Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: PC friert ab und zu ein (nervig) #Forumszweig wechsel.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.10.2014, 12:12   #1
CMstorm
 
PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Frage

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



Hallo Trojaner,

habe seit einem Monate folgendes Problem, mein PC friert beim Surfen im Internet, beim Spielen von Games und allgemein einfach ein nach ca. 2 min läuft er normal wieder weiter.
Es fängt meistens so an das man nicht mehr auf einer Seite runter scrollen kann und die Images nicht mehr laden. Beim zocken (Alt-Tab) friert er auch ein wenn man danach einen Browser öffnet. Liegt es eventuell daran das ich 3 Festplatten drin habe?
Auf meiner SSD läuft Win7 64Bit die anderen 2 HDD´s dienen ehre als Datenspeicher für Video, Bilder und Spiele. Im Gerätemanager wird unter Netzwerkadapter "Microsoft-Teredo-Tunneling-Adapter" mit einem Ausrufezeichen aufgelistet hat das eventuell was damit zu tun?


Prozessor: AMD FX-8320 Prozessor, Boxed, Sockel AM3+
Mainboard: ASRock 990FX Extreme4, AM3+, ATX
Graka: Gigabyte Radeon R9 280X, 3GB DDR5, PCI-Express
Festplatten: Plextor PX-128M5P 128GB SSD SATA 6GB's, HDD Samsung HD103SJ 1TB, HDD ST1000DM003-1CH162 1TB.
Seagate Barracuda 7200 1000GB, SATA 6Gb/s (Neu) (Und ich habe noch eine alte Samsung SATA verbaut mit 1TB ist ca 2 Jahre alt.)
RAM: GeIL EVO Leggera Series DDR3-1866, CL9 - 16 GB Kit
Netzteil: WPM V2 700w Modular ATX 2.3
Betriebsystem: Win7 Home Premium 64Bit
Hoffe mir kann da jemand helfen.

Grüße und einen schönen Sonntag.

Alt 19.10.2014, 13:36   #2
schrauber
/// the machine
/// TB-Ausbilder
 

PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Standard

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 19.10.2014, 13:36   #3
schrauber
/// the machine
/// TB-Ausbilder
 

PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Standard

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
__________________

Alt 19.10.2014, 20:26   #4
CMstorm
 
PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Standard

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



[CODE]FRST:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-10-2014
Ran by aS-Sa (administrator) on AS-AMD on 19-10-2014 21:21:51
Running from C:\Users\aS-Sa\Downloads
Loaded Profiles: aS-Sa &  (Available profiles: aS-Sa)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.224\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.113\deploy\LolClient.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-10-01] (Malwarebytes Corporation)
HKU\S-1-5-21-784360129-3451452421-2497412078-1000\...\MountPoints2: {d44b36d0-9b2c-11e3-9627-bc5ff4e71a77} - G:\setup.exe
HKU\S-1-5-21-784360129-3451452421-2497412078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {d44b36d0-9b2c-11e3-9627-bc5ff4e71a77} - G:\setup.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8492F904-6226-4715-90BA-2CBA60FDB222}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-01]
CHR Extension: (Google Drive) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-10]
CHR Extension: (YouTube) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-10]
CHR Extension: (Google-Suche) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-10]
CHR Extension: (AdBlock) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-01]
CHR Extension: (Google Wallet) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-10]
CHR Extension: (Google Mail) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
S2 amdacpusrsvc; C:\AMD\amdacpusrsvc.exe [82432 2014-04-17] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [File not signed]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-17] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-08-13] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [293088 2014-09-16] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-10-19] (REALiX(tm))
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-19] (Malwarebytes Corporation)
S2 NSHE; C:\Windows\SysWOW64\Drivers\NSHE.SYS [97792 2008-11-23] (T0r0 2008) [File not signed]
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
U0 smnxosf; C:\Windows\System32\drivers\oknboq.sys [79064 2014-10-19] (Malwarebytes Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-19 21:21 - 2014-10-19 21:21 - 02112512 _____ (Farbar) C:\Users\aS-Sa\Downloads\FRST64.exe
2014-10-19 21:21 - 2014-10-19 21:21 - 00013581 _____ () C:\Users\aS-Sa\Downloads\FRST.txt
2014-10-19 21:21 - 2014-10-19 21:21 - 00000000 ____D () C:\FRST
2014-10-19 15:47 - 2014-10-19 16:00 - 00000224 _____ () C:\Windows\setupact.log
2014-10-19 15:47 - 2014-10-19 15:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-19 12:14 - 2014-10-19 12:14 - 00144025 _____ () C:\Users\aS-Sa\Desktop\uh.LOG
2014-10-19 12:12 - 2014-10-19 12:12 - 02695584 _____ (Martin Malík - REALiX ) C:\Users\aS-Sa\Downloads\hw64_446.exe
2014-10-19 12:12 - 2014-10-19 12:12 - 00027552 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2014-10-19 12:12 - 2014-10-19 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2014-10-19 12:12 - 2014-10-19 12:12 - 00000000 ____D () C:\Program Files\HWiNFO64
2014-10-19 12:11 - 2014-10-19 12:11 - 00000000 ____D () C:\Users\aS-Sa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2014-10-19 12:11 - 2014-10-19 12:11 - 00000000 ____D () C:\Program Files (x86)\GPU-Z
2014-10-19 12:10 - 2014-10-19 12:10 - 02176665 _____ () C:\Users\aS-Sa\Downloads\cpu-z-171.zip
2014-10-19 12:10 - 2014-10-19 12:10 - 01629982 _____ () C:\Users\aS-Sa\Downloads\GPU-Z.0.7.9.zip
2014-10-19 12:10 - 2014-10-19 12:10 - 00000000 ____D () C:\Users\aS-Sa\Downloads\GPU-Z.0.7.9
2014-10-19 12:10 - 2014-10-19 12:10 - 00000000 ____D () C:\Users\aS-Sa\Downloads\cpu-z-171
2014-10-19 11:25 - 2014-10-19 11:25 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\oknboq.sys
2014-10-19 10:35 - 2014-10-19 10:35 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-19 10:35 - 2014-10-19 10:35 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-19 10:35 - 2014-10-19 10:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-19 10:35 - 2014-10-19 10:35 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-19 10:35 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-19 10:35 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-19 10:35 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-19 10:33 - 2014-10-19 10:33 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\aS-Sa\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-18 20:42 - 2014-10-18 20:42 - 00023384 _____ () C:\Users\aS-Sa\Downloads\TWD1-4_GER_DL_BRip_x264_-_GNB_v2-wdsosbnr2cn.dlc
2014-10-18 20:35 - 2014-10-18 20:35 - 00047408 _____ () C:\Users\aS-Sa\Downloads\UL_TheWalkingDead.s03-qd07tcn3z4ju.dlc
2014-10-18 20:34 - 2014-10-18 20:34 - 00040004 _____ () C:\Users\aS-Sa\Downloads\UL_TheWalkingDead.s02-hsy9scntwzd.dlc
2014-10-18 20:33 - 2014-10-18 20:33 - 00019844 _____ () C:\Users\aS-Sa\Downloads\UL_TheWalkingDead.s01-78x9scn1jt16x.dlc
2014-10-16 06:28 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 06:28 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 06:28 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 06:28 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 06:28 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 06:28 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 06:28 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 06:28 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 06:28 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 06:28 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 06:28 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 06:28 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 06:28 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 06:28 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 06:28 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 06:28 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 06:28 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 06:28 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 06:28 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 06:28 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 06:28 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 06:28 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 06:28 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 06:28 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 06:28 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 06:28 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 06:28 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 06:28 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 06:28 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 06:28 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 06:28 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 06:28 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 06:28 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 06:28 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 06:28 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 06:28 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 06:28 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 06:28 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 06:28 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 06:28 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 06:28 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 06:28 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 06:28 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 06:28 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 06:28 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 06:28 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 06:28 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 06:28 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 06:28 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 06:28 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 06:28 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 06:28 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 06:28 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 06:28 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 06:28 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 06:28 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 06:28 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 06:28 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 06:28 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 06:28 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 06:28 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 06:28 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 06:28 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 06:28 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 06:28 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 06:28 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 06:28 - 2014-08-29 04:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 06:28 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 06:28 - 2014-08-29 04:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-16 06:28 - 2014-08-29 04:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-16 06:28 - 2014-08-29 04:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 06:28 - 2014-08-29 03:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 06:28 - 2014-08-29 03:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 06:28 - 2014-08-29 03:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 06:28 - 2014-08-29 03:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-16 06:28 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 06:28 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 06:28 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 06:28 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 06:28 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 06:28 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 06:28 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 06:28 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 06:28 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 06:28 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 06:28 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 06:28 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 06:28 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 06:28 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 06:28 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 06:28 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 06:28 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-09 06:23 - 2014-10-09 06:23 - 00062096 _____ () C:\Windows\SysWOW64\CCCInstall_201410090623411335.log
2014-10-09 06:23 - 2014-10-09 06:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-10-09 06:23 - 2014-10-09 06:23 - 00000000 ____D () C:\ProgramData\ATI
2014-10-09 06:23 - 2014-10-09 06:23 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-10-05 21:53 - 2014-10-19 10:34 - 00007663 _____ () C:\Users\aS-Sa\AppData\Local\Resmon.ResmonCfg
2014-10-04 17:47 - 2014-10-04 17:47 - 00000000 ____D () C:\Users\aS-Sa\Documents\WB Games
2014-10-04 17:45 - 2014-10-04 17:45 - 00001082 _____ () C:\Users\aS-Sa\Desktop\ Mittelerde Mordors Schatten Premium Edition.lnk
2014-10-04 14:22 - 2014-10-04 14:22 - 00023850 _____ () C:\Users\aS-Sa\Downloads\111672.zip
2014-10-04 14:02 - 2014-10-04 14:02 - 00001120 _____ () C:\Users\Public\Desktop\Hotspot Shield.lnk
2014-10-04 14:02 - 2014-10-04 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2014-10-04 14:02 - 2014-10-04 14:02 - 00000000 ____D () C:\ProgramData\Hotspot Shield
2014-10-04 14:02 - 2014-05-17 04:35 - 00044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2014-10-04 14:01 - 2014-10-04 14:02 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield
2014-10-04 14:01 - 2014-10-04 14:01 - 00000000 ____D () C:\Users\aS-Sa\AppData\Roaming\Hotspot Shield
2014-10-02 06:38 - 2014-10-02 06:38 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-01 18:04 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 18:04 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-29 18:15 - 2014-09-29 18:15 - 00004257 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-29 18:15 - 2014-09-29 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-26 17:52 - 2014-09-26 18:26 - 00000000 ____D () C:\Users\aS-Sa\AppData\Local\Microsoft Games
2014-09-24 20:47 - 2014-09-24 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-24 20:47 - 2014-09-24 20:47 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-24 05:41 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 05:41 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-21 20:40 - 2014-09-21 20:40 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-09-21 20:40 - 2014-09-21 20:40 - 00000000 ____D () C:\Riot Games
2014-09-21 20:40 - 2014-09-21 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-09-21 18:14 - 2014-10-14 17:54 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-21 18:13 - 2014-10-15 06:02 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-21 18:12 - 2014-10-15 06:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-21 18:12 - 2014-09-21 18:12 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-09-21 18:12 - 2014-09-21 18:12 - 00000000 ____D () C:\Users\aS-Sa\AppData\Roaming\Avira
2014-09-21 18:11 - 2014-10-15 06:02 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-21 18:11 - 2014-10-14 17:54 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-09-21 18:11 - 2014-10-14 17:54 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-09-21 18:11 - 2014-09-21 18:13 - 00000000 ____D () C:\ProgramData\Avira
2014-09-21 18:11 - 2014-08-15 10:30 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-19 21:08 - 2014-02-10 02:32 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-19 20:49 - 2014-02-10 20:58 - 00000000 ____D () C:\Users\aS-Sa\AppData\Roaming\TS3Client
2014-10-19 20:47 - 2014-02-10 17:09 - 00000000 ____D () C:\Users\aS-Sa\AppData\Roaming\Skype
2014-10-19 19:58 - 2009-07-14 06:45 - 00033968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-19 19:58 - 2009-07-14 06:45 - 00033968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-19 18:50 - 2014-02-10 02:20 - 01490789 _____ () C:\Windows\WindowsUpdate.log
2014-10-19 18:08 - 2014-02-10 02:32 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-19 15:46 - 2014-02-10 20:58 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-10-19 12:23 - 2014-02-10 13:50 - 00000000 ____D () C:\Users\aS-Sa\AppData\Roaming\vlc
2014-10-19 11:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-10-19 09:51 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-10-19 09:51 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-10-19 09:51 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-19 09:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-17 17:10 - 2014-02-10 02:32 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-16 17:09 - 2009-07-14 06:45 - 05064256 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 17:09 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-16 17:08 - 2014-05-06 22:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 06:44 - 2013-12-13 21:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 06:42 - 2013-12-13 21:00 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 06:02 - 2014-02-10 02:24 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-14 23:28 - 2014-09-17 18:42 - 00001164 _____ () C:\Users\aS-Sa\Desktop\Router-Einstellungen.txt
2014-10-09 06:23 - 2014-02-10 02:25 - 00000000 ____D () C:\ProgramData\AMD
2014-10-09 06:23 - 2014-02-10 02:24 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-10-09 06:20 - 2014-06-02 17:37 - 00000000 ____D () C:\AMD
2014-10-03 21:13 - 2014-03-02 22:32 - 00000000 ____D () C:\Users\aS-Sa\Desktop\Bild
2014-10-02 06:38 - 2014-07-17 19:49 - 00000000 ____D () C:\ProgramData\Apple
2014-10-02 06:38 - 2014-07-17 19:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-02 06:35 - 2014-07-17 19:45 - 00000000 ____D () C:\Users\aS-Sa\AppData\Roaming\WindSolutions
2014-10-02 06:35 - 2014-07-17 19:45 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-09-29 18:15 - 2014-07-04 18:09 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-29 18:15 - 2014-02-10 13:12 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-26 20:06 - 2014-08-07 21:31 - 00000000 ____D () C:\Users\aS-Sa\AppData\Local\NFS Underground 2
2014-09-26 15:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-25 06:13 - 2014-02-19 20:03 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-24 20:47 - 2014-02-10 17:09 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-24 20:47 - 2014-02-10 17:09 - 00000000 ____D () C:\ProgramData\Skype
2014-09-23 20:51 - 2014-05-11 17:58 - 00000000 ____D () C:\Users\aS-Sa\Desktop\Bewerbung 2014x
2014-09-21 20:39 - 2014-02-10 02:56 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-09-21 18:14 - 2014-02-21 07:45 - 00013779 _____ () C:\lxcr.log
2014-09-21 18:12 - 2014-02-10 02:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-21 18:07 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-21 18:03 - 2013-11-14 22:08 - 00000000 ____D () C:\Program Files (x86)\Riot
2014-09-20 13:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

