2c  L1C - ok
00:53:59.0447 0x0c2c  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\system32\srvsvc.dll
00:53:59.0467 0x0c2c  LanmanServer - ok
00:53:59.0486 0x0c2c  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:53:59.0520 0x0c2c  LanmanWorkstation - ok
00:53:59.0591 0x0c2c  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
00:53:59.0602 0x0c2c  lirsgt - ok
00:53:59.0625 0x0c2c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:53:59.0658 0x0c2c  lltdio - ok
00:53:59.0675 0x0c2c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:53:59.0711 0x0c2c  lltdsvc - ok
00:53:59.0738 0x0c2c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:53:59.0768 0x0c2c  lmhosts - ok
00:53:59.0793 0x0c2c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
00:53:59.0808 0x0c2c  LSI_FC - ok
00:53:59.0821 0x0c2c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
00:53:59.0833 0x0c2c  LSI_SAS - ok
00:53:59.0851 0x0c2c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:53:59.0863 0x0c2c  LSI_SAS2 - ok
00:53:59.0900 0x0c2c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:53:59.0913 0x0c2c  LSI_SCSI - ok
00:53:59.0930 0x0c2c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
00:53:59.0967 0x0c2c  luafv - ok
00:53:59.0985 0x0c2c  [ 085435AE1A124361304044029B5CC644, FEEDB68A3A31B31DD2550591E220A25FCAA8EF1A4BC87EA2750E73E2BE56848D ] lullaby         C:\Windows\system32\DRIVERS\lullaby.sys
00:53:59.0995 0x0c2c  lullaby - ok
00:54:00.0022 0x0c2c  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:54:00.0038 0x0c2c  Mcx2Svc - ok
00:54:00.0059 0x0c2c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
00:54:00.0073 0x0c2c  megasas - ok
00:54:00.0116 0x0c2c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
00:54:00.0134 0x0c2c  MegaSR - ok
00:54:00.0176 0x0c2c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
00:54:00.0208 0x0c2c  MMCSS - ok
00:54:00.0249 0x0c2c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
00:54:00.0280 0x0c2c  Modem - ok
00:54:00.0295 0x0c2c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:54:00.0308 0x0c2c  monitor - ok
00:54:00.0329 0x0c2c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
00:54:00.0340 0x0c2c  mouclass - ok
00:54:00.0347 0x0c2c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
00:54:00.0359 0x0c2c  mouhid - ok
00:54:00.0382 0x0c2c  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
00:54:00.0394 0x0c2c  mountmgr - ok
00:54:00.0486 0x0c2c  [ F60E017313E0F1EEB21D87C434CF538D, 5418A716AD23E21FFF7CDACD0C4EF2CD7F1D45E391E72196B4D036DBF9E9559C ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:54:00.0498 0x0c2c  MozillaMaintenance - ok
00:54:00.0523 0x0c2c  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
00:54:00.0536 0x0c2c  mpio - ok
00:54:00.0564 0x0c2c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:54:00.0600 0x0c2c  mpsdrv - ok
00:54:00.0660 0x0c2c  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:54:00.0711 0x0c2c  MpsSvc - ok
00:54:00.0738 0x0c2c  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:54:00.0757 0x0c2c  MRxDAV - ok
00:54:00.0793 0x0c2c  [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:54:00.0812 0x0c2c  mrxsmb - ok
00:54:00.0844 0x0c2c  [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:54:00.0868 0x0c2c  mrxsmb10 - ok
00:54:00.0878 0x0c2c  [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:54:00.0895 0x0c2c  mrxsmb20 - ok
00:54:00.0920 0x0c2c  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
00:54:00.0930 0x0c2c  msahci - ok
00:54:00.0945 0x0c2c  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
00:54:00.0958 0x0c2c  msdsm - ok
00:54:00.0977 0x0c2c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
00:54:00.0994 0x0c2c  MSDTC - ok
00:54:01.0006 0x0c2c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:54:01.0037 0x0c2c  Msfs - ok
00:54:01.0050 0x0c2c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
00:54:01.0086 0x0c2c  mshidkmdf - ok
00:54:01.0091 0x0c2c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
00:54:01.0103 0x0c2c  msisadrv - ok
00:54:01.0133 0x0c2c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:54:01.0167 0x0c2c  MSiSCSI - ok
00:54:01.0170 0x0c2c  msiserver - ok
00:54:01.0201 0x0c2c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:54:01.0235 0x0c2c  MSKSSRV - ok
00:54:01.0250 0x0c2c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:54:01.0280 0x0c2c  MSPCLOCK - ok
00:54:01.0293 0x0c2c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:54:01.0323 0x0c2c  MSPQM - ok
00:54:01.0345 0x0c2c  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:54:01.0362 0x0c2c  MsRPC - ok
00:54:01.0377 0x0c2c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
00:54:01.0387 0x0c2c  mssmbios - ok
00:54:01.0391 0x0c2c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:54:01.0423 0x0c2c  MSTEE - ok
00:54:01.0438 0x0c2c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
00:54:01.0449 0x0c2c  MTConfig - ok
00:54:01.0491 0x0c2c  [ 032D35C996F21D19A205A7C8F0B76F3C, 1A1C5BD7204BB937A05E201BCC0840B2C8E4B273D8E1D6D9407264FB4C57F014 ] MTsensor        C:\Windows\system32\DRIVERS\ATK64AMD.sys
00:54:01.0500 0x0c2c  MTsensor - ok
00:54:01.0509 0x0c2c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
00:54:01.0520 0x0c2c  Mup - ok
00:54:01.0555 0x0c2c  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
00:54:01.0598 0x0c2c  napagent - ok
00:54:01.0647 0x0c2c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:54:01.0673 0x0c2c  NativeWifiP - ok
00:54:01.0722 0x0c2c  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:54:01.0753 0x0c2c  NDIS - ok
00:54:01.0767 0x0c2c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
00:54:01.0800 0x0c2c  NdisCap - ok
00:54:01.0815 0x0c2c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:54:01.0851 0x0c2c  NdisTapi - ok
00:54:01.0868 0x0c2c  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:54:01.0909 0x0c2c  Ndisuio - ok
00:54:01.0930 0x0c2c  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:54:01.0972 0x0c2c  NdisWan - ok
00:54:02.0004 0x0c2c  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:54:02.0040 0x0c2c  NDProxy - ok
00:54:02.0055 0x0c2c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:54:02.0091 0x0c2c  NetBIOS - ok
00:54:02.0114 0x0c2c  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
00:54:02.0153 0x0c2c  NetBT - ok
00:54:02.0185 0x0c2c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon        C:\Windows\system32\lsass.exe
00:54:02.0196 0x0c2c  Netlogon - ok
00:54:02.0228 0x0c2c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
00:54:02.0268 0x0c2c  Netman - ok
00:54:02.0311 0x0c2c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:54:02.0325 0x0c2c  NetMsmqActivator - ok
00:54:02.0344 0x0c2c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:54:02.0358 0x0c2c  NetPipeActivator - ok
00:54:02.0386 0x0c2c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
00:54:02.0427 0x0c2c  netprofm - ok
00:54:02.0509 0x0c2c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:54:02.0524 0x0c2c  NetTcpActivator - ok
00:54:02.0542 0x0c2c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:54:02.0556 0x0c2c  NetTcpPortSharing - ok
00:54:02.0590 0x0c2c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
00:54:02.0601 0x0c2c  nfrd960 - ok
00:54:02.0629 0x0c2c  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:54:02.0666 0x0c2c  NlaSvc - ok
00:54:02.0683 0x0c2c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:54:02.0718 0x0c2c  Npfs - ok
00:54:02.0739 0x0c2c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
00:54:02.0772 0x0c2c  nsi - ok
00:54:02.0785 0x0c2c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:54:02.0819 0x0c2c  nsiproxy - ok
00:54:02.0904 0x0c2c  [ 378E0E0DFEA67D98AE6EA53ADBBD76BC, 2A78A36A729B271FE54A54E507EBC9AD9B9D764DBCB58AC3CBB8FC76D0075391 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:54:02.0960 0x0c2c  Ntfs - ok
00:54:02.0986 0x0c2c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
00:54:03.0018 0x0c2c  Null - ok
00:54:03.0052 0x0c2c  [ 785298579B5F9B4032152DFBB992FDB6, 873346A9B2C71C4F3F8B9C6B6AF34AD3675D029DAEA93876350ACBCEE19145D5 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
00:54:03.0065 0x0c2c  nusb3hub - ok
00:54:03.0081 0x0c2c  [ DF2750481B4964814467C974F2B0EEF1, 573FE5B5867C207355F0D6BBAE744EC5D2539F02DDC25E1470AE2D1E00954C3C ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:54:03.0098 0x0c2c  nusb3xhc - ok
00:54:03.0122 0x0c2c  [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:54:03.0135 0x0c2c  nvraid - ok
00:54:03.0175 0x0c2c  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:54:03.0190 0x0c2c  nvstor - ok
00:54:03.0204 0x0c2c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
00:54:03.0217 0x0c2c  nv_agp - ok
00:54:03.0293 0x0c2c  [ 1F0E05DFF4F5A833168E49BE1256F002, A858267572033C185293B0FD15B2BFDA679D0771A14C0ADF24461B529DBAD8DF ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:54:03.0311 0x0c2c  odserv - ok
00:54:03.0380 0x0c2c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
00:54:03.0394 0x0c2c  ohci1394 - ok
00:54:03.0448 0x0c2c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:54:03.0459 0x0c2c  ose - ok
00:54:03.0505 0x0c2c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
00:54:03.0529 0x0c2c  p2pimsvc - ok
00:54:03.0567 0x0c2c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
00:54:03.0595 0x0c2c  p2psvc - ok
00:54:03.0622 0x0c2c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
00:54:03.0639 0x0c2c  Parport - ok
00:54:03.0654 0x0c2c  [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:54:03.0668 0x0c2c  partmgr - ok
00:54:03.0684 0x0c2c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:54:03.0708 0x0c2c  PcaSvc - ok
00:54:03.0717 0x0c2c  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
00:54:03.0734 0x0c2c  pci - ok
00:54:03.0760 0x0c2c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
00:54:03.0773 0x0c2c  pciide - ok
00:54:03.0802 0x0c2c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
00:54:03.0820 0x0c2c  pcmcia - ok
00:54:03.0826 0x0c2c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
00:54:03.0841 0x0c2c  pcw - ok
00:54:03.0892 0x0c2c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:54:03.0967 0x0c2c  PEAUTH - ok
00:54:04.0172 0x0c2c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
00:54:04.0185 0x0c2c  PerfHost - ok
00:54:04.0256 0x0c2c  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
00:54:04.0328 0x0c2c  pla - ok
00:54:04.0387 0x0c2c  [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:54:04.0411 0x0c2c  PlugPlay - ok
00:54:04.0472 0x0c2c  PnkBstrA - ok
00:54:04.0484 0x0c2c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
00:54:04.0498 0x0c2c  PNRPAutoReg - ok
00:54:04.0528 0x0c2c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
00:54:04.0549 0x0c2c  PNRPsvc - ok
00:54:04.0589 0x0c2c  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:54:04.0631 0x0c2c  PolicyAgent - ok
00:54:04.0665 0x0c2c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
00:54:04.0699 0x0c2c  Power - ok
00:54:04.0726 0x0c2c  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:54:04.0762 0x0c2c  PptpMiniport - ok
00:54:04.0807 0x0c2c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