Some content of TEMP:
====================
C:\Users\aS-Sa\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-11 18:42

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-10-2014
Ran by aS-Sa at 2014-10-19 21:22:11
Running from C:\Users\aS-Sa\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Airline Tycoon 2 - Gold Edition (HKLM-x32\...\Airline Tycoon 2 - Gold Edition_is1) (Version:  - )
AMD Accelerated Video Transcoding (Version: 13.30.100.40915 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0915.1813.30937 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0915.1813.30937 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.80830.0144 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In  (Version: 2.07.0000 - AMD) Hidden
AMD USB Filter Driver (x32 Version: 1.0.14.91 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.12 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.3 - Broadcom Corporation)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CopyTrans Control Center deinstallieren (HKCU\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
Debugging Tools for Windows (x86) (HKLM-x32\...\{48F95CE7-69D9-4967-81F7-D763CABFBD53}) (Version: 6.10.3.233 - Microsoft Corporation)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.5 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Audio CD Burner version 2.0.26.530 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: 2.0.26.530 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
HWiNFO64 Version 4.46 (HKLM\...\HWiNFO64_is1) (Version: 4.46 - Martin Malík - REALiX)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.7.4 - www.leaguereplays.com)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1036 - Marvell)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mittelerde Mordors Schatten Premium Edition MULTi2 1.0 (HKLM-x32\...\Mittelerde Mordors Schatten Premium Edition MULTi2 1.0) (Version:  - )
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Need for Speed Underground 2 Version 1.2 (HKLM-x32\...\Need for Speed Underground 2_is1) (Version: 1.2 - EA Games)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6378 - Realtek Semiconductor Corp.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27252 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM-x32\...\Vegas Pro 12.0 (64-bit)) (Version: 12.0 (64-bit) - Exµs ™)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wolfenstein - Enemy Territory (HKLM-x32\...\Wolfenstein - Enemy Territory) (Version: 2.60b - ACTIVISION)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-784360129-3451452421-2497412078-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-784360129-3451452421-2497412078-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-784360129-3451452421-2497412078-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-784360129-3451452421-2497412078-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-784360129-3451452421-2497412078-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-784360129-3451452421-2497412078-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

==================== Restore Points  =========================

04-10-2014 12:02:18 Gerätetreiber-Paketinstallation: Anchorfree Inc Netzwerkdienst
09-10-2014 04:21:25 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
09-10-2014 04:21:32 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
16-10-2014 04:42:43 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {40C6D697-81B6-43F4-BA15-61A85AEA0D92} - System32\Tasks\{8697D75B-2FFA-4DBB-8A28-F150462AABE9} => E:\ETKA\PROG\EtStart.exe
Task: {90EED239-04FF-4A4B-99CF-1D4AE1F6547B} - System32\Tasks\{7A9FF4A8-82D4-40CB-8842-346DBC780171} => E:\FIFA 14\Game\fifa14-3dm.exe
Task: {936BF6AA-585F-4E61-B05A-24EDE1B3D881} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {BD7E4DA9-C142-4F81-A9FD-205BEFF98459} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-10] (Google Inc.)
Task: {C4D57B59-BAFD-4543-946E-E87BC5A79B5F} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {E78C96E1-2ED2-4E5B-9077-60C974D79D4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-10] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-15 18:13 - 2014-09-15 18:13 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-05-17 00:34 - 2014-05-17 00:34 - 00430344 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2014-04-30 19:59 - 2014-08-13 12:51 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-09-15 18:13 - 2014-09-15 18:13 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-01-21 16:54 - 2014-09-21 20:41 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2014-09-21 20:41 - 2014-10-10 00:00 - 02448376 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.224\deploy\LoLLauncher.exe
2014-10-10 00:00 - 2014-10-10 00:00 - 04143096 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\LoLPatcher.exe
2014-09-21 20:52 - 2014-09-21 20:52 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.113\deploy\LolClient.exe
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-17 02:11 - 2014-05-17 02:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-05-17 02:37 - 2014-05-17 02:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-10 00:00 - 2014-10-10 00:00 - 01629176 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\RiotLauncher.dll
2014-09-21 20:41 - 2014-09-21 20:41 - 42975744 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\libcef.dll
2014-09-21 20:41 - 2014-09-21 20:41 - 01559552 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\icui18n.dll
2014-09-21 20:41 - 2014-09-21 20:41 - 01241088 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\icuuc.dll
2014-09-21 20:41 - 2014-09-21 20:41 - 04945408 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\v8.dll
2014-10-10 00:00 - 2014-10-10 00:00 - 01708032 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\RiotRadsIO.dll
2014-09-21 20:51 - 2014-09-21 20:51 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.113\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2014-10-17 17:10 - 2014-10-10 04:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-17 17:10 - 2014-10-10 04:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-17 17:10 - 2014-10-10 04:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-17 17:10 - 2014-10-10 04:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\aS-Sa\AppData\Local\Temp:Zw9J9RhheT73wGUEeOpSoYj