00:54:04.0821 0x0c2c  Processor - ok
00:54:04.0850 0x0c2c  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll
00:54:04.0887 0x0c2c  ProfSvc - ok
00:54:04.0903 0x0c2c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:54:04.0916 0x0c2c  ProtectedStorage - ok
00:54:04.0942 0x0c2c  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
00:54:04.0975 0x0c2c  Psched - ok
00:54:05.0054 0x0c2c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
00:54:05.0098 0x0c2c  ql2300 - ok
00:54:05.0112 0x0c2c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
00:54:05.0127 0x0c2c  ql40xx - ok
00:54:05.0160 0x0c2c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
00:54:05.0181 0x0c2c  QWAVE - ok
00:54:05.0198 0x0c2c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:54:05.0213 0x0c2c  QWAVEdrv - ok
00:54:05.0232 0x0c2c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:54:05.0264 0x0c2c  RasAcd - ok
00:54:05.0302 0x0c2c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
00:54:05.0337 0x0c2c  RasAgileVpn - ok
00:54:05.0378 0x0c2c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
00:54:05.0411 0x0c2c  RasAuto - ok
00:54:05.0438 0x0c2c  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:54:05.0472 0x0c2c  Rasl2tp - ok
00:54:05.0524 0x0c2c  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
00:54:05.0563 0x0c2c  RasMan - ok
00:54:05.0570 0x0c2c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:54:05.0603 0x0c2c  RasPppoe - ok
00:54:05.0629 0x0c2c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:54:05.0662 0x0c2c  RasSstp - ok
00:54:05.0687 0x0c2c  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:54:05.0728 0x0c2c  rdbss - ok
00:54:05.0742 0x0c2c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
00:54:05.0757 0x0c2c  rdpbus - ok
00:54:05.0786 0x0c2c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:54:05.0816 0x0c2c  RDPCDD - ok
00:54:05.0822 0x0c2c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:54:05.0851 0x0c2c  RDPENCDD - ok
00:54:05.0857 0x0c2c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
00:54:05.0889 0x0c2c  RDPREFMP - ok
00:54:05.0942 0x0c2c  [ 074AC702D8B8B660B0E1371555995386, 4D038797AF891BB6FE4503178C3A9C918620FEA80AFB36083B836B2547271952 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:54:05.0960 0x0c2c  RDPWD - ok
00:54:05.0986 0x0c2c  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
00:54:06.0000 0x0c2c  rdyboost - ok
00:54:06.0025 0x0c2c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:54:06.0057 0x0c2c  RemoteAccess - ok
00:54:06.0091 0x0c2c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:54:06.0125 0x0c2c  RemoteRegistry - ok
00:54:06.0147 0x0c2c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
00:54:06.0178 0x0c2c  RpcEptMapper - ok
00:54:06.0193 0x0c2c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
00:54:06.0204 0x0c2c  RpcLocator - ok
00:54:06.0228 0x0c2c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
00:54:06.0269 0x0c2c  RpcSs - ok
00:54:06.0300 0x0c2c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:54:06.0331 0x0c2c  rspndr - ok
00:54:06.0357 0x0c2c  [ 483C537E69FA97C77F7FE0E2E1C1F102, B5DCC1C669126C558057B328F86071F35B2FF55A0C595A05FC16F2E893BA48E4 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
00:54:06.0417 0x0c2c  RTHDMIAzAudService - ok
00:54:06.0434 0x0c2c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs           C:\Windows\system32\lsass.exe
00:54:06.0447 0x0c2c  SamSs - ok
00:54:06.0464 0x0c2c  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
00:54:06.0477 0x0c2c  sbp2port - ok
00:54:06.0510 0x0c2c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:54:06.0551 0x0c2c  SCardSvr - ok
00:54:06.0584 0x0c2c  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
00:54:06.0617 0x0c2c  scfilter - ok
00:54:06.0680 0x0c2c  [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule        C:\Windows\system32\schedsvc.dll
00:54:06.0721 0x0c2c  Schedule - ok
00:54:06.0755 0x0c2c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:54:06.0789 0x0c2c  SCPolicySvc - ok
00:54:06.0818 0x0c2c  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:54:06.0836 0x0c2c  SDRSVC - ok
00:54:06.0856 0x0c2c  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
00:54:06.0889 0x0c2c  seclogon - ok
00:54:06.0904 0x0c2c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
00:54:06.0941 0x0c2c  SENS - ok
00:54:06.0960 0x0c2c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
00:54:06.0972 0x0c2c  SensrSvc - ok
00:54:07.0002 0x0c2c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
00:54:07.0016 0x0c2c  Serenum - ok
00:54:07.0035 0x0c2c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
00:54:07.0051 0x0c2c  Serial - ok
00:54:07.0070 0x0c2c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
00:54:07.0083 0x0c2c  sermouse - ok
00:54:07.0123 0x0c2c  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
00:54:07.0156 0x0c2c  SessionEnv - ok
00:54:07.0171 0x0c2c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
00:54:07.0186 0x0c2c  sffdisk - ok
00:54:07.0203 0x0c2c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
00:54:07.0218 0x0c2c  sffp_mmc - ok
00:54:07.0230 0x0c2c  [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
00:54:07.0244 0x0c2c  sffp_sd - ok
00:54:07.0270 0x0c2c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
00:54:07.0283 0x0c2c  sfloppy - ok
00:54:07.0338 0x0c2c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:54:07.0376 0x0c2c  SharedAccess - ok
00:54:07.0412 0x0c2c  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:54:07.0438 0x0c2c  ShellHWDetection - ok
00:54:07.0467 0x0c2c  [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
00:54:07.0481 0x0c2c  SiSGbeLH - ok
00:54:07.0503 0x0c2c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:54:07.0514 0x0c2c  SiSRaid2 - ok
00:54:07.0534 0x0c2c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
00:54:07.0547 0x0c2c  SiSRaid4 - ok
00:54:07.0565 0x0c2c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:54:07.0598 0x0c2c  Smb - ok
00:54:07.0649 0x0c2c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:54:07.0662 0x0c2c  SNMPTRAP - ok
00:54:07.0753 0x0c2c  [ 2114518E55B380A3ACC28B2C27FD499A, 5EB378ECE4AD1E1C843CF21D46A5A3DE85CB8BBF1DF7292D54200F4ECFAE301A ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
00:54:07.0840 0x0c2c  SNP2UVC - ok
00:54:07.0853 0x0c2c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
00:54:07.0864 0x0c2c  spldr - ok
00:54:07.0910 0x0c2c  [ F8E1FA03CB70D54A9892AC88B91D1E7B, 55EECAAD4C7EC0868BE937F4ADDA026AFDFCC614E94DE4B3248BFF2BE7FF13E8 ] Spooler         C:\Windows\System32\spoolsv.exe
00:54:07.0937 0x0c2c  Spooler - ok
00:54:08.0092 0x0c2c  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
00:54:08.0195 0x0c2c  sppsvc - ok
00:54:08.0276 0x0c2c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
00:54:08.0308 0x0c2c  sppuinotify - ok
00:54:08.0342 0x0c2c  [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:54:08.0378 0x0c2c  srv - ok
00:54:08.0393 0x0c2c  [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:54:08.0428 0x0c2c  srv2 - ok
00:54:08.0449 0x0c2c  [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:54:08.0467 0x0c2c  srvnet - ok
00:54:08.0486 0x0c2c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:54:08.0521 0x0c2c  SSDPSRV - ok
00:54:08.0532 0x0c2c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:54:08.0564 0x0c2c  SstpSvc - ok
00:54:08.0625 0x0c2c  [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
00:54:08.0650 0x0c2c  Steam Client Service - ok
00:54:08.0684 0x0c2c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
00:54:08.0695 0x0c2c  stexstor - ok
00:54:08.0742 0x0c2c  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
00:54:08.0788 0x0c2c  stisvc - ok
00:54:08.0797 0x0c2c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
00:54:08.0807 0x0c2c  swenum - ok
00:54:08.0841 0x0c2c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
00:54:08.0884 0x0c2c  swprv - ok
00:54:08.0952 0x0c2c  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
00:54:09.0015 0x0c2c  SysMain - ok
00:54:09.0034 0x0c2c  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:54:09.0053 0x0c2c  TabletInputService - ok
00:54:09.0070 0x0c2c  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:54:09.0108 0x0c2c  TapiSrv - ok
00:54:09.0119 0x0c2c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
00:54:09.0150 0x0c2c  TBS - ok
00:54:09.0249 0x0c2c  [ F18F56EFC0BFB9C87BA01C37B27F4DA5, 868EF8102EAB18E5EEC4B3032392BB4559B442A489026381F86875193325F63C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:54:09.0306 0x0c2c  Tcpip - ok
00:54:09.0394 0x0c2c  [ F18F56EFC0BFB9C87BA01C37B27F4DA5, 868EF8102EAB18E5EEC4B3032392BB4559B442A489026381F86875193325F63C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
00:54:09.0447 0x0c2c  TCPIP6 - ok
00:54:09.0472 0x0c2c  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:54:09.0503 0x0c2c  tcpipreg - ok
00:54:09.0519 0x0c2c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:54:09.0529 0x0c2c  TDPIPE - ok
00:54:09.0555 0x0c2c  [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:54:09.0567 0x0c2c  TDTCP - ok
00:54:09.0586 0x0c2c  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:54:09.0618 0x0c2c  tdx - ok
00:54:09.0631 0x0c2c  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
00:54:09.0644 0x0c2c  TermDD - ok
00:54:09.0693 0x0c2c  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
00:54:09.0743 0x0c2c  TermService - ok
00:54:09.0761 0x0c2c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
00:54:09.0779 0x0c2c  Themes - ok
00:54:09.0805 0x0c2c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
00:54:09.0836 0x0c2c  THREADORDER - ok
00:54:09.0889 0x0c2c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
00:54:09.0925 0x0c2c  TrkWks - ok
00:54:09.0967 0x0c2c  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:54:09.0989 0x0c2c  TrustedInstaller - ok
00:54:10.0010 0x0c2c  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:54:10.0049 0x0c2c  tssecsrv - ok
00:54:10.0212 0x0c2c  [ CDAD7034AF9562835F29FB50A5F54832, CEBEAAF387A6B6A7CE20839E29988F47A7CD381BEDD8B127ECD5E0548BCC68FA ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
00:54:10.0280 0x0c2c  TuneUp.UtilitiesSvc - ok
00:54:10.0343 0x0c2c  [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
00:54:10.0352 0x0c2c  TuneUpUtilitiesDrv - ok
00:54:10.0407 0x0c2c  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:54:10.0442 0x0c2c  tunnel - ok
00:54:10.0460 0x0c2c  [ C45A3E051C65106A28982CAED125F855, 9164708ABC6B1BA804B8297AA4EEBC65C4BDD4D399AD6CBAB9C66BB7AA9020E8 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
00:54:10.0470 0x0c2c  TurboB - ok
00:54:10.0607 0x0c2c  [ BAEF86EBEAECE76573FA822DEA256F6C, B845AB0AACCCF4C2D4A8DD152C57C52416C5938FB3FEB670DB5434FA95620F3B ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
00:54:10.0618 0x0c2c  TurboBoost - ok
00:54:10.0647 0x0c2c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
00:54:10.0659 0x0c2c  uagp35 - ok
00:54:10.0710 0x0c2c  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:54:10.0748 0x0c2c  udfs - ok
00:54:10.0779 0x0c2c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:54:10.0794 0x0c2c  UI0Detect - ok
00:54:10.0855 0x0c2c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
00:54:10.0866 0x0c2c  uliagpkx - ok
00:54:10.0892 0x0c2c  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
00:54:10.0913 0x0c2c  umbus - ok
00:54:10.0934 0x0c2c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
00:54:10.0946 0x0c2c  UmPass - ok
00:54:10.0993 0x0c2c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
00:54:11.0034 0x0c2c  upnphost - ok
00:54:11.0063 0x0c2c  [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:54:11.0083 0x0c2c  usbccgp - ok
00:54:11.0114 0x0c2c  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
00:54:11.0131 0x0c2c  usbcir - ok
00:54:11.0164 0x0c2c  [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
00:54:11.0177 0x0c2c  usbehci - ok
00:54:11.0211 0x0c2c  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
00:54:11.0247 0x0c2c  usbhub - ok
00:54:11.0280 0x0c2c  [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
00:54:11.0292 0x0c2c  usbohci - ok
00:54:11.0316 0x0c2c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
00:54:11.0330 0x0c2c  usbprint - ok
00:54:11.0342 0x0c2c  [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:54:11.0355 0x0c2c  USBSTOR - ok
00:54:11.0374 0x0c2c  [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
00:54:11.0386 0x0c2c  usbuhci - ok
00:54:11.0428 0x0c2c  [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
00:54:11.0443 0x0c2c  usbvideo - ok
00:54:11.0471 0x0c2c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
00:54:11.0502 0x0c2c  UxSms - ok
00:54:11.0529 0x0c2c  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc        C:\Windows\system32\lsass.exe
00:54:11.0542 0x0c2c  VaultSvc - ok
00:54:11.0564 0x0c2c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
00:54:11.0574 0x0c2c  vdrvroot - ok
00:54:11.0604 0x0c2c  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
00:54:11.0632 0x0c2c  vds - ok
00:54:11.0658 0x0c2c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:54:11.0673 0x0c2c  vga - ok
00:54:11.0692 0x0c2c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:54:11.0724 0x0c2c  VgaSave - ok
00:54:11.0745 0x0c2c  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
00:54:11.0760 0x0c2c  vhdmp - ok
00:54:11.0784 0x0c2c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
00:54:11.0794 0x0c2c  viaide - ok
00:54:11.0807 0x0c2c  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
00:54:11.0819 0x0c2c  volmgr - ok
00:54:11.0831 0x0c2c  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:54:11.0849 0x0c2c  volmgrx - ok
00:54:11.0861 0x0c2c  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
00:54:11.0877 0x0c2c  volsnap - ok
00:54:11.0891 0x0c2c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
00:54:11.0904 0x0c2c  vsmraid - ok
00:54:11.0986 0x0c2c  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
00:54:12.0066 0x0c2c  VSS - ok
00:54:12.0089 0x0c2c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
00:54:12.0108 0x0c2c  vwifibus - ok
00:54:12.0117 0x0c2c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
00:54:12.0140 0x0c2c  vwififlt - ok
00:54:12.0167 0x0c2c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
00:54:12.0183 0x0c2c  vwifimp - ok
00:54:12.0229 0x0c2c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
00:54:12.0275 0x0c2c  W32Time - ok
00:54:12.0298 0x0c2c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
00:54:12.0311 0x0c2c  WacomPen - ok
00:54:12.0328 0x0c2c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
00:54:12.0360 0x0c2c  WANARP - ok
00:54:12.0365 0x0c2c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:54:12.0394 0x0c2c  Wanarpv6 - ok
00:54:12.0457 0x0c2c  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
00:54:12.0525 0x0c2c  wbengine - ok
00:54:12.0820 0x0c2c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
00:54:12.0841 0x0c2c  WbioSrvc - ok
00:54:13.0056 0x0c2c  [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:54:13.0077 0x0c2c  wcncsvc - ok
00:54:13.0103 0x0c2c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:54:13.0117 0x0c2c  WcsPlugInService - ok
00:54:13.0145 0x0c2c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
00:54:13.0155 0x0c2c  Wd - ok
00:54:13.0189 0x0c2c  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:54:13.0214 0x0c2c  Wdf01000 - ok
00:54:13.0240 0x0c2c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:54:13.0258 0x0c2c  WdiServiceHost - ok
00:54:13.0273 0x0c2c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:54:13.0292 0x0c2c  WdiSystemHost - ok
00:54:13.0325 0x0c2c  [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient       C:\Windows\System32\webclnt.dll
00:54:13.0345 0x0c2c  WebClient - ok
00:54:13.0368 0x0c2c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:54:13.0404 0x0c2c  Wecsvc - ok
00:54:13.0418 0x0c2c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:54:13.0451 0x0c2c  wercplsupport - ok
00:54:13.0479 0x0c2c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:54:13.0511 0x0c2c  WerSvc - ok
00:54:13.0533 0x0c2c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
00:54:13.0563 0x0c2c  WfpLwf - ok
00:54:13.0597 0x0c2c  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
00:54:13.0611 0x0c2c  WimFltr - ok
00:54:13.0620 0x0c2c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
00:54:13.0630 0x0c2c  WIMMount - ok
00:54:13.0646 0x0c2c  WinDefend - ok
00:54:13.0651 0x0c2c  WinHttpAutoProxySvc - ok
00:54:13.0709 0x0c2c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:54:13.0748 0x0c2c  Winmgmt - ok
00:54:13.0838 0x0c2c  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
00:54:13.0918 0x0c2c  WinRM - ok
00:54:13.0978 0x0c2c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:54:14.0035 0x0c2c  Wlansvc - ok
00:54:14.0172 0x0c2c  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:54:14.0230 0x0c2c  wlidsvc - ok
00:54:14.0260 0x0c2c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
00:54:14.0272 0x0c2c  WmiAcpi - ok
00:54:14.0308 0x0c2c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:54:14.0325 0x0c2c  wmiApSrv - ok
00:54:14.0354 0x0c2c  WMPNetworkSvc - ok
00:54:14.0386 0x0c2c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:54:14.0399 0x0c2c  WPCSvc - ok
00:54:14.0418 0x0c2c  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:54:14.0434 0x0c2c  WPDBusEnum - ok
00:54:14.0456 0x0c2c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:54:14.0487 0x0c2c  ws2ifsl - ok
00:54:14.0525 0x0c2c  [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc          C:\Windows\System32\wscsvc.dll
00:54:14.0540 0x0c2c  wscsvc - ok
00:54:14.0543 0x0c2c  WSearch - ok
00:54:14.0629 0x0c2c  [ 38340204A2D0228F1E87740FC5E554A7, 57181ED34E73DD17B590803C770A086C57754F229C6F587637B8FBB5D6519603 ] wuauserv        C:\Windows\system32\wuaueng.dll
00:54:14.0720 0x0c2c  wuauserv - ok
00:54:14.0751 0x0c2c  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:54:14.0784 0x0c2c  WudfPf - ok
00:54:14.0825 0x0c2c  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:54:14.0857 0x0c2c  WUDFRd - ok
00:54:14.0863 0x0c2c  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:54:14.0897 0x0c2c  wudfsvc - ok
00:54:14.0915 0x0c2c  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
00:54:14.0937 0x0c2c  WwanSvc - ok
00:54:15.0022 0x0c2c  [ 74983ADDCA2D9618512C088D856D6615, C4592EFC1206BD813221814FD529AD38ED26E4AE086613EB95D3D5E20448A1F0 ] {B154377D-700F-42cc-9474-23858FBDF4BD} C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl
00:54:15.0034 0x0c2c  {B154377D-700F-42cc-9474-23858FBDF4BD} - ok
00:54:15.0047 0x0c2c  ================ Scan global ===============================
00:54:15.0067 0x0c2c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
00:54:15.0100 0x0c2c  [ 0CB6EBF4B461A6043353C570BD72A1E1, B6DA0AE56A7DC373F60CA1EF69E4D55E6F2EEB0D62AB78D555C5F85EB389A356 ] C:\Windows\system32\winsrv.dll
00:54:15.0122 0x0c2c  [ 0CB6EBF4B461A6043353C570BD72A1E1, B6DA0AE56A7DC373F60CA1EF69E4D55E6F2EEB0D62AB78D555C5F85EB389A356 ] C:\Windows\system32\winsrv.dll
00:54:15.0157 0x0c2c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:54:15.0182 0x0c2c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
00:54:15.0189 0x0c2c  [ Global ] - ok
00:54:15.0189 0x0c2c  ================ Scan MBR ==================================
00:54:15.0199 0x0c2c  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
00:54:15.0759 0x0c2c  \Device\Harddisk0\DR0 - ok
00:54:15.0760 0x0c2c  ================ Scan VBR ==================================
00:54:15.0774 0x0c2c  [ 054BBC2F93DFFA6B1CF217C4331F6829 ] \Device\Harddisk0\DR0\Partition1
00:54:15.0788 0x0c2c  \Device\Harddisk0\DR0\Partition1 - ok
00:54:15.0791 0x0c2c  [ 49AB2F696E91DF00265D64A54C592637 ] \Device\Harddisk0\DR0\Partition2
00:54:15.0793 0x0c2c  \Device\Harddisk0\DR0\Partition2 - ok
00:54:15.0794 0x0c2c  ================ Scan generic autorun ======================
00:54:15.0856 0x0c2c  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
00:54:15.0875 0x0c2c  AdobeAAMUpdater-1.0 - ok
00:54:15.0934 0x0c2c  [ 819CB14FC5EF910B6D4C5AB77793C53F, 96F2FE5400C278D9C1E3FAA28B699DEC63F297D61C03A85FD63ADEA411B00869 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
00:54:15.0941 0x0c2c  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
00:54:18.0377 0x0c2c  Detect skipped due to KSN trusted
00:54:18.0377 0x0c2c  StartCCC - ok
00:54:18.0475 0x0c2c  [ 087A06DB98D0E84C0DE90EE308707E63, 96E8CDC492115A93B1B244196947E45D3C30CF64F538EAB634E0B02BEFBF1607 ] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
00:54:18.0482 0x0c2c  NUSB3MON - detected UnsignedFile.Multi.Generic ( 1 )
00:54:20.0846 0x0c2c  Detect skipped due to KSN trusted
00:54:20.0846 0x0c2c  NUSB3MON - ok
00:54:20.0985 0x0c2c  [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
00:54:21.0006 0x0c2c  avgnt - ok
00:54:21.0079 0x0c2c  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:54:21.0119 0x0c2c  Sidebar - ok
00:54:21.0151 0x0c2c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:54:21.0167 0x0c2c  mctadmin - ok
00:54:21.0222 0x0c2c  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:54:21.0270 0x0c2c  Sidebar - ok
00:54:21.0294 0x0c2c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:54:21.0310 0x0c2c  mctadmin - ok
00:54:21.0408 0x0c2c  [ 7A6A4EDC0CEF9DE9CAFFDFE36D991FD4, 29078B41C8E977E06D925936325B1BE41F478CE53B1F5D2408A7C414240DC0B2 ] C:\Users\Daddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
00:54:21.0447 0x0c2c  Spotify Web Helper - ok
00:54:21.0448 0x0c2c  Waiting for KSN requests completion. In queue: 80
00:54:22.0448 0x0c2c  Waiting for KSN requests completion. In queue: 6
00:54:23.0449 0x0c2c  Waiting for KSN requests completion. In queue: 6
00:54:24.0467 0x0c2c  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
00:54:24.0474 0x0c2c  Win FW state via NFP2: enabled
00:54:26.0849 0x0c2c  ============================================================
00:54:26.0849 0x0c2c  Scan finished
00:54:26.0849 0x0c2c  ============================================================
00:54:26.0857 0x0a3c  Detected object count: 0
00:54:26.0857 0x0a3c  Actual detected object count: 0
00:54:53.0049 0x1168  Deinitialize success
         