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup
MSCONFIG\startupreg: lxcrmon.exe => "C:\Program Files (x86) (x86)\Lexmark 2400 Series\lxcrmon.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

========================= Accounts: ==========================

Administrator (S-1-5-21-784360129-3451452421-2497412078-500 - Administrator - Disabled)
aS-Sa (S-1-5-21-784360129-3451452421-2497412078-1000 - Administrator - Enabled) => C:\Users\aS-Sa
Gast (S-1-5-21-784360129-3451452421-2497412078-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: ACP Kernel Service Driver
Description: ACP Kernel Service Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: amdacpksd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/19/2014 01:06:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm HWiNFO64.EXE, Version 4.4.6.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1984

Startzeit: 01cfeb8c9d19e1e1

Endzeit: 15945

Anwendungspfad: C:\Program Files\HWiNFO64\HWiNFO64.EXE

Berichts-ID: fa6435ee-577f-11e4-ab9f-bc5ff4e71a77

Error: (10/19/2014 09:47:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2014 09:45:40 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (10/19/2014 08:42:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2014 08:40:21 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (10/18/2014 01:01:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/18/2014 00:59:39 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (10/18/2014 05:03:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/18/2014 05:01:16 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (10/17/2014 04:52:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-09-05 21:26:21.606
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-05 21:26:21.558
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-03 21:07:52.898
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-03 21:07:52.856
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-28 19:16:42.236
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-28 19:16:42.189
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-28 19:08:23.967
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-28 19:08:23.936
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: AMD FX(tm)-8320 Eight-Core Processor 
Percentage of memory in use: 25%
Total physical RAM: 16338.85 MB
Available physical RAM: 12119.05 MB
Total Pagefile: 32675.88 MB
Available Pagefile: 27785.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.02 GB) (Free:34.73 GB) NTFS
Drive e: (Neue Festplatte) (Fixed) (Total:931.41 GB) (Free:868.32 GB) NTFS
Drive f: (Alte Festplatte) (Fixed) (Total:931.5 GB) (Free:652.89 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3A4B3A4A)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 8322DFEA)

Partition: GPT Partition Type.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D7FBA931)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 20.10.2014, 17:35   #5
schrauber
/// the machine
/// TB-Ausbilder
 

PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Standard

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.10.2014, 18:21   #6
CMstorm
 
PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Standard

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



Code:
ATTFilter
19:19:10.0190 0x14fc  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
19:19:10.0190 0x14fc  UEFI system
19:19:13.0981 0x14fc  ============================================================
19:19:13.0982 0x14fc  Current date / time: 2014/10/20 19:19:13.0981
19:19:13.0982 0x14fc  SystemInfo:
19:19:13.0982 0x14fc  
19:19:13.0982 0x14fc  OS Version: 6.1.7601 ServicePack: 1.0
19:19:13.0982 0x14fc  Product type: Workstation
19:19:13.0982 0x14fc  ComputerName: AS-AMD
19:19:13.0982 0x14fc  UserName: aS-Sa
19:19:13.0982 0x14fc  Windows directory: C:\Windows
19:19:13.0982 0x14fc  System windows directory: C:\Windows
19:19:13.0982 0x14fc  Running under WOW64
19:19:13.0982 0x14fc  Processor architecture: Intel x64
19:19:13.0982 0x14fc  Number of processors: 8
19:19:13.0982 0x14fc  Page size: 0x1000
19:19:13.0982 0x14fc  Boot type: Normal boot
19:19:13.0982 0x14fc  ============================================================
19:19:14.0127 0x14fc  KLMD registered as C:\Windows\system32\drivers\14723908.sys
19:19:14.0211 0x14fc  System UUID: {50F83869-C5B6-627B-EA83-0248E7B36575}
19:19:21.0757 0x14fc  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0CADE00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:19:21.0757 0x14fc  Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:19:21.0757 0x14fc  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:19:21.0764 0x14fc  ============================================================
19:19:21.0764 0x14fc  \Device\Harddisk0\DR0:
19:19:21.0764 0x14fc  MBR partitions:
19:19:21.0764 0x14fc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74701AC1
19:19:21.0764 0x14fc  \Device\Harddisk1\DR1:
19:19:21.0764 0x14fc  GPT partitions:
19:19:21.0764 0x14fc  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4FCADC3A-937A-4601-9B04-489E4D676B37}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
19:19:21.0764 0x14fc  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F070A2E3-64FC-4E42-AABC-76CF0422A98D}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
19:19:21.0764 0x14fc  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {060D9017-3F4F-40A5-99FB-2766762F9274}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0xEE09800
19:19:21.0764 0x14fc  MBR partitions:
19:19:21.0764 0x14fc  \Device\Harddisk2\DR2:
19:19:21.0765 0x14fc  MBR partitions:
19:19:21.0765 0x14fc  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
19:19:21.0765 0x14fc  ============================================================
19:19:21.0765 0x14fc  C: <-> \Device\Harddisk1\DR1\Partition3
19:19:21.0767 0x14fc  E: <-> \Device\Harddisk2\DR2\Partition1
19:19:21.0767 0x14fc  F: <-> \Device\Harddisk0\DR0\Partition1
19:19:21.0767 0x14fc  ============================================================
19:19:21.0768 0x14fc  Initialize success
19:19:21.0768 0x14fc  ============================================================
19:19:34.0073 0x18c4  ============================================================
19:19:34.0073 0x18c4  Scan started
19:19:34.0073 0x18c4  Mode: Manual; SigCheck; TDLFS; 
19:19:34.0073 0x18c4  ============================================================
19:19:34.0073 0x18c4  KSN ping started
19:19:36.0780 0x18c4  KSN ping finished: true
19:19:37.0112 0x18c4  ================ Scan system memory ========================
19:19:37.0112 0x18c4  System memory - ok
19:19:37.0113 0x18c4  ================ Scan services =============================
19:19:37.0163 0x18c4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
19:19:37.0238 0x18c4  1394ohci - ok
19:19:37.0259 0x18c4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:19:37.0278 0x18c4  ACPI - ok
19:19:37.0283 0x18c4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:19:37.0301 0x18c4  AcpiPmi - ok
19:19:37.0306 0x18c4  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:19:37.0321 0x18c4  AdobeARMservice - ok
19:19:37.0335 0x18c4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:19:37.0360 0x18c4  adp94xx - ok
19:19:37.0371 0x18c4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:19:37.0391 0x18c4  adpahci - ok
19:19:37.0398 0x18c4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:19:37.0414 0x18c4  adpu320 - ok
19:19:37.0420 0x18c4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:19:37.0453 0x18c4  AeLookupSvc - ok
19:19:37.0467 0x18c4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
19:19:37.0495 0x18c4  AFD - ok
19:19:37.0500 0x18c4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:19:37.0513 0x18c4  agp440 - ok
19:19:37.0518 0x18c4  [ BC569A6C209D94F6643EE35710AEC1F6, 321988427CD33F7195EF419427B17443BDFEEDA27D296BD8CE0B495B51DE60D8 ] aksdf           C:\Windows\system32\DRIVERS\aksdf.sys
19:19:37.0535 0x18c4  aksdf - ok
19:19:37.0540 0x18c4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:19:37.0556 0x18c4  ALG - ok
19:19:37.0560 0x18c4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:19:37.0571 0x18c4  aliide - ok
19:19:37.0579 0x18c4  [ F17B1902DFCED1C24DB57492A7896FF8, 966AB1A072A8AF98D7EDD2A388D919B50FC41A06E1C51B04B2C2F54F1BA7F0D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:19:37.0604 0x18c4  AMD External Events Utility - ok
19:19:37.0608 0x18c4  AMD FUEL Service - ok
19:19:37.0617 0x18c4  [ 6190A6BBDCE4BEB0E2B3943862C64842, C84765DDECFF03E59D1AA672E1936031C3E3375284D52875341DF6C414AA6383 ] amdacpksd       C:\Windows\system32\drivers\amdacpksd.sys
19:19:37.0641 0x18c4  amdacpksd - ok
19:19:37.0646 0x18c4  [ E696F48E288CC3FFDB9AEBF6AFDB791C, 78532672634EA9AE1E6C823528136DF74407CCF5518B4919CC074498B1D321B6 ] amdacpusrsvc    C:\AMD\amdacpusrsvc.exe
19:19:37.0656 0x18c4  amdacpusrsvc - detected UnsignedFile.Multi.Generic ( 1 )
19:19:40.0396 0x18c4  Detect skipped due to KSN trusted
19:19:40.0396 0x18c4  amdacpusrsvc - ok
19:19:40.0403 0x18c4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:19:40.0431 0x18c4  amdide - ok
19:19:40.0440 0x18c4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:19:40.0464 0x18c4  AmdK8 - ok
19:19:40.0815 0x18c4  [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:19:41.0229 0x18c4  amdkmdag - ok
19:19:41.0269 0x18c4  [ AF6B384E03D15471EDCEDDDEBAA363B2, 2D8CFA26D69A8FF0FAC6EBA2E5A62977B21ECBA0C65458072FEC4A886B3EDD73 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:19:41.0300 0x18c4  amdkmdap - ok
19:19:41.0304 0x18c4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:19:41.0316 0x18c4  AmdPPM - ok
19:19:41.0320 0x18c4  [ 53D8D46D51D390ABDB54ECA623165CB7, D16A3604412D0DC3EA68320FB6980D146ED60D587AAB6B65810C038AFF1EC237 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
19:19:41.0333 0x18c4  amdsata - ok
19:19:41.0341 0x18c4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:19:41.0358 0x18c4  amdsbs - ok
19:19:41.0362 0x18c4  [ 75C51148154E34EB3D7BB84749A758D5, 8865F223CBAE166A9BF6CBCDA66F63369F151CCB449A28E95560C36AD45D0C85 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:19:41.0372 0x18c4  amdxata - ok
19:19:41.0389 0x18c4  [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:19:41.0411 0x18c4  AntiVirSchedulerService - ok
19:19:41.0423 0x18c4  [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:19:41.0443 0x18c4  AntiVirService - ok
19:19:41.0447 0x18c4  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:19:41.0459 0x18c4  AODDriver4.3 - ok
19:19:41.0463 0x18c4  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
19:19:41.0494 0x18c4  AppID - ok
19:19:41.0498 0x18c4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:19:41.0531 0x18c4  AppIDSvc - ok
19:19:41.0535 0x18c4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
19:19:41.0552 0x18c4  Appinfo - ok
19:19:41.0556 0x18c4  [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:19:41.0568 0x18c4  Apple Mobile Device - ok
19:19:41.0576 0x18c4  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:19:41.0595 0x18c4  AppMgmt - ok
19:19:41.0600 0x18c4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
19:19:41.0614 0x18c4  arc - ok
19:19:41.0620 0x18c4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:19:41.0634 0x18c4  arcsas - ok
19:19:41.0647 0x18c4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:19:41.0665 0x18c4  aspnet_state - ok
19:19:41.0669 0x18c4  [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger   C:\Windows\system32\DRIVERS\AsrAppCharger.sys
19:19:41.0679 0x18c4  AsrAppCharger - ok
19:19:41.0683 0x18c4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:19:41.0712 0x18c4  AsyncMac - ok
19:19:41.0716 0x18c4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:19:41.0724 0x18c4  atapi - ok
19:19:41.0730 0x18c4  [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:19:41.0747 0x18c4  AtiHDAudioService - ok
19:19:41.0765 0x18c4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:19:41.0815 0x18c4  AudioEndpointBuilder - ok
19:19:41.0830 0x18c4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:19:41.0870 0x18c4  AudioSrv - ok
19:19:41.0877 0x18c4  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
19:19:41.0891 0x18c4  avgntflt - ok
19:19:41.0897 0x18c4  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
19:19:41.0913 0x18c4  avipbb - ok
19:19:41.0919 0x18c4  [ 485B85B3FF68FB7454984CB92A0532D9, 287F6C6ADF3D96C8AC1BD1FFAD82563DA72A26CF0DECDEA7E987A020EBE06552 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
19:19:41.0935 0x18c4  Avira.OE.ServiceHost - ok
19:19:41.0938 0x18c4  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
19:19:41.0950 0x18c4  avkmgr - ok
19:19:41.0955 0x18c4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:19:41.0980 0x18c4  AxInstSV - ok
19:19:41.0993 0x18c4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:19:42.0019 0x18c4  b06bdrv - ok
19:19:42.0029 0x18c4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:19:42.0049 0x18c4  b57nd60a - ok
19:19:42.0056 0x18c4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:19:42.0075 0x18c4  BDESVC - ok
19:19:42.0078 0x18c4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:19:42.0106 0x18c4  Beep - ok
19:19:42.0125 0x18c4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:19:42.0159 0x18c4  BFE - ok
19:19:42.0181 0x18c4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:19:42.0237 0x18c4  BITS - ok
19:19:42.0242 0x18c4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:19:42.0256 0x18c4  blbdrive - ok
19:19:42.0261 0x18c4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:19:42.0277 0x18c4  bowser - ok
19:19:42.0280 0x18c4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:19:42.0294 0x18c4  BrFiltLo - ok
19:19:42.0298 0x18c4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:19:42.0311 0x18c4  BrFiltUp - ok
19:19:42.0317 0x18c4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:19:42.0337 0x18c4  Browser - ok
19:19:42.0346 0x18c4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:19:42.0369 0x18c4  Brserid - ok
19:19:42.0374 0x18c4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:19:42.0390 0x18c4  BrSerWdm - ok
19:19:42.0393 0x18c4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:19:42.0408 0x18c4  BrUsbMdm - ok
19:19:42.0411 0x18c4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:19:42.0423 0x18c4  BrUsbSer - ok