Geändert von Mr.dub (20.09.2014 um 01:12 Uhr)

Alt 20.09.2014, 01:08   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Boo/Cidox.b - Standard

Boo/Cidox.b



Adware/Junkware/Toolbars entfernen

1. Schritt: Malwarebytes

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

2. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
--> Boo/Cidox.b

Alt 20.09.2014, 02:05   #7
Mr.dub
 
Boo/Cidox.b - Standard

Boo/Cidox.b



ach du heilige scheiße, da muss ich ein Wörtchen mit der Freundin reden
das waren 50 Funde

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 20.09.2014
Suchlauf-Zeit: 01:18:37
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.19.09
Rootkit Datenbank: v2014.09.19.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Daddy

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 320444
Verstrichene Zeit: 15 Min, 19 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 11
PUP.Optional.Ominent.A, HKLM\SOFTWARE\CLASSES\APPID\{9A246976-806F-4B2E-B3B9-A9A58F5685AA}, In Quarantäne, [e1a4cc23c0bbe84e74160a8460a24ab6], 
PUP.Optional.Ominent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{9A246976-806F-4B2E-B3B9-A9A58F5685AA}, In Quarantäne, [e1a4cc23c0bbe84e74160a8460a24ab6], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantäne, [dea7509f2f4c83b3ed9d339006fc837d], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantäne, [dea7509f2f4c83b3ed9d339006fc837d], 
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [572e12ddd3a8db5bb6a5d7b7d72b6f91], 
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [572e12ddd3a8db5bb6a5d7b7d72b6f91], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1479915848-3698468020-625273048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Löschen bei Neustart, [fa8b7b74df9c86b0155d5534ba48b848], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-1479915848-3698468020-625273048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, Löschen bei Neustart, [e99c6b8407740b2b6eaa622ec042758b], 
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, In Quarantäne, [3d4803ecccaf0b2bc3821040fa0aa25e], 
PUP.Optional.WeDownLoadManager.A, HKU\S-1-5-21-1479915848-3698468020-625273048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WEDLMNGR, Löschen bei Neustart, [394c6a8594e7ce68929728e62dd639c7], 
PUP.Optional.SweetIM.A, HKU\S-1-5-21-1479915848-3698468020-625273048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, Löschen bei Neustart, [fa8bfdf20b70b581370d014f6a9a2dd3], 

Registrierungswerte: 2
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, 1590556101979078655, In Quarantäne, [3d4803ecccaf0b2bc3821040fa0aa25e]
PUP.Optional.SweetIM.A, HKU\S-1-5-21-1479915848-3698468020-625273048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, 1590556101979078655, Löschen bei Neustart, [fa8bfdf20b70b581370d014f6a9a2dd3]

Registrierungsdaten: 1
PUP.Optional.Conduit.A, HKU\S-1-5-21-1479915848-3698468020-625273048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPF63F852A-B6EE-41A6-AA53-09BE44511160&SSPV=, Gut: (www.google.com), Schlecht: (hxxp://search.conduit.com/?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPF63F852A-B6EE-41A6-AA53-09BE44511160&SSPV=),Löschen bei Neustart,[7114628dfc7fba7c2c9652aa28dc18e8]

Ordner: 3
PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\CT3323737, In Quarantäne, [592c5d922556a88e6a25bd1912f0f808], 
PUP.Optional.Extutil.A, C:\Users\Daddy\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, In Quarantäne, [473eb03f81fa15215bd6a5497e84f50b], 
PUP.Optional.Managera.A, C:\Users\Daddy\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, In Quarantäne, [067f7b743f3c2115b57deb037d8544bc], 

Dateien: 33
Trojan.Dropper.DLED, C:\ProgramData\Windows Genuine Advantage\{2A84DC0F-FBA5-40E9-A13F-CE6A371B1989}\api-ms-win-system-shsetup-l1-1-0.dll, In Quarantäne, [dda8717ea8d388ae3bf41fa313ee738d], 
Trojan.Agent.BPEN, C:\ProgramData\Windows Genuine Advantage\{9BCCE0E9-78FD-4F37-AFFB-E7010F7A6C8C}\msiexec.exe, In Quarantäne, [592c7d727a0170c6d8930eb01de419e7], 
Trojan.FakeMS.ED, C:\ProgramData\Windows Genuine Advantage\{AF35E7C0-4DC7-462A-8BE7-7AB218A28050}\api-ms-win-system-browser-l1-1-0.dll, In Quarantäne, [ee9728c7106b42f4f4aa269b4cb527d9], 
Trojan.Agent.BPEN, C:\ProgramData\Windows Genuine Advantage\{BEDACEC5-CAAA-4E43-AB81-FD21746F4199}\msiexec.exe, In Quarantäne, [a9dcce21601b4beb3038328cbe4350b0], 
Trojan.FakeMS.ED, C:\ProgramData\Windows Genuine Advantage\{C575432D-1789-4783-ACEF-132A949F0607}\api-ms-win-system-browser-l1-1-0.dll, In Quarantäne, [aadbd817037847ef613d269b07fa728e], 
Trojan.Dropper.DLED, C:\ProgramData\Windows Genuine Advantage\{F7B071A2-0CDE-4B9A-897B-EADC2F22F384}\api-ms-win-system-xrWPpb4-l1-1-0.dll, In Quarantäne, [384d5a95f88378be34fb576b3ac7d32d], 
PUP.Optional.SearchProtect.A, C:\Users\Daddy\AppData\Local\Temp\nsnF183.exe, In Quarantäne, [a3e202ed3e3d2c0a3ec3221826db5da3], 
PUP.Optional.SearchProtect.A, C:\Users\Daddy\AppData\Local\Temp\nss595A.exe, In Quarantäne, [473e9a55b2c92f07b64b42f8c04153ad], 
PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\SPSetup.exe, In Quarantäne, [7c09f5fac0bb6fc7d51e7ab420e10000], 
PUP.Optional.SearchProtect.A, C:\Users\Daddy\AppData\Local\Temp\nscB8AA.exe, In Quarantäne, [e1a46b84a6d5c472cb36c27860a1659b], 
PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\nse9714.exe, In Quarantäne, [c9bc32bdf982b1856493a1f15da454ac], 
PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\nseC251.exe, In Quarantäne, [e3a226c93f3c7fb7c92e632f827f19e7], 
PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\nseE648.exe, In Quarantäne, [23621dd2e89362d4f9fe484a42bfad53], 
PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\nseEA3F.exe, In Quarantäne, [f1946d82a9d264d2af48c3cfcb3602fe], 
PUP.Optional.SearchProtect.A, C:\Users\Daddy\AppData\Local\Temp\nshBB3A.exe, In Quarantäne, [d8ad5f904d2e7bbb0df40b2f7d84e11f], 
PUP.Optional.SearchProtect.A, C:\Users\Daddy\AppData\Local\Temp\nsx5C38.exe, In Quarantäne, [65205c93215a64d2936e67d3f1106d93], 
PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\nszBED7.exe, In Quarantäne, [e99c20cf42397abcda1d8a08a45d48b8], 
PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\utt7C3C.tmp.exe, In Quarantäne, [4d38816eaccfb2843af579b4a0613dc3], 
PUP.Optional.SearchProtect.A, C:\Users\Daddy\AppData\Local\Temp\nsp948C\SpSetup.exe, In Quarantäne, [b3d2be316d0ee15556c62b7253ae9b65], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsl3D04.exe, In Quarantäne, [196ccd22512afb3bbf429c9e7c853cc4], 
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsqD2CC.exe, In Quarantäne, [bbca559a8fec3bfb5aa72f0bc63b4bb5], 
PUP.Optional.Superfish.A, C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, In Quarantäne, [b0d510dff586e650cd416cb54db6bf41], 
PUP.Optional.Superfish.A, C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [e3a239b6403b4cea709e81a0ab5813ed], 
PUP.Optional.Wajam.A, C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.wajam.com_0.localstorage, In Quarantäne, [f2930ce3a9d2d462bffff72baa590000], 
PUP.Optional.Wajam.A, C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.wajam.com_0.localstorage-journal, In Quarantäne, [89fc4ca37803f93d12ac5bc729dab947], 
PUP.Optional.Websteroids.A, C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage, In Quarantäne, [a1e45798b7c448eebecebe6de023669a], 
PUP.Optional.Websteroids.A, C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage-journal, In Quarantäne, [a7de05ea23580c2a206c70bbe71c7c84], 
PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\CT3323737\ddt.csf, In Quarantäne, [592c5d922556a88e6a25bd1912f0f808], 
PUP.Optional.Extutil.A, C:\Users\Daddy\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, In Quarantäne, [473eb03f81fa15215bd6a5497e84f50b], 
PUP.Optional.Extutil.A, C:\Users\Daddy\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, In Quarantäne, [473eb03f81fa15215bd6a5497e84f50b], 
PUP.Optional.Extutil.A, C:\Users\Daddy\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, In Quarantäne, [473eb03f81fa15215bd6a5497e84f50b], 
PUP.Optional.Managera.A, C:\Users\Daddy\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, In Quarantäne, [067f7b743f3c2115b57deb037d8544bc], 
PUP.Optional.Managera.A, C:\Users\Daddy\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, In Quarantäne, [067f7b743f3c2115b57deb037d8544bc], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         

Code:
ATTFilter
# AdwCleaner v3.306 - Bericht erstellt am 20/09/2014 um 01:44:25
# Aktualisiert 15/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : Daddy - DADDY-PC
# Gestartet von : C:\Users\Daddy\Desktop\adwcleaner_3.306.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Daddy\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\Daddy\AppData\Roaming\dvdvideosoftiehelpers

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKLM\SOFTWARE\DeviceVM
Schlüssel Gelöscht : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DeviceVM

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16421


-\\ Google Chrome v37.0.2062.120

[ Datei : C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M7AA2478A-C1D8-4DE1-8B42-216B989AC664&SearchSource=58&CUI=&UM=5&UP=SPF63F852A-B6EE-41A6-AA53-09BE44511160&q={searchTerms}&SSPV=
Gelöscht [Search Provider] : hxxp://eu.wowarmory.com/search.xml?searchQuery={searchTerms}&searchType=all

*************************

AdwCleaner[R0].txt - [2873 octets] - [20/09/2014 01:42:35]
AdwCleaner[S0].txt - [2695 octets] - [20/09/2014 01:44:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2755 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.7 (09.18.2014:2)
OS: Windows 7 Home Premium x64
Ran by Daddy on 20.09.2014 at  1:53:48,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DAA0E028-948E-4052-AE09-9E30A6C11D43}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.09.2014 at  1:59:28,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         




FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Daddy (administrator) on DADDY-PC on 20-09-2014 02:01:59
Running from C:\Users\Daddy\Desktop
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Spotify Ltd) C:\Users\Daddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [807696 2013-12-20] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\Run: [Spotify Web Helper] => C:\Users\Daddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-27] (Spotify Ltd)
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: {28dc369f-039f-11df-bcea-e0cb4e560368} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: {5cbbe385-02d0-11df-898a-e0cb4e560368} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: {e2d2cf65-030e-11df-9307-e0cb4e560368} - H:\Autorun.exe
IFEO\hd-apkhandler.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hd-runapp.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hd-startlauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Daddy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Daddy\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Daddy\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Daddy\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2011-07-26]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2011-07-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-04-23]

Chrome: 
=======
CHR Profile: C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-05-15]
CHR Extension: (Google Translate) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-02-22]
CHR Extension: (Google Drive) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-23]
CHR Extension: (Slinky Elegant) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2014-02-22]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-22]
CHR Extension: (Google Search) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-23]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2014-05-02]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-02-22]
CHR Extension: (AdBlock) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-02]
CHR Extension: (Dropbox) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-02-22]
CHR Extension: (Google Play) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-02-22]
CHR Extension: (Google Maps) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-02-22]
CHR Extension: (Hangouts) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-02-23]
CHR Extension: (Google Wallet) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-03]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-02-22]
CHR Extension: (Context Menu Search) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2014-07-30]
CHR Extension: (Gmail) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-01] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-08-03] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-07] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl [146928 2009-09-02] (CyberLink Corp.)
U3 tmlwf; No ImagePath
U3 tmwfp; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-20 02:00 - 2014-09-20 02:02 - 00016355 _____ () C:\Users\Daddy\Desktop\FRST.txt
2014-09-20 01:59 - 2014-09-20 01:59 - 00000772 _____ () C:\Users\Daddy\Desktop\JRT.txt
2014-09-20 01:53 - 2014-09-20 01:53 - 00000000 ____D () C:\Windows\ERUNT
2014-09-20 01:52 - 2014-09-20 01:52 - 01019328 _____ (Thisisu) C:\Users\Daddy\Desktop\JRT.exe
2014-09-20 01:51 - 2014-09-20 01:44 - 00002839 _____ () C:\Users\Daddy\Desktop\AdwCleaner[S0].txt
2014-09-20 01:42 - 2014-09-20 01:48 - 00000000 ____D () C:\AdwCleaner
2014-09-20 01:40 - 2014-09-20 01:40 - 01361203 _____ () C:\Users\Daddy\Desktop\adwcleaner_3.306.exe
2014-09-20 01:36 - 2014-09-20 01:36 - 00009342 _____ () C:\Users\Daddy\Desktop\mbam.txt
2014-09-20 01:17 - 2014-09-20 01:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-20 01:17 - 2014-09-20 01:17 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-20 01:17 - 2014-09-20 01:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-20 01:17 - 2014-09-20 01:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-20 01:17 - 2014-09-20 01:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-20 01:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-20 01:17 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-20 01:17 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-20 01:14 - 2014-09-20 01:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Daddy\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-20 00:36 - 2014-09-20 02:01 - 00000000 ____D () C:\FRST
2014-09-20 00:21 - 2014-09-20 00:28 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-20 00:20 - 2014-09-20 00:20 - 02105856 _____ (Farbar) C:\Users\Daddy\Desktop\FRST64.exe
2014-09-19 23:54 - 2014-09-19 23:54 - 490967222 _____ () C:\Windows\MEMORY.DMP
2014-09-19 23:54 - 2014-09-19 23:54 - 00275960 _____ () C:\Windows\Minidump\091914-22978-01.dmp
2014-09-19 22:50 - 2014-09-19 22:50 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Daddy\Desktop\tdsskiller.exe
2014-09-19 21:58 - 2014-09-19 21:58 - 00003288 ____N () C:\bootsqm.dat
2014-09-19 20:38 - 2014-09-20 01:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-19 20:38 - 2014-09-19 20:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-19 20:38 - 2014-09-19 20:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-19 20:38 - 2014-09-19 20:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-19 20:38 - 2014-09-19 20:38 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-19 20:31 - 2014-09-19 20:31 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-09-18 21:45 - 2014-09-18 21:45 - 12789816 _____ () C:\Users\Daddy\Downloads\Warriors-MP3.zip
2014-09-16 19:14 - 2014-09-16 19:17 - 00000000 ____D () C:\Users\Daddy\Desktop\alex mod
2014-09-12 18:38 - 2014-09-12 18:38 - 00275960 _____ () C:\Windows\Minidump\091214-19983-01.dmp
2014-09-09 11:52 - 2014-09-09 11:52 - 00275960 _____ () C:\Windows\Minidump\090914-21840-01.dmp
2014-09-07 16:04 - 2014-09-07 16:04 - 00000824 _____ () C:\Users\Daddy\Desktop\teeworlds.lnk
2014-09-07 15:06 - 2014-09-08 18:47 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Teeworlds
2014-09-05 18:12 - 2014-09-05 18:21 - 00393216 _____ () C:\Windows\system32\Ikeext.etl
2014-08-31 13:50 - 2014-08-31 13:50 - 00275960 _____ () C:\Windows\Minidump\083114-31590-01.dmp
2014-08-30 14:11 - 2014-08-30 14:11 - 00000000 ____D () C:\Users\Daddy\Documents\NeocoreGames
2014-08-29 17:10 - 2014-08-29 17:23 - 34888568 _____ (Riot Games) C:\Users\Daddy\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-08-27 00:27 - 2014-08-27 00:28 - 00000000 ____D () C:\Users\Daddy\LAN
2014-08-27 00:10 - 2014-08-27 00:11 - 00011264 ___SH () C:\Users\Daddy\Downloads\Thumbs.db
2014-08-27 00:10 - 2014-08-27 00:10 - 00010752 ___SH () C:\Users\Daddy\Desktop\Thumbs.db