19:19:42.0428 0x18c4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:19:42.0445 0x18c4  BTHMODEM - ok
19:19:42.0451 0x18c4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:19:42.0484 0x18c4  bthserv - ok
19:19:42.0489 0x18c4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:19:42.0521 0x18c4  cdfs - ok
19:19:42.0528 0x18c4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:19:42.0546 0x18c4  cdrom - ok
19:19:42.0551 0x18c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:19:42.0585 0x18c4  CertPropSvc - ok
19:19:42.0589 0x18c4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:19:42.0615 0x18c4  circlass - ok
19:19:42.0626 0x18c4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
19:19:42.0647 0x18c4  CLFS - ok
19:19:42.0653 0x18c4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:19:42.0668 0x18c4  clr_optimization_v2.0.50727_32 - ok
19:19:42.0674 0x18c4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:19:42.0689 0x18c4  clr_optimization_v2.0.50727_64 - ok
19:19:42.0700 0x18c4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:19:42.0722 0x18c4  clr_optimization_v4.0.30319_32 - ok
19:19:42.0727 0x18c4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:19:42.0746 0x18c4  clr_optimization_v4.0.30319_64 - ok
19:19:42.0750 0x18c4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:19:42.0762 0x18c4  CmBatt - ok
19:19:42.0766 0x18c4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:19:42.0777 0x18c4  cmdide - ok
19:19:42.0791 0x18c4  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
19:19:42.0821 0x18c4  CNG - ok
19:19:42.0825 0x18c4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:19:42.0836 0x18c4  Compbatt - ok
19:19:42.0840 0x18c4  [ 0C5B0DF7EF9F719EBAE9F8FE70E083A9, 3C21F5688D7EF748B7D48625E85FB9D5A6A4ABCE1939AF4D6993D3AD5CE71FD2 ] CompFilter64    C:\Windows\system32\DRIVERS\lvbflt64.sys
19:19:42.0851 0x18c4  CompFilter64 - ok
19:19:42.0855 0x18c4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:19:42.0871 0x18c4  CompositeBus - ok
19:19:42.0874 0x18c4  COMSysApp - ok
19:19:42.0877 0x18c4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:19:42.0889 0x18c4  crcdisk - ok
19:19:42.0897 0x18c4  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:19:42.0917 0x18c4  CryptSvc - ok
19:19:42.0934 0x18c4  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
19:19:42.0961 0x18c4  CSC - ok
19:19:42.0980 0x18c4  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
19:19:43.0006 0x18c4  CscService - ok
19:19:43.0022 0x18c4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:19:43.0060 0x18c4  DcomLaunch - ok
19:19:43.0070 0x18c4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:19:43.0108 0x18c4  defragsvc - ok
19:19:43.0113 0x18c4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:19:43.0144 0x18c4  DfsC - ok
19:19:43.0154 0x18c4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:19:43.0179 0x18c4  Dhcp - ok
19:19:43.0183 0x18c4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:19:43.0213 0x18c4  discache - ok
19:19:43.0218 0x18c4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
19:19:43.0231 0x18c4  Disk - ok
19:19:43.0236 0x18c4  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
19:19:43.0252 0x18c4  dmvsc - ok
19:19:43.0259 0x18c4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:19:43.0279 0x18c4  Dnscache - ok
19:19:43.0288 0x18c4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:19:43.0328 0x18c4  dot3svc - ok
19:19:43.0334 0x18c4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:19:43.0363 0x18c4  DPS - ok
19:19:43.0366 0x18c4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:19:43.0378 0x18c4  drmkaud - ok
19:19:43.0401 0x18c4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:19:43.0434 0x18c4  DXGKrnl - ok
19:19:43.0442 0x18c4  [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD, 967829CE37158020F6026C588260FCFC6F9852DDDACD622FAF7AB75121DF5B3D ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
19:19:43.0459 0x18c4  E1G60 - ok
19:19:43.0465 0x18c4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:19:43.0500 0x18c4  EapHost - ok
19:19:43.0569 0x18c4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:19:43.0671 0x18c4  ebdrv - ok
19:19:43.0686 0x18c4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
19:19:43.0700 0x18c4  EFS - ok
19:19:43.0717 0x18c4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:19:43.0752 0x18c4  ehRecvr - ok
19:19:43.0757 0x18c4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:19:43.0776 0x18c4  ehSched - ok
19:19:43.0780 0x18c4  [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
19:19:43.0792 0x18c4  ElbyCDIO - ok
19:19:43.0807 0x18c4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:19:43.0832 0x18c4  elxstor - ok
19:19:43.0836 0x18c4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:19:43.0849 0x18c4  ErrDev - ok
19:19:43.0854 0x18c4  [ DF2F6C1E55F6E81CFC7F688380D85816, D9085466AA9D98AA01CD8ADEBD798CB326D4FD53A07BD199C3E6E500B4619355 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
19:19:43.0867 0x18c4  EtronHub3 - ok
19:19:43.0871 0x18c4  [ E093ABFB67A4B9D94F80611A7D0A8BB9, A23D58767F58CBDFAA4AD25779BBBC4FAD51CBD8FEB9C89284635631E4F084A6 ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
19:19:43.0884 0x18c4  EtronXHCI - ok
19:19:43.0898 0x18c4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:19:43.0939 0x18c4  EventSystem - ok
19:19:43.0947 0x18c4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:19:43.0980 0x18c4  exfat - ok
19:19:43.0988 0x18c4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:19:44.0023 0x18c4  fastfat - ok
19:19:44.0041 0x18c4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:19:44.0072 0x18c4  Fax - ok
19:19:44.0077 0x18c4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:19:44.0090 0x18c4  fdc - ok
19:19:44.0093 0x18c4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:19:44.0122 0x18c4  fdPHost - ok
19:19:44.0126 0x18c4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:19:44.0157 0x18c4  FDResPub - ok
19:19:44.0162 0x18c4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:19:44.0176 0x18c4  FileInfo - ok
19:19:44.0179 0x18c4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:19:44.0209 0x18c4  Filetrace - ok
19:19:44.0212 0x18c4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:19:44.0225 0x18c4  flpydisk - ok
19:19:44.0234 0x18c4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:19:44.0254 0x18c4  FltMgr - ok
19:19:44.0281 0x18c4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
19:19:44.0327 0x18c4  FontCache - ok
19:19:44.0332 0x18c4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:19:44.0345 0x18c4  FontCache3.0.0.0 - ok
19:19:44.0349 0x18c4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:19:44.0362 0x18c4  FsDepends - ok
19:19:44.0366 0x18c4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:19:44.0378 0x18c4  Fs_Rec - ok
19:19:44.0386 0x18c4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:19:44.0407 0x18c4  fvevol - ok
19:19:44.0412 0x18c4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:19:44.0425 0x18c4  gagp30kx - ok
19:19:44.0444 0x18c4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:19:44.0489 0x18c4  gpsvc - ok
19:19:44.0496 0x18c4  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:44.0505 0x18c4  gupdate - ok
19:19:44.0509 0x18c4  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:44.0519 0x18c4  gupdatem - ok
19:19:44.0529 0x18c4  [ D8BF3C594BD17A37960362E6C6739B90, 612343B4C6FB91F5FA06CD7622B53005E89BC93746CD99A4325427E617C9A90B ] Hardlock        C:\Windows\system32\drivers\hardlock.sys
19:19:44.0553 0x18c4  Hardlock - ok
19:19:44.0557 0x18c4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:19:44.0572 0x18c4  hcw85cir - ok
19:19:44.0582 0x18c4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:19:44.0608 0x18c4  HdAudAddService - ok
19:19:44.0614 0x18c4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:19:44.0628 0x18c4  HDAudBus - ok
19:19:44.0632 0x18c4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:19:44.0645 0x18c4  HidBatt - ok
19:19:44.0650 0x18c4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:19:44.0667 0x18c4  HidBth - ok
19:19:44.0671 0x18c4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:19:44.0687 0x18c4  HidIr - ok
19:19:44.0691 0x18c4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
19:19:44.0723 0x18c4  hidserv - ok
19:19:44.0726 0x18c4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:19:44.0740 0x18c4  HidUsb - ok
19:19:44.0745 0x18c4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:19:44.0778 0x18c4  hkmsvc - ok
19:19:44.0786 0x18c4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:19:44.0810 0x18c4  HomeGroupListener - ok
19:19:44.0817 0x18c4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:19:44.0836 0x18c4  HomeGroupProvider - ok
19:19:44.0841 0x18c4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:19:44.0855 0x18c4  HpSAMD - ok
19:19:44.0878 0x18c4  [ 77ED10C64F9DE2BF3F4F0B92541422F6, ADC7DDA8CBA47E7EE17BAB9EAA5DD51EB86A4DDB402EF1F24F81ECCA990583A6 ] hshld           C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
19:19:44.0911 0x18c4  hshld - detected UnsignedFile.Multi.Generic ( 1 )
19:19:47.0626 0x18c4  Detect skipped due to KSN trusted
19:19:47.0626 0x18c4  hshld - ok
19:19:47.0636 0x18c4  [ 0063ACEBB5BBE8C563A6ADB09155E644, BC7C9AFB83F5345065BB070A5D992DCE13CB35027D8FE402B338D775C896317B ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
19:19:47.0664 0x18c4  HssDRV6 - ok
19:19:47.0672 0x18c4  [ 7A97848FE7C47F9390427EBDDD92F9F1, 2C053D1433585B3FA0ED839CDFC80CAB3A2D670F5B1F6E3D80BC31EB5CE0E948 ] HssTrayService  C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
19:19:47.0693 0x18c4  HssTrayService - ok
19:19:47.0707 0x18c4  [ 5CB01FD5AA4885BC4811433B54393AF2, 018AC4FDE8099731C3D9F77EE66B6EB902DC246D4E68DD20962CD2D7C48C2123 ] HssWd           C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
19:19:47.0735 0x18c4  HssWd - ok
19:19:47.0758 0x18c4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:19:47.0823 0x18c4  HTTP - ok
19:19:47.0828 0x18c4  [ 94724AD8E21E3CFF22A2FAB7BBABF725, 226F76C7CF80AF734DB64111E95595EC5E02658482A574643900A6C61A69236C ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO64A.SYS
19:19:47.0840 0x18c4  HWiNFO32 - ok
19:19:47.0843 0x18c4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:19:47.0854 0x18c4  hwpolicy - ok
19:19:47.0859 0x18c4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:19:47.0876 0x18c4  i8042prt - ok
19:19:47.0888 0x18c4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:19:47.0911 0x18c4  iaStorV - ok
19:19:47.0932 0x18c4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:19:47.0970 0x18c4  idsvc - ok
19:19:47.0975 0x18c4  IEEtwCollectorService - ok
19:19:47.0979 0x18c4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:19:47.0992 0x18c4  iirsp - ok
19:19:48.0013 0x18c4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:19:48.0051 0x18c4  IKEEXT - ok
19:19:48.0114 0x18c4  [ C7124DA48E557D8F88D0D7F1254557F4, 300BC8ACB5CCB15F80ECAEAD27F12925EE94C84FE8110143A3E0F30E19DDA87B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:19:48.0186 0x18c4  IntcAzAudAddService - ok
19:19:48.0194 0x18c4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:19:48.0206 0x18c4  intelide - ok