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-20 02:02 - 2014-09-20 02:00 - 00016355 _____ () C:\Users\Daddy\Desktop\FRST.txt
2014-09-20 02:01 - 2014-09-20 00:36 - 00000000 ____D () C:\FRST
2014-09-20 01:59 - 2014-09-20 01:59 - 00000772 _____ () C:\Users\Daddy\Desktop\JRT.txt
2014-09-20 01:56 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-20 01:56 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-20 01:53 - 2014-09-20 01:53 - 00000000 ____D () C:\Windows\ERUNT
2014-09-20 01:52 - 2014-09-20 01:52 - 01019328 _____ (Thisisu) C:\Users\Daddy\Desktop\JRT.exe
2014-09-20 01:52 - 2010-01-09 00:38 - 01302548 _____ () C:\Windows\WindowsUpdate.log
2014-09-20 01:51 - 2012-04-23 18:01 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000UA.job
2014-09-20 01:49 - 2014-05-25 22:55 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-20 01:49 - 2010-01-22 19:43 - 00366928 _____ () C:\Windows\PFRO.log
2014-09-20 01:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-20 01:49 - 2009-07-14 06:51 - 00184479 _____ () C:\Windows\setupact.log
2014-09-20 01:48 - 2014-09-20 01:42 - 00000000 ____D () C:\AdwCleaner
2014-09-20 01:44 - 2014-09-20 01:51 - 00002839 _____ () C:\Users\Daddy\Desktop\AdwCleaner[S0].txt
2014-09-20 01:40 - 2014-09-20 01:40 - 01361203 _____ () C:\Users\Daddy\Desktop\adwcleaner_3.306.exe
2014-09-20 01:36 - 2014-09-20 01:36 - 00009342 _____ () C:\Users\Daddy\Desktop\mbam.txt
2014-09-20 01:26 - 2014-09-19 20:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-20 01:23 - 2014-05-25 22:55 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-20 01:18 - 2014-09-20 01:17 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-20 01:17 - 2014-09-20 01:17 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-20 01:17 - 2014-09-20 01:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-20 01:17 - 2014-09-20 01:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-20 01:17 - 2014-09-20 01:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-20 01:15 - 2014-09-20 01:14 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Daddy\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-20 00:28 - 2014-09-20 00:21 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-20 00:20 - 2014-09-20 00:20 - 02105856 _____ (Farbar) C:\Users\Daddy\Desktop\FRST64.exe
2014-09-20 00:11 - 2010-01-29 20:35 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8284BB31-0CBF-4504-9CF4-17F940177E7E}
2014-09-19 23:54 - 2014-09-19 23:54 - 490967222 _____ () C:\Windows\MEMORY.DMP
2014-09-19 23:54 - 2014-09-19 23:54 - 00275960 _____ () C:\Windows\Minidump\091914-22978-01.dmp
2014-09-19 23:54 - 2010-01-22 20:56 - 00000000 ____D () C:\Windows\Minidump
2014-09-19 22:50 - 2014-09-19 22:50 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Daddy\Desktop\tdsskiller.exe
2014-09-19 21:58 - 2014-09-19 21:58 - 00003288 ____N () C:\bootsqm.dat
2014-09-19 21:46 - 2009-07-29 07:10 - 00000000 __SHD () C:\Recovery
2014-09-19 21:09 - 2010-01-09 01:48 - 00001755 _____ () C:\Windows\system32\ServiceFilter.ini
2014-09-19 20:38 - 2014-09-19 20:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-19 20:38 - 2014-09-19 20:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-19 20:38 - 2014-09-19 20:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-19 20:38 - 2014-09-19 20:38 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-19 20:31 - 2014-09-19 20:31 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-09-19 16:12 - 2010-01-16 20:53 - 00000000 ____D () C:\Users\Daddy
2014-09-19 12:52 - 2012-04-23 18:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-18 23:12 - 2009-08-04 11:51 - 00698374 _____ () C:\Windows\system32\perfh007.dat
2014-09-18 23:12 - 2009-08-04 11:51 - 00149038 _____ () C:\Windows\system32\perfc007.dat
2014-09-18 23:12 - 2009-07-14 07:13 - 01616954 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-18 21:45 - 2014-09-18 21:45 - 12789816 _____ () C:\Users\Daddy\Downloads\Warriors-MP3.zip
2014-09-18 17:51 - 2012-04-23 18:01 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000Core.job
2014-09-16 19:17 - 2014-09-16 19:14 - 00000000 ____D () C:\Users\Daddy\Desktop\alex mod
2014-09-16 19:14 - 2014-03-15 23:43 - 00000000 ___RD () C:\Users\Daddy\Dokumente
2014-09-14 03:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-12 18:44 - 2014-02-22 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-12 18:44 - 2013-11-01 18:40 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-12 18:44 - 2012-07-14 18:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-12 18:38 - 2014-09-12 18:38 - 00275960 _____ () C:\Windows\Minidump\091214-19983-01.dmp
2014-09-12 14:02 - 2011-07-26 13:20 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Skype
2014-09-12 13:55 - 2014-08-11 02:01 - 00000000 ___RD () C:\Users\Daddy\Desktop\*
2014-09-09 11:52 - 2014-09-09 11:52 - 00275960 _____ () C:\Windows\Minidump\090914-21840-01.dmp
2014-09-08 18:47 - 2014-09-07 15:06 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Teeworlds
2014-09-07 16:04 - 2014-09-07 16:04 - 00000824 _____ () C:\Users\Daddy\Desktop\teeworlds.lnk
2014-09-05 18:21 - 2014-09-05 18:12 - 00393216 _____ () C:\Windows\system32\Ikeext.etl
2014-09-05 18:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-08-31 20:59 - 2014-05-18 10:45 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-08-31 20:59 - 2014-05-18 10:45 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-08-31 20:59 - 2014-02-22 18:21 - 00000000 ____D () C:\Users\Daddy\Downloads\Games
2014-08-31 20:59 - 2010-01-09 01:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-31 13:50 - 2014-08-31 13:50 - 00275960 _____ () C:\Windows\Minidump\083114-31590-01.dmp
2014-08-30 14:11 - 2014-08-30 14:11 - 00000000 ____D () C:\Users\Daddy\Documents\NeocoreGames
2014-08-30 13:58 - 2010-01-16 22:30 - 00000000 ____D () C:\Users\Daddy\Documents\My Games
2014-08-30 02:54 - 2014-05-10 17:32 - 00000000 ____D () C:\Users\Daddy\AppData\Local\Battle.net
2014-08-29 17:23 - 2014-08-29 17:10 - 34888568 _____ (Riot Games) C:\Users\Daddy\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-08-29 16:31 - 2010-07-30 00:13 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-08-29 14:11 - 2012-05-26 19:47 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-08-29 14:09 - 2014-05-10 17:32 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-27 16:35 - 2014-04-30 17:19 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Spotify
2014-08-27 16:04 - 2014-04-30 17:20 - 00000000 ____D () C:\Users\Daddy\AppData\Local\Spotify
2014-08-27 00:28 - 2014-08-27 00:27 - 00000000 ____D () C:\Users\Daddy\LAN
2014-08-27 00:11 - 2014-08-27 00:10 - 00011264 ___SH () C:\Users\Daddy\Downloads\Thumbs.db
2014-08-27 00:10 - 2014-08-27 00:10 - 00010752 ___SH () C:\Users\Daddy\Desktop\Thumbs.db

Some content of TEMP:
====================
C:\Users\Daddy\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Daddy\AppData\Local\Temp\AskSLib.dll
C:\Users\Daddy\AppData\Local\Temp\avgnt.exe
C:\Users\Daddy\AppData\Local\Temp\ETDUninst.dll
C:\Users\Daddy\AppData\Local\Temp\Gw2.exe
C:\Users\Daddy\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Daddy\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Daddy\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Daddy\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Daddy\AppData\Local\Temp\Quarantine.exe
C:\Users\Daddy\AppData\Local\Temp\sonarinst.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34012332.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34013515.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34014036.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34014716.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34015670.exe
C:\Users\Daddy\AppData\Local\Temp\tmp101d6250.exe
C:\Users\Daddy\AppData\Local\Temp\UpdateFlashPlayer_d67338fd.exe
C:\Users\Daddy\AppData\Local\Temp\{68CB2CC0-30D1-411C-A47A-8813A14F810E}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 18:29

==================== End Of Log ============================
         
--- --- ---

--- --- ---




Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Daddy at 2014-09-20 02:02:20
Running from C:\Users\Daddy\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Actualização do Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0816-0000-0000000FF1CE}_PROHYBRIDR_{CCDE3C71-5F35-477F-BA90-1A399C91C10C}) (Version:  - Microsoft)
Actualização do Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0816-0000-0000000FF1CE}_PROHYBRIDR_{CF0BC77F-1B63-44BF-BCFE-3A8CBB9077D1}) (Version:  - Microsoft)
Actualização do Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0816-0000-0000000FF1CE}_PROHYBRIDR_{A1A8C49E-BB40-4852-853E-B5A1F6BB2A3C}) (Version:  - Microsoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0408-0000-0000000FF1CE}_PROHYBRIDR_{08A4BDB3-7A63-4F59-B9FA-EE80ADE88DC2}) (Version:  - Microsoft)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0408-0000-0000000FF1CE}_PROHYBRIDR_{C52A655D-F8AE-485D-908D-62CEC754B6A4}) (Version:  - Microsoft)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0408-0000-0000000FF1CE}_PROHYBRIDR_{054186C0-F351-472E-84E8-D5E16FA08241}) (Version:  - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.7 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.25 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3301 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.3301 - CyberLink Corp.) Hidden
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 2.0.36.1260 - eCareme Technologies, Inc.)
ASUS_N_Series_Screensaver (HKLM-x32\...\ASUS_N_Series_Screensaver) (Version:  - )
ATI Catalyst Install Manager (HKLM\...\{FEC0590D-D4DE-DB7C-C625-657FC30CF927}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0054 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0008 - ASUS)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1118.1260.23275 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help English (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help French (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help German (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
ccc-core-static (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
ccc-utility64 (Version: 2009.1118.1260.23275 - ATI) Hidden
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.4 - ASUS)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink MediaShow Espresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.0.0526 - CyberLink Corp.)
CyberLink MediaShow Espresso (x32 Version: 5.0.0526 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3509a - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3509a - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2311 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.2311 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Express Gate (HKLM-x32\...\{B5A5627C-0173-4DB2-ADA8-740479370F67}) (Version: 1.2.13.31 - DeviceVM, Inc.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.4 - ASUS)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.43.806 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.43.806 - DVDVideoSoft Ltd.)
Frontlines: Fuel of War (HKLM-x32\...\{C711E88C-9DC2-4254-A989-D6E017844DDF}) (Version: 1.3.0 - THQ)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
iTNC530 (340494) (HKLM-x32\...\{4E31D9A6-245B-41A6-949D-C7B029A703D2}) (Version:  - )
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.370 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM-x32\...\{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help §ó·sµ{¦¡ (KB963678) (HKLM-x32\...\{90120000-0016-0404-0000-0000000FF1CE}_PROHYBRIDR_{15EEA099-97F0-4952-8597-88472FF062D2}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office Excel MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM-x32\...\{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version:  - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM-x32\...\{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help §ó·sµ{¦¡ (KB963669) (HKLM-x32\...\{90120000-0018-0404-0000-0000000FF1CE}_PROHYBRIDR_{A7688131-70CB-4945-BAFA-11053AC34D75}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Russian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Chinese (Traditional)) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Dutch) 2007 (x32 Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Greek) 2007 (x32 Version: 12.0.4518.1029 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Hebrew) 2007 (x32 Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Portugal)) 2007 (x32 Version: 12.0.4518.1029 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Greek) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Hebrew) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM-x32\...\{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help §ó·sµ{¦¡ (KB963665) (HKLM-x32\...\{90120000-001B-0404-0000-0000000FF1CE}_PROHYBRIDR_{AD30F628-2AAE-43E0-A0D8-CDFA976E6A9E}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Office Word MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mini Ninjas (HKLM-x32\...\Steam App 35000) (Version:  - IO Interactive)
Mise à jour Microsoft Office Excel 2007 Help  (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version:  - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version:  - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version:  - Microsoft)
Mise à jour Microsoft Office Word 2007 Help  (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version:  - Microsoft)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040D-0000-0000000FF1CE}_PROHYBRIDR_{18E2D7BF-CC18-4CE8-B875-D2934B6086E2}) (Version:  - Microsoft)
òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040D-0000-0000000FF1CE}_PROHYBRIDR_{54B50AC9-2088-4F43-B39A-0F10F53D425E}) (Version:  - Microsoft)
òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040D-0000-0000000FF1CE}_PROHYBRIDR_{CAB664CE-BBA4-4A81-A358-6CC6F7852FC9}) (Version:  - Microsoft)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5995 - Realtek Semiconductor Corp.)
Skype™ 5.3 (HKLM-x32\...\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}) (Version: 5.3.120 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.2600 - SRS Labs, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Incredible Adventures of Van Helsing (HKLM-x32\...\Steam App 215530) (Version:  - NeocoreGames)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version:  - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version:  - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.14 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1479915848-3698468020-625273048-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1479915848-3698468020-625273048-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03FB7F63-5D99-48EC-9211-C4B530E13022} - System32\Tasks\{7CE09AFD-F27D-4CC6-95DF-6B78B6C0737A} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {04FDDD85-815E-4A9F-9C21-66FD7B9135FB} - System32\Tasks\{5320897F-DAD3-479F-967B-957E295E5F78} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {0E8B92FF-2344-42EC-940A-A7EAADFE2AEF} - System32\Tasks\{1AE9A9AA-F359-4C3E-866B-22EE2BD42932} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {13F69D18-EF62-4803-8651-40586B4AF5A7} - System32\Tasks\{7D0C89A6-220B-479A-9B1E-AAA3DEA304BB} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {1C88F5C9-CA1B-4280-9AFF-904574457AF7} - System32\Tasks\{49FBB1A9-7005-496A-B715-7D3962B5E024} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {24E7EF90-132F-4B78-BEFF-4D6B6ECF9D8E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {2B174B4D-076C-446E-B5F5-B04A6F260FFB} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {35EABD2C-7C07-479F-9063-85675E9143D8} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-09-24] ()
Task: {38D61FA6-8F8F-4193-B111-7FF1ADD77226} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {3A738DE0-C3D1-4241-AFEA-180513F73F1A} - System32\Tasks\{0D8E092B-7116-4886-BCAC-7627887EF2AA} => D:\instalProgramm\Heidenhein530\itnclaunch.EXE
Task: {3D66CA82-4A87-4BA3-9DEF-1A36F5CB9F02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {3E68CC0A-8389-407C-B4AC-E007F7B2ED9D} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-19] (ASUS)
Task: {410ED00F-F415-47D1-89C8-6E862CA00E54} - System32\Tasks\{6D6A9425-F02A-43D6-A553-C587497647D4} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {48969814-923F-43CF-80F3-CCFCF784B12A} - System32\Tasks\{36B9F202-3088-4A3E-8B26-47D0161CA57E} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {4BBE6869-0A00-42ED-8027-28BB3F043CBA} - System32\Tasks\{607FA0ED-22CE-403C-837B-D549F42090A1} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {4CC6320B-D55F-4294-9BA5-38DD55FD365D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: {4D323374-00EE-4734-B9C5-B47F71926DD1} - System32\Tasks\{494EE43C-A27A-43A0-937B-5B4EA1D6E8FB} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {4D77AADB-6644-4333-884A-4C1BD8148B14} - System32\Tasks\{E8DADE2A-5473-42C6-9344-14506B5983B5} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {4D8174D8-8C48-4798-989F-E1D11AC01D19} - System32\Tasks\{2F6A8821-B72B-4910-A57E-98FD5947BC08} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {4DAADFD2-C855-43BA-9B51-57E089636DA0} - System32\Tasks\{8CED5A9F-82EB-4418-BF6E-CDE2DDD8C6A7} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {52440FE5-978C-4486-AB75-1C9C65D646B8} - System32\Tasks\{26BB7E51-C4CD-4E48-B6FA-FB511AB151C0} => D:\Games\Age of Methology\Aomx_NoCD_Loader.exe
Task: {557CF159-390C-43F6-82BF-4187958A6CBA} - System32\Tasks\{05E31DAB-50C1-41BA-8954-7B04BA17DA5C} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {59D4328B-BBF7-43F0-A6C3-8BCA27D9FDF3} - System32\Tasks\{31B41EC3-EBA4-4626-B54E-3CA65FF1C52D} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {6007466A-A073-41AA-BB76-6D26ECBCFE1D} - System32\Tasks\{D1CBAB85-EC92-4A2F-88D2-6214CF46A01F} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {64AC7B93-F5F9-4A71-A314-219580DFE7CB} - System32\Tasks\{10FE5C06-6AA8-464C-BA26-83E0FD85E4E5} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {6645F1A3-4028-4450-8C64-3D1BF9334054} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-12-18] (TuneUp Software)
Task: {693B50B5-C49C-42A1-A042-82FF3398EBFB} - System32\Tasks\{641B5D20-6881-4819-ABA0-2AF5C8EEF11C} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {6986E9B5-4985-4AD4-9CB0-B7E80BF17FC3} - System32\Tasks\{DBBBD1E3-BA6A-4163-9960-C2EEA8A6C5DE} => D:\Programm\EXSLWINX\SERVER\START.EXE
Task: {69A7F967-803D-4AB2-A263-89732B0D8C26} - System32\Tasks\{A2A5F72B-9E61-46CF-B641-388450FFDB53} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {723429FF-39A4-4FCC-83C1-A616479148F0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000UA => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-23] (Google Inc.)
Task: {76043709-D083-422E-9BA2-8A796852F385} - System32\Tasks\{780431C9-23E9-42B6-B10B-A70599291CBA} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {89D93805-A4D1-4663-94B9-82BF919FEDE8} - System32\Tasks\{5B90A7D2-6D0B-4799-95A1-5B6E52C7B3E2} => D:\Programm\EXSLWINX\SERVER\START.EXE
Task: {8C2FAF10-77AF-419A-8A74-3AD966CEF703} - System32\Tasks\{30B3D042-F41F-480B-B11C-ECD101665044} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {98F2A7E1-597B-4D5F-ACB2-854E962E8140} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-11-07] (ATK)
Task: {99841740-F097-4D61-9AA2-41D408664D9E} - System32\Tasks\{CEC6E2F5-3C23-408B-8FDA-34C16D2C1360} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {9C1B9D41-825A-4463-9B4A-E92FCF7A3B01} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000Core => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-23] (Google Inc.)
Task: {9C7C43D9-0E96-43A4-B5D5-B3AA584B9198} - System32\Tasks\{E15888B0-8F1E-401D-8144-7695B9325BB1} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {9D09A5CD-6EDE-4382-B28B-B20A143FC65C} - System32\Tasks\{AEF5FBFA-CA52-472B-97E8-FC5E6893A756} => D:\instalProgramm\Heidenhein530\itnclaunch.EXE
Task: {A1BF1D2D-CE47-44D1-8DDE-CD553F10EE05} - System32\Tasks\{C470D71A-3519-44CC-8066-96A3224D308E} => D:\instalProgramm\Heidenhein530\itnclaunch.EXE
Task: {A7E7B620-CF25-4105-B18A-150A375953AB} - System32\Tasks\{A471E529-3D65-470F-A463-15758124F143} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {A838D148-7567-4012-8743-4C1D662C41FC} - System32\Tasks\{C1AEC165-46AE-4B9C-9958-22D272FEEEBA} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {ABE662F0-C969-4F59-8AA2-B909D95D9164} - System32\Tasks\Google Updater and Installer => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-23] (Google Inc.)
Task: {AC8B95FD-2D22-4C72-B2A7-A77E3ECD7DDB} - System32\Tasks\{191E7276-23ED-4C67-AA4A-F9709B102C0D} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {AD1F90BA-DCBD-4966-B2DE-93E38E056838} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {BB64D2E1-448B-41C7-B8FB-0398FC9CAA75} - System32\Tasks\{0A888769-12DB-4EDC-B5CF-C7B84D527FD8} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2011-06-15] (Skype Technologies S.A.)
Task: {BFECEE00-AD3A-4442-92BA-B336336BB48D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C6C0B8E9-F5E7-43FF-B751-92AB33C7F2DE} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-11-12] ()
Task: {C7422ED8-20DF-4F40-A594-067CF0BB1D02} - System32\Tasks\{EAD94CDE-E99A-4441-B7C2-AA0B19937CF4} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {C88308E3-4169-4D5D-90FF-F5D2364283F6} - System32\Tasks\{3996EB8C-5DA5-485D-A362-565DF638AE5E} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {CB0ABD3C-5877-4E19-9AF2-4FB2F25CAF0D} - System32\Tasks\{6A84EC5D-5E30-4604-85AD-0EAFE37B72D8} => D:\Programm\EXSLWINX\SERVER\START.EXE
Task: {DF9DBF63-6458-48E0-BDB6-7BF35EDED54F} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: {E05C4D93-54E1-41C4-A1A3-5D99D3F03214} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-09-23] (TODO: <Company name>)
Task: {E2AA4FCA-1D4A-4E43-814B-56125941B55F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {E69B5094-F91A-4C39-9FF5-3F25F3B02769} - System32\Tasks\{8ED09C41-6258-4FDC-9E23-6E45C6443E07} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {E835947D-E6BE-4B23-808A-7B84619EA857} - System32\Tasks\{EB22B261-09C8-4C69-8061-4AE6DDB547A8} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {EB759989-8844-4458-A7AE-093099D2F2ED} - System32\Tasks\{B35B384D-FDDD-4B70-BB1C-E912892B2508} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {EF3022F0-A857-43AD-97DB-00C3E68E701D} - System32\Tasks\{781FFB95-89B9-4A06-A967-37A5976C7996} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {EF9EF285-EC84-434B-BC50-95865B04468F} - System32\Tasks\{EA16595C-E528-47A7-A9C3-A881B326746E} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {F2336DD4-0215-469C-AFA3-77F9C21E1313} - System32\Tasks\{757B5A5A-7444-4C4D-93BE-13B1150C89B0} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {F2D80A1C-C4FA-4E95-B6BE-8DF344F8919F} - System32\Tasks\{4568D84C-4507-4470-BA3B-3FB391088878} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {F43044BA-EF13-41E3-8C4A-42E7B72A62EE} - System32\Tasks\{3139785A-5976-4507-AA87-8D61079CFDA2} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {FEF12DE6-41FD-4FCD-B53B-54AD8E39FC7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000Core.job => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000UA.job => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-09 01:48 - 2007-08-08 10:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2010-01-23 21:00 - 2013-11-01 18:46 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-09-24 23:50 - 2009-09-24 23:50 - 00053888 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2009-10-23 23:40 - 2009-10-23 23:40 - 00041984 _____ () C:\Program Files\P4G\DevMng.dll
2009-09-11 22:27 - 2009-09-11 22:27 - 00029184 _____ () C:\Program Files\P4G\OvrClk.dll
2010-01-09 01:48 - 2007-03-10 04:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll
2010-01-09 01:48 - 2007-11-30 21:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2008-10-01 09:02 - 2008-10-01 09:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-11-12 20:10 - 2009-11-12 20:10 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2013-12-18 11:01 - 2013-12-18 11:01 - 00742200 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2008-10-23 20:21 - 2008-10-23 20:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-01-09 01:41 - 2010-01-09 01:41 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-02-22 19:22 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Daddy\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2009-11-03 00:20 - 2009-11-03 00:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-03 00:23 - 2009-11-03 00:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-09-11 14:30 - 2014-09-04 05:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-11 14:30 - 2014-09-04 05:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-11 14:30 - 2014-09-04 05:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-11 14:30 - 2014-09-04 05:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-11 14:30 - 2014-09-04 05:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:734E442A
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:B88E99C8