19:19:48.0210 0x18c4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
19:19:48.0226 0x18c4  intelppm - ok
19:19:48.0231 0x18c4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:19:48.0266 0x18c4  IPBusEnum - ok
19:19:48.0271 0x18c4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:19:48.0302 0x18c4  IpFilterDriver - ok
19:19:48.0318 0x18c4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:19:48.0342 0x18c4  iphlpsvc - ok
19:19:48.0347 0x18c4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:19:48.0364 0x18c4  IPMIDRV - ok
19:19:48.0369 0x18c4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:19:48.0402 0x18c4  IPNAT - ok
19:19:48.0406 0x18c4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:19:48.0422 0x18c4  IRENUM - ok
19:19:48.0425 0x18c4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:19:48.0437 0x18c4  isapnp - ok
19:19:48.0447 0x18c4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:19:48.0466 0x18c4  iScsiPrt - ok
19:19:48.0479 0x18c4  [ 1D7AAB58F4E21697AF8F46EAA81823DD, 551EA1B53224F99EDCFD8A9E754C5313CFF4BCBFFFB8DC54D3F3419527F8152C ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
19:19:48.0499 0x18c4  k57nd60a - ok
19:19:48.0503 0x18c4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:19:48.0516 0x18c4  kbdclass - ok
19:19:48.0520 0x18c4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:19:48.0533 0x18c4  kbdhid - ok
19:19:48.0537 0x18c4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
19:19:48.0547 0x18c4  KeyIso - ok
19:19:48.0552 0x18c4  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:19:48.0567 0x18c4  KSecDD - ok
19:19:48.0573 0x18c4  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:19:48.0589 0x18c4  KSecPkg - ok
19:19:48.0593 0x18c4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:19:48.0622 0x18c4  ksthunk - ok
19:19:48.0633 0x18c4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:19:48.0675 0x18c4  KtmRm - ok
19:19:48.0683 0x18c4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:19:48.0720 0x18c4  LanmanServer - ok
19:19:48.0726 0x18c4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:19:48.0759 0x18c4  LanmanWorkstation - ok
19:19:48.0765 0x18c4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:19:48.0796 0x18c4  lltdio - ok
19:19:48.0805 0x18c4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:19:48.0847 0x18c4  lltdsvc - ok
19:19:48.0851 0x18c4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:19:48.0881 0x18c4  lmhosts - ok
19:19:48.0888 0x18c4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:19:48.0902 0x18c4  LSI_FC - ok
19:19:48.0907 0x18c4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:19:48.0922 0x18c4  LSI_SAS - ok
19:19:48.0927 0x18c4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:19:48.0941 0x18c4  LSI_SAS2 - ok
19:19:48.0946 0x18c4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:19:48.0961 0x18c4  LSI_SCSI - ok
19:19:48.0967 0x18c4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:19:49.0000 0x18c4  luafv - ok
19:19:49.0012 0x18c4  [ A401CFF74982D8DF851F20307C806073, 1D7BA90C9E77FAAE59F60AB5310EC41D9C5B98F1F9A89A3CDB9169E6DEF565DA ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
19:19:49.0032 0x18c4  LVRS64 - ok
19:19:49.0131 0x18c4  [ 13384CB5F5813E65F31078D6ABFAAF38, A6E7374C15CAECC273197BF62F8F926BA30E9509270A8470756F4710E1DEA126 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
19:19:49.0258 0x18c4  LVUVC64 - ok
19:19:49.0269 0x18c4  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
19:19:49.0280 0x18c4  MBfilt - ok
19:19:49.0285 0x18c4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:19:49.0304 0x18c4  Mcx2Svc - ok
19:19:49.0308 0x18c4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:19:49.0320 0x18c4  megasas - ok
19:19:49.0330 0x18c4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:19:49.0349 0x18c4  MegaSR - ok
19:19:49.0356 0x18c4  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:19:49.0370 0x18c4  Microsoft Office Groove Audit Service - ok
19:19:49.0374 0x18c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:19:49.0406 0x18c4  MMCSS - ok
19:19:49.0410 0x18c4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:19:49.0440 0x18c4  Modem - ok
19:19:49.0444 0x18c4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:19:49.0456 0x18c4  monitor - ok
19:19:49.0460 0x18c4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:19:49.0473 0x18c4  mouclass - ok
19:19:49.0477 0x18c4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:19:49.0490 0x18c4  mouhid - ok
19:19:49.0494 0x18c4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:19:49.0508 0x18c4  mountmgr - ok
19:19:49.0514 0x18c4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:19:49.0531 0x18c4  mpio - ok
19:19:49.0536 0x18c4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:19:49.0567 0x18c4  mpsdrv - ok
19:19:49.0588 0x18c4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:19:49.0641 0x18c4  MpsSvc - ok
19:19:49.0648 0x18c4  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:19:49.0665 0x18c4  MRxDAV - ok
19:19:49.0672 0x18c4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:19:49.0690 0x18c4  mrxsmb - ok
19:19:49.0700 0x18c4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:19:49.0721 0x18c4  mrxsmb10 - ok
19:19:49.0727 0x18c4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:19:49.0743 0x18c4  mrxsmb20 - ok
19:19:49.0747 0x18c4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:19:49.0759 0x18c4  msahci - ok
19:19:49.0765 0x18c4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:19:49.0781 0x18c4  msdsm - ok
19:19:49.0787 0x18c4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:19:49.0806 0x18c4  MSDTC - ok
19:19:49.0812 0x18c4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:19:49.0841 0x18c4  Msfs - ok
19:19:49.0844 0x18c4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:19:49.0873 0x18c4  mshidkmdf - ok
19:19:49.0877 0x18c4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:19:49.0888 0x18c4  msisadrv - ok
19:19:49.0894 0x18c4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:19:49.0931 0x18c4  MSiSCSI - ok
19:19:49.0934 0x18c4  msiserver - ok
19:19:49.0937 0x18c4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:19:49.0965 0x18c4  MSKSSRV - ok
19:19:49.0968 0x18c4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:19:49.0998 0x18c4  MSPCLOCK - ok
19:19:50.0008 0x18c4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:19:50.0037 0x18c4  MSPQM - ok
19:19:50.0048 0x18c4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:19:50.0069 0x18c4  MsRPC - ok
19:19:50.0075 0x18c4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:19:50.0083 0x18c4  mssmbios - ok
19:19:50.0087 0x18c4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:19:50.0116 0x18c4  MSTEE - ok
19:19:50.0119 0x18c4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:19:50.0132 0x18c4  MTConfig - ok
19:19:50.0137 0x18c4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:19:50.0150 0x18c4  Mup - ok
19:19:50.0159 0x18c4  [ 77073C1AF9C0921FF18EE628049BB1A9, 5143FA3DCB5D1C1B0FEF939F43CB6D99FD0F6C21839D94A6696D256BB01047ED ] mv91xx          C:\Windows\system32\DRIVERS\mv91xx.sys
19:19:50.0178 0x18c4  mv91xx - ok
19:19:50.0192 0x18c4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:19:50.0235 0x18c4  napagent - ok
19:19:50.0246 0x18c4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:19:50.0272 0x18c4  NativeWifiP - ok
19:19:50.0295 0x18c4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:19:50.0322 0x18c4  NDIS - ok
19:19:50.0327 0x18c4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:19:50.0357 0x18c4  NdisCap - ok
19:19:50.0360 0x18c4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:19:50.0390 0x18c4  NdisTapi - ok
19:19:50.0394 0x18c4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:19:50.0424 0x18c4  Ndisuio - ok
19:19:50.0431 0x18c4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:19:50.0465 0x18c4  NdisWan - ok
19:19:50.0470 0x18c4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:19:50.0499 0x18c4  NDProxy - ok
19:19:50.0503 0x18c4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:19:50.0533 0x18c4  NetBIOS - ok
19:19:50.0542 0x18c4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:19:50.0579 0x18c4  NetBT - ok
19:19:50.0582 0x18c4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
19:19:50.0592 0x18c4  Netlogon - ok
19:19:50.0603 0x18c4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:19:50.0643 0x18c4  Netman - ok
19:19:50.0649 0x18c4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:19:50.0668 0x18c4  NetMsmqActivator - ok
19:19:50.0673 0x18c4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:19:50.0685 0x18c4  NetPipeActivator - ok
19:19:50.0698 0x18c4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:19:50.0742 0x18c4  netprofm - ok
19:19:50.0747 0x18c4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:19:50.0759 0x18c4  NetTcpActivator - ok
19:19:50.0764 0x18c4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:19:50.0776 0x18c4  NetTcpPortSharing - ok
19:19:50.0780 0x18c4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:19:50.0793 0x18c4  nfrd960 - ok
19:19:50.0803 0x18c4  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:19:50.0820 0x18c4  NlaSvc - ok
19:19:50.0828 0x18c4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:19:50.0858 0x18c4  Npfs - ok
19:19:50.0861 0x18c4  NSHE - ok
19:19:50.0865 0x18c4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:19:50.0897 0x18c4  nsi - ok
19:19:50.0901 0x18c4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:19:50.0930 0x18c4  nsiproxy - ok
19:19:50.0969 0x18c4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:19:51.0024 0x18c4  Ntfs - ok
19:19:51.0029 0x18c4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:19:51.0057 0x18c4  Null - ok
19:19:51.0064 0x18c4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:19:51.0080 0x18c4  nvraid - ok
19:19:51.0086 0x18c4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:19:51.0103 0x18c4  nvstor - ok
19:19:51.0108 0x18c4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:19:51.0123 0x18c4  nv_agp - ok
19:19:51.0136 0x18c4  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:19:51.0162 0x18c4  odserv - ok
19:19:51.0167 0x18c4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:19:51.0183 0x18c4  ohci1394 - ok
19:19:51.0188 0x18c4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:19:51.0204 0x18c4  ose - ok
19:19:51.0216 0x18c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:19:51.0234 0x18c4  p2pimsvc - ok
19:19:51.0247 0x18c4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:19:51.0275 0x18c4  p2psvc - ok
19:19:51.0280 0x18c4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
19:19:51.0296 0x18c4  Parport - ok
19:19:51.0300 0x18c4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:19:51.0315 0x18c4  partmgr - ok
19:19:51.0321 0x18c4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:19:51.0346 0x18c4  PcaSvc - ok
19:19:51.0353 0x18c4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:19:51.0364 0x18c4  pci - ok
19:19:51.0367 0x18c4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:19:51.0378 0x18c4  pciide - ok
19:19:51.0386 0x18c4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:19:51.0404 0x18c4  pcmcia - ok
19:19:51.0408 0x18c4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:19:51.0421 0x18c4  pcw - ok
19:19:51.0438 0x18c4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:19:51.0488 0x18c4  PEAUTH - ok
19:19:51.0520 0x18c4  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:19:51.0565 0x18c4  PeerDistSvc - ok
19:19:51.0593 0x18c4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:19:51.0608 0x18c4  PerfHost - ok
19:19:51.0644 0x18c4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:19:51.0711 0x18c4  pla - ok
19:19:51.0725 0x18c4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:19:51.0752 0x18c4  PlugPlay - ok
19:19:51.0756 0x18c4  PnkBstrA - ok
19:19:51.0759 0x18c4  [ AAB547E4278174BEF5DF44A4811D1673, 9A434E78AB5EE7AC08F8102CD7AC70B1A43F9D7FA23CF8B338015105C8B67B84 ] PNPMEM          C:\Windows\system32\DRIVERS\pnpmem.sys
19:19:51.0773 0x18c4  PNPMEM - ok
19:19:51.0777 0x18c4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:19:51.0792 0x18c4  PNRPAutoReg - ok
19:19:51.0802 0x18c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:19:51.0819 0x18c4  PNRPsvc - ok
19:19:51.0833 0x18c4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:19:51.0877 0x18c4  PolicyAgent - ok
19:19:51.0885 0x18c4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:19:51.0916 0x18c4  Power - ok
19:19:51.0921 0x18c4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:19:51.0954 0x18c4  PptpMiniport - ok
19:19:51.0959 0x18c4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
19:19:51.0974 0x18c4  Processor - ok
19:19:51.0981 0x18c4  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:19:52.0003 0x18c4  ProfSvc - ok
19:19:52.0007 0x18c4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:19:52.0017 0x18c4  ProtectedStorage - ok
19:19:52.0023 0x18c4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:19:52.0050 0x18c4  Psched - ok
19:19:52.0085 0x18c4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:19:52.0132 0x18c4  ql2300 - ok
19:19:52.0140 0x18c4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:19:52.0156 0x18c4  ql40xx - ok
19:19:52.0164 0x18c4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:19:52.0190 0x18c4  QWAVE - ok
19:19:52.0194 0x18c4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:19:52.0212 0x18c4  QWAVEdrv - ok
19:19:52.0215 0x18c4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:19:52.0244 0x18c4  RasAcd - ok
19:19:52.0249 0x18c4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:19:52.0279 0x18c4  RasAgileVpn - ok
19:19:52.0284 0x18c4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:19:52.0319 0x18c4  RasAuto - ok
19:19:52.0324 0x18c4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:19:52.0357 0x18c4  Rasl2tp - ok
19:19:52.0367 0x18c4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:19:52.0407 0x18c4  RasMan - ok
19:19:52.0412 0x18c4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:19:52.0445 0x18c4  RasPppoe - ok
19:19:52.0450 0x18c4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:19:52.0481 0x18c4  RasSstp - ok
19:19:52.0492 0x18c4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:19:52.0530 0x18c4  rdbss - ok
19:19:52.0534 0x18c4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:19:52.0549 0x18c4  rdpbus - ok
19:19:52.0552 0x18c4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:19:52.0580 0x18c4  RDPCDD - ok
19:19:52.0588 0x18c4  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:19:52.0605 0x18c4  RDPDR - ok
19:19:52.0609 0x18c4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:19:52.0637 0x18c4  RDPENCDD - ok
19:19:52.0641 0x18c4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:19:52.0669 0x18c4  RDPREFMP - ok
19:19:52.0674 0x18c4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:19:52.0687 0x18c4  RdpVideoMiniport - ok
19:19:52.0694 0x18c4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:19:52.0713 0x18c4  RDPWD - ok
19:19:52.0721 0x18c4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:19:52.0739 0x18c4  rdyboost - ok
19:19:52.0744 0x18c4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:19:52.0779 0x18c4  RemoteAccess - ok
19:19:52.0785 0x18c4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:19:52.0820 0x18c4  RemoteRegistry - ok
19:19:52.0825 0x18c4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:19:52.0857 0x18c4  RpcEptMapper - ok
19:19:52.0860 0x18c4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:19:52.0873 0x18c4  RpcLocator - ok
19:19:52.0887 0x18c4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:19:52.0925 0x18c4  RpcSs - ok
19:19:52.0933 0x18c4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:19:52.0964 0x18c4  rspndr - ok
19:19:52.0968 0x18c4  [ B6105E2B2F81D8CBA5A5E005F97EA4F5, CDFDEEEB1C351DF0C55B4FFE318B93939DC57AC9919B64B2FC67F6D39CF4A77F ] rzendpt         C:\Windows\system32\DRIVERS\rzendpt.sys
19:19:52.0980 0x18c4  rzendpt - ok
19:19:52.0987 0x18c4  [ D30A8C2D23A7AB6664028A9C72E1809E, 1F2486F02A332CA68BA82B69B0188861EA0BA470D0A8CA1C0A4A771D84BC3613 ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
19:19:53.0001 0x18c4  rzudd - ok
19:19:53.0005 0x18c4  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
19:19:53.0017 0x18c4  s3cap - ok
19:19:53.0020 0x18c4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
19:19:53.0030 0x18c4  SamSs - ok
19:19:53.0035 0x18c4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:19:53.0050 0x18c4  sbp2port - ok
19:19:53.0057 0x18c4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:19:53.0095 0x18c4  SCardSvr - ok
19:19:53.0099 0x18c4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:19:53.0129 0x18c4  scfilter - ok
19:19:53.0154 0x18c4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
19:19:53.0216 0x18c4  Schedule - ok
19:19:53.0223 0x18c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:19:53.0249 0x18c4  SCPolicySvc - ok
19:19:53.0256 0x18c4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:19:53.0278 0x18c4  SDRSVC - ok
19:19:53.0281 0x18c4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:19:53.0310 0x18c4  secdrv - ok
19:19:53.0314 0x18c4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:19:53.0344 0x18c4  seclogon - ok
19:19:53.0349 0x18c4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:19:53.0382 0x18c4  SENS - ok
19:19:53.0386 0x18c4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:19:53.0402 0x18c4  SensrSvc - ok
19:19:53.0405 0x18c4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:19:53.0418 0x18c4  Serenum - ok
19:19:53.0424 0x18c4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:19:53.0439 0x18c4  Serial - ok
19:19:53.0443 0x18c4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:19:53.0456 0x18c4  sermouse - ok
19:19:53.0466 0x18c4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:19:53.0500 0x18c4  SessionEnv - ok
19:19:53.0503 0x18c4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:19:53.0517 0x18c4  sffdisk - ok
19:19:53.0520 0x18c4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:19:53.0534 0x18c4  sffp_mmc - ok
19:19:53.0538 0x18c4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:19:53.0552 0x18c4  sffp_sd - ok
19:19:53.0555 0x18c4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:19:53.0568 0x18c4  sfloppy - ok
19:19:53.0579 0x18c4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:19:53.0622 0x18c4  SharedAccess - ok
19:19:53.0634 0x18c4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:19:53.0674 0x18c4  ShellHWDetection - ok
19:19:53.0678 0x18c4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:19:53.0691 0x18c4  SiSRaid2 - ok
19:19:53.0696 0x18c4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:19:53.0709 0x18c4  SiSRaid4 - ok
19:19:53.0714 0x18c4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:19:53.0747 0x18c4  Smb - ok
19:19:53.0753 0x18c4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:19:53.0767 0x18c4  SNMPTRAP - ok
19:19:53.0770 0x18c4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:19:53.0781 0x18c4  spldr - ok
19:19:53.0797 0x18c4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
19:19:53.0825 0x18c4  Spooler - ok
19:19:53.0899 0x18c4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:19:54.0033 0x18c4  sppsvc - ok
19:19:54.0042 0x18c4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:19:54.0077 0x18c4  sppuinotify - ok
19:19:54.0090 0x18c4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:19:54.0117 0x18c4  srv - ok
19:19:54.0130 0x18c4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:19:54.0155 0x18c4  srv2 - ok
19:19:54.0162 0x18c4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:19:54.0180 0x18c4  srvnet - ok
19:19:54.0187 0x18c4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:19:54.0224 0x18c4  SSDPSRV - ok
19:19:54.0228 0x18c4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:19:54.0260 0x18c4  SstpSvc - ok
19:19:54.0264 0x18c4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:19:54.0276 0x18c4  stexstor - ok
19:19:54.0292 0x18c4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:19:54.0327 0x18c4  stisvc - ok
19:19:54.0332 0x18c4  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:19:54.0345 0x18c4  storflt - ok
19:19:54.0349 0x18c4  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:19:54.0362 0x18c4  storvsc - ok
19:19:54.0365 0x18c4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:19:54.0376 0x18c4  swenum - ok
19:19:54.0390 0x18c4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:19:54.0437 0x18c4  swprv - ok
19:19:54.0443 0x18c4  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\Synth3dVsc.sys
19:19:54.0457 0x18c4  Synth3dVsc - ok
19:19:54.0495 0x18c4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
19:19:54.0563 0x18c4  SysMain - ok
19:19:54.0571 0x18c4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:19:54.0596 0x18c4  TabletInputService - ok
19:19:54.0601 0x18c4  [ BCF5E78E87D258088346E399E406E501, FD75AC5A7085E08AB00A2D0CE01970873598E381B6542DC5EBAC240D727AF6D7 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
19:19:54.0614 0x18c4  taphss6 - ok
19:19:54.0625 0x18c4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:19:54.0665 0x18c4  TapiSrv - ok
19:19:54.0672 0x18c4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:19:54.0703 0x18c4  TBS - ok
19:19:54.0746 0x18c4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:19:54.0809 0x18c4  Tcpip - ok
19:19:54.0851 0x18c4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:19:54.0898 0x18c4  TCPIP6 - ok
19:19:54.0905 0x18c4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:19:54.0919 0x18c4  tcpipreg - ok
19:19:54.0925 0x18c4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:19:54.0937 0x18c4  TDPIPE - ok
19:19:54.0941 0x18c4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:19:54.0953 0x18c4  TDTCP - ok
19:19:54.0959 0x18c4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:19:54.0990 0x18c4  tdx - ok
19:19:55.0104 0x18c4  [ 3925953FB6F91E9D45858F63AF777D24, 0398C124B717D1D1F70AF1B8E8D18363E853A44F632CFACDA15EFDE394F7DA18 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
19:19:55.0222 0x18c4  TeamViewer9 - ok
19:19:55.0234 0x18c4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:19:55.0247 0x18c4  TermDD - ok
19:19:55.0251 0x18c4  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
19:19:55.0264 0x18c4  terminpt - ok
19:19:55.0282 0x18c4  [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService     C:\Windows\System32\termsrv.dll
19:19:55.0316 0x18c4  TermService - ok
19:19:55.0321 0x18c4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:19:55.0341 0x18c4  Themes - ok
19:19:55.0346 0x18c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:19:55.0373 0x18c4  THREADORDER - ok
19:19:55.0379 0x18c4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:19:55.0414 0x18c4  TrkWks - ok
19:19:55.0421 0x18c4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:19:55.0453 0x18c4  TrustedInstaller - ok
19:19:55.0458 0x18c4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:19:55.0472 0x18c4  tssecsrv - ok
19:19:55.0477 0x18c4  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:19:55.0491 0x18c4  TsUsbFlt - ok
19:19:55.0495 0x18c4  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:19:55.0509 0x18c4  TsUsbGD - ok
19:19:55.0514 0x18c4  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
19:19:55.0531 0x18c4  tsusbhub - ok
19:19:55.0537 0x18c4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:19:55.0571 0x18c4  tunnel - ok
19:19:55.0575 0x18c4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:19:55.0589 0x18c4  uagp35 - ok
19:19:55.0599 0x18c4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:19:55.0638 0x18c4  udfs - ok
19:19:55.0652 0x18c4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:19:55.0674 0x18c4  UI0Detect - ok
19:19:55.0679 0x18c4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:19:55.0697 0x18c4  uliagpkx - ok
19:19:55.0701 0x18c4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:19:55.0716 0x18c4  umbus - ok
19:19:55.0719 0x18c4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:19:55.0731 0x18c4  UmPass - ok
19:19:55.0739 0x18c4  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:19:55.0760 0x18c4  UmRdpService - ok
19:19:55.0770 0x18c4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:19:55.0812 0x18c4  upnphost - ok
19:19:55.0817 0x18c4  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
19:19:55.0833 0x18c4  USBAAPL64 - ok
19:19:55.0838 0x18c4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:19:55.0854 0x18c4  usbaudio - ok
19:19:55.0859 0x18c4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:19:55.0875 0x18c4  usbccgp - ok
19:19:55.0880 0x18c4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:19:55.0898 0x18c4  usbcir - ok
19:19:55.0902 0x18c4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:19:55.0916 0x18c4  usbehci - ok
19:19:55.0920 0x18c4  [ 5A4AC5D05A7C97C68596416C05D6F2B4, 1CDE5172B763D2D65379B9F3ABACC080AF676DB9354EC98A455E620C4CE3E18A ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
19:19:55.0932 0x18c4  usbfilter - ok
19:19:55.0943 0x18c4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:19:55.0967 0x18c4  usbhub - ok
19:19:55.0971 0x18c4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
19:19:55.0983 0x18c4  usbohci - ok
19:19:55.0987 0x18c4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:19:56.0003 0x18c4  usbprint - ok
19:19:56.0007 0x18c4  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:19:56.0020 0x18c4  usbscan - ok
19:19:56.0025 0x18c4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:19:56.0041 0x18c4  USBSTOR - ok
19:19:56.0045 0x18c4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:19:56.0058 0x18c4  usbuhci - ok
19:19:56.0062 0x18c4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:19:56.0093 0x18c4  UxSms - ok
19:19:56.0097 0x18c4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
19:19:56.0107 0x18c4  VaultSvc - ok
19:19:56.0111 0x18c4  [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
19:19:56.0123 0x18c4  VClone - ok
19:19:56.0127 0x18c4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:19:56.0139 0x18c4  vdrvroot - ok
19:19:56.0154 0x18c4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:19:56.0198 0x18c4  vds - ok
19:19:56.0203 0x18c4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:19:56.0218 0x18c4  vga - ok
19:19:56.0222 0x18c4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:19:56.0251 0x18c4  VgaSave - ok
19:19:56.0254 0x18c4  VGPU - ok
19:19:56.0262 0x18c4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:19:56.0281 0x18c4  vhdmp - ok
19:19:56.0285 0x18c4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:19:56.0296 0x18c4  viaide - ok
19:19:56.0303 0x18c4  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:19:56.0322 0x18c4  vmbus - ok
19:19:56.0326 0x18c4  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
19:19:56.0339 0x18c4  VMBusHID - ok
19:19:56.0344 0x18c4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:19:56.0357 0x18c4  volmgr - ok
19:19:56.0369 0x18c4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:19:56.0390 0x18c4  volmgrx - ok
19:19:56.0399 0x18c4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:19:56.0420 0x18c4  volsnap - ok
19:19:56.0427 0x18c4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:19:56.0443 0x18c4  vsmraid - ok
19:19:56.0478 0x18c4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:19:56.0552 0x18c4  VSS - ok
19:19:56.0557 0x18c4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:19:56.0573 0x18c4  vwifibus - ok
19:19:56.0584 0x18c4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:19:56.0626 0x18c4  W32Time - ok
19:19:56.0631 0x18c4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:19:56.0645 0x18c4  WacomPen - ok
19:19:56.0650 0x18c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:19:56.0681 0x18c4  WANARP - ok
19:19:56.0685 0x18c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:19:56.0712 0x18c4  Wanarpv6 - ok
19:19:56.0742 0x18c4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:19:56.0792 0x18c4  WatAdminSvc - ok
19:19:56.0828 0x18c4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:19:56.0883 0x18c4  wbengine - ok
19:19:56.0893 0x18c4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:19:56.0918 0x18c4  WbioSrvc - ok
19:19:56.0931 0x18c4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:19:56.0960 0x18c4  wcncsvc - ok
19:19:56.0964 0x18c4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:19:56.0982 0x18c4  WcsPlugInService - ok
19:19:56.0986 0x18c4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
19:19:56.0998 0x18c4  Wd - ok
19:19:57.0019 0x18c4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:19:57.0052 0x18c4  Wdf01000 - ok
19:19:57.0058 0x18c4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:19:57.0079 0x18c4  WdiServiceHost - ok
19:19:57.0083 0x18c4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:19:57.0098 0x18c4  WdiSystemHost - ok
19:19:57.0107 0x18c4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
19:19:57.0129 0x18c4  WebClient - ok
19:19:57.0137 0x18c4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:19:57.0177 0x18c4  Wecsvc - ok
19:19:57.0182 0x18c4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:19:57.0216 0x18c4  wercplsupport - ok
19:19:57.0221 0x18c4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:19:57.0255 0x18c4  WerSvc - ok
19:19:57.0259 0x18c4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:19:57.0287 0x18c4  WfpLwf - ok
19:19:57.0290 0x18c4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:19:57.0302 0x18c4  WIMMount - ok
19:19:57.0305 0x18c4  WinDefend - ok
19:19:57.0310 0x18c4  WinHttpAutoProxySvc - ok
19:19:57.0322 0x18c4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:19:57.0359 0x18c4  Winmgmt - ok
19:19:57.0404 0x18c4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:19:57.0496 0x18c4  WinRM - ok
19:19:57.0505 0x18c4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:19:57.0523 0x18c4  WinUsb - ok
19:19:57.0545 0x18c4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:19:57.0590 0x18c4  Wlansvc - ok
19:19:57.0595 0x18c4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:19:57.0606 0x18c4  WmiAcpi - ok
19:19:57.0615 0x18c4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:19:57.0635 0x18c4  wmiApSrv - ok
19:19:57.0637 0x18c4  WMPNetworkSvc - ok
19:19:57.0642 0x18c4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:19:57.0657 0x18c4  WPCSvc - ok
19:19:57.0663 0x18c4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:19:57.0683 0x18c4  WPDBusEnum - ok
19:19:57.0687 0x18c4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:19:57.0716 0x18c4  ws2ifsl - ok
19:19:57.0721 0x18c4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:19:57.0742 0x18c4  wscsvc - ok
19:19:57.0745 0x18c4  WSearch - ok
19:19:57.0799 0x18c4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:19:57.0877 0x18c4  wuauserv - ok
19:19:57.0887 0x18c4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:19:57.0903 0x18c4  WudfPf - ok
19:19:57.0912 0x18c4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:19:57.0931 0x18c4  WUDFRd - ok
19:19:57.0936 0x18c4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:19:57.0954 0x18c4  wudfsvc - ok
19:19:57.0962 0x18c4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:19:57.0986 0x18c4  WwanSvc - ok
19:19:57.0992 0x18c4  ================ Scan global ===============================
19:19:57.0996 0x18c4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:19:58.0009 0x18c4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:19:58.0026 0x18c4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:19:58.0033 0x18c4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:19:58.0047 0x18c4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:19:58.0054 0x18c4  [ Global ] - ok
19:19:58.0054 0x18c4  ================ Scan MBR ==================================
19:19:58.0056 0x18c4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:19:58.0104 0x18c4  \Device\Harddisk0\DR0 - ok
19:19:58.0106 0x18c4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
19:19:58.0122 0x18c4  \Device\Harddisk1\DR1 - ok
19:19:58.0124 0x18c4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
19:19:58.0194 0x18c4  \Device\Harddisk2\DR2 - ok
19:19:58.0194 0x18c4  ================ Scan VBR ==================================
19:19:58.0196 0x18c4  [ 616B9296B45BCC2335B0393D690B8AFD ] \Device\Harddisk0\DR0\Partition1
19:19:58.0226 0x18c4  \Device\Harddisk0\DR0\Partition1 - ok
19:19:58.0228 0x18c4  [ 30DD02AD34C3EE7F5F7DBCE16DC8D166 ] \Device\Harddisk1\DR1\Partition1
19:19:58.0229 0x18c4  \Device\Harddisk1\DR1\Partition1 - ok
19:19:58.0231 0x18c4  [ A1A1CC4BA4AE1C51FC0245E9B1587FFB ] \Device\Harddisk1\DR1\Partition2
19:19:58.0231 0x18c4  \Device\Harddisk1\DR1\Partition2 - ok
19:19:58.0234 0x18c4  [ 49959F114C3ECFCB228CF7DAE6B38017 ] \Device\Harddisk1\DR1\Partition3
19:19:58.0235 0x18c4  \Device\Harddisk1\DR1\Partition3 - ok
19:19:58.0237 0x18c4  [ 9638D80FC23DC4A8369B55D6EFF7690B ] \Device\Harddisk2\DR2\Partition1
19:19:58.0281 0x18c4  \Device\Harddisk2\DR2\Partition1 - ok
19:19:58.0281 0x18c4  ================ Scan generic autorun ======================
19:19:58.0516 0x18c4  [ 7180CC6A80918BB5F9A50F6FFF51AC33, 5D1FF27BB2AE0F3A722F396D4E0E4E7EBCEF806B49533D2292AFB8C7529CBBC6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:19:58.0836 0x18c4  RTHDVCPL - ok
19:19:58.0862 0x18c4  [ 887E31727394E2998A471A01A521EAB4, E68D0C778BAAB307E6BDDA151787D31FC16AD83ADE3FE848353998D111A9AC0C ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
19:19:58.0881 0x18c4  DivXMediaServer - detected UnsignedFile.Multi.Generic ( 