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\60155534.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\70804624.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\60155534.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\70804624.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk => C:\Windows\pss\SRS Premium Sound.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EeeStorageBackup => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe MySyncFolder
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0"
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: UfSeAgnt.exe => "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-10 21:35:19.276
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-10 21:35:19.229
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-10 21:28:51.039
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-10 21:28:50.930
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 38%
Total physical RAM: 4020.53 MB
Available physical RAM: 2465.15 MB
Total Pagefile: 8039.2 MB
Available Pagefile: 5884.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:334.67 GB) (Free:97.89 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=334.7 GB) - (Type=OF Extended)

==================== End Of Log ============================
         

Alt 20.09.2014, 02:14   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Boo/Cidox.b - Standard

Boo/Cidox.b



Naja, 50 Funde ist nicht wirklich viel. Viele Elemente derselben Kategorie werden halt öfter im Protokoll erwähnt, die Anzahl ist auch nicht wirklich entscheidend, sondern welcher Typ an Schädlingen gefunden wird; in diesem Fall ist es nur Adware/Junkware (PUP = Potentialle Unwanted Program, auf Deutsch gesagt: Werbescheiße!)

Der Cidox war aber ein dickerer Fisch.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {52440FE5-978C-4486-AB75-1C9C65D646B8} - System32\Tasks\{26BB7E51-C4CD-4E48-B6FA-FB511AB151C0} => D:\Games\Age of Methology\Aomx_NoCD_Loader.exe
D:\Games\Age of Methology\Aomx_NoCD_Loader.exe
AlternateDataStreams: C:\ProgramData\Temp:734E442A
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:B88E99C8
Hosts:
EmptyTemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.09.2014, 02:28   #9
Mr.dub
 
Boo/Cidox.b - Standard

Boo/Cidox.b



Denn Cidox hab ich mir selber vorhin geholt ca. 3-4 std. her
hab mir ein video auf Youtube (Vollbild Modus) angesehen und dann kam so eine pop-up Aktualisierungs Meldung wie sie in Java immer vorkommt, da das video einfriert bis man Ja oder Nein gedrückt hat, hab ich blitzartig Ja gedrückt...
nicht mal gesehen was für'n scheiß ich da eigentlich zugestimmt habe.

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Daddy at 2014-09-20 02:18:28 Run:2
Running from C:\Users\Daddy\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {52440FE5-978C-4486-AB75-1C9C65D646B8} - System32\Tasks\{26BB7E51-C4CD-4E48-B6FA-FB511AB151C0} => D:\Games\Age of Methology\Aomx_NoCD_Loader.exe
D:\Games\Age of Methology\Aomx_NoCD_Loader.exe
AlternateDataStreams: C:\ProgramData\Temp:734E442A
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:B88E99C8
Hosts:
EmptyTemp:
         
*****************

"HKLM\SOFTWARE\Policies\Google" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52440FE5-978C-4486-AB75-1C9C65D646B8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52440FE5-978C-4486-AB75-1C9C65D646B8}" => Key deleted successfully.
C:\Windows\System32\Tasks\{26BB7E51-C4CD-4E48-B6FA-FB511AB151C0} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{26BB7E51-C4CD-4E48-B6FA-FB511AB151C0}" => Key deleted successfully.
"D:\Games\Age of Methology\Aomx_NoCD_Loader.exe" => File/Directory not found.
"C:\ProgramData\Temp" => ":734E442A" ADS not found.
"C:\ProgramData\Temp" => ":AB689DEA" ADS not found.
"C:\ProgramData\Temp" => ":B88E99C8" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 906 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====
         

Alt 20.09.2014, 02:31   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Boo/Cidox.b - Standard

Boo/Cidox.b



Zitat:
Denn Cidox hab ich mir selber vorhin geholt ca. 3-4 std. her
Schön aber schimpf ruhig mal deine Freundin aus, die sich nur die Werbung reingeholt hat, yeah


Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.09.2014, 04:33   #11
Mr.dub
 
Boo/Cidox.b - Standard

Boo/Cidox.b



Zitat:
Schön aber schimpf ruhig mal deine Freundin aus, die sich nur die Werbung reingeholt hat, yeah
Ich weis nicht wovon du redest.

Spaß bei Seite, ja war schon ziemlicher Fail von mir heute.

Ich weis sogar woher der kommt, vom "Free YouTube to MP3 Converter" von dvdvideosoft.
Da kommt hin und wieder bei der Werbeanzeige ein Pop up.


Ein Fund ESET: Win32/AdWare.1ClickDownload.AT Anwendung
Direkt einen Wiederherstellungspunkt setzen wenn der wieder sauber ist.


Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 20.09.2014
Suchlauf-Zeit: 02:33:27
Logdatei: MBAM.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.09.20.01
Rootkit Datenbank: v2014.09.19.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Daddy

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 317470
Verstrichene Zeit: 14 Min, 12 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=99daec2ae37bf24fb757cf00075d703e
# engine=20235
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-20 02:24:01
# local_time=2014-09-20 04:24:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT 
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 11395 18811396 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 75633361 162809691 0 0
# scanned=264303
# found=1
# cleaned=0
# scan_time=5447
sh=F079C03641FFA1FFD2B5E902839362F14EE96B9F ft=1 fh=6fd9347adf4c9e13 vn="Win32/AdWare.1ClickDownload.AT Anwendung" ac=I fn="C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000"
         

Alt 20.09.2014, 15:59   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Boo/Cidox.b - Standard

Boo/Cidox.b



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000
Hosts:
EmptyTemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.09.2014, 16:35   #13
Mr.dub
 
Boo/Cidox.b - Standard

Boo/Cidox.b



Hab mich hier im Forum noch etwas schlau gemacht und.

*Bin nochmal mit TFC drüber gegangen.
*Tuneup in die Hölle geschickt.
*Avira mit Avast ersetzt.



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Daddy at 2014-09-20 16:30:36 Run:3
Running from C:\Users\Daddy\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000
Hosts:
EmptyTemp:
         
*****************

C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 233 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====
         

Geändert von Mr.dub (20.09.2014 um 16:48 Uhr)

Alt 20.09.2014, 23:57   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Boo/Cidox.b - Standard

Boo/Cidox.b



Hast du sehr gut gemacht!

Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.09.2014, 01:26   #15
Mr.dub
 
Boo/Cidox.b - Standard

Boo/Cidox.b



Alles klar, benutze Google Chrome als Browser.
Da müsste es bestimmt auch was für geben bzw. Avast als Chrome App hab ich mir drauf gezogen, prüft seiten ob sie seriös sind etc pp. ob das wirklich was bringt oder nur Ressourcen frisst werden wir die kommenden paar Wochen sehen

Keine neuen Funde/Warnungen bis jetzt, werde nochmal ein paar komplette Scans machen.

Ich bedanke mich vielmals soweit für deine Professionelle Hilfe.

Antwort

Themen zu Boo/Cidox.b
angezeigt, avira antivir, beim starten, bluestacks, boo/cidox.b, dxgkrnl, fehlercode 0xc0000005, fehlercode windows, fontcache, pup.optional.conduit.a, pup.optional.dynconie.a, pup.optional.extutil.a, pup.optional.managera.a, pup.optional.ominent.a, pup.optional.searchprotect.a, pup.optional.superfish.a, pup.optional.sweetim.a, pup.optional.wajam.a, pup.optional.websteroids.a, pup.optional.wedownloadmanager.a, speichern, spotify web helper, trojan.agent.bpen, trojan.dropper.dled, trojan.fakems.ed, tunnel, uhrzeit, win32/adware.1clickdownload.at



Ähnliche Themen: Boo/Cidox.b


  1. Boo/Cidox.B auf Lappy von Freundin TDSS Log Inside
    Plagegeister aller Art und deren Bekämpfung - 09.12.2014 (14)
  2. Windows 7: Avira meldet Boo/ cidox.b virus und Windows ist nicht mehr aktiviert
    Log-Analyse und Auswertung - 20.10.2014 (15)
  3. BOO/Cidox.B
    Plagegeister aller Art und deren Bekämpfung - 19.10.2014 (31)
  4. BOO.cidox Performance sinkt
    Log-Analyse und Auswertung - 29.08.2014 (32)
  5. Cidox.A trotz Formatieren und Neuaufsetzen noch da
    Log-Analyse und Auswertung - 29.07.2014 (8)
  6. Fund: BOO/Cidox.B
    Log-Analyse und Auswertung - 08.06.2014 (5)
  7. Windows 7 - Avira meldet Befall mit BOO/Cidox.B und TR/Downloader.A.2539
    Log-Analyse und Auswertung - 08.05.2014 (10)
  8. Boo/Cidox.B
    Plagegeister aller Art und deren Bekämpfung - 03.05.2014 (21)

Zum Thema Boo/Cidox.b - Hallo Leute, ich würde mich sehr um eure Hilfe freuen, ich habe wie der titel schon sagt eine Meldung von Avira Antivir, Es kommt beim Starten des Rechners zu einer - Boo/Cidox.b...
Archiv
Du betrachtest: Boo/Cidox.b auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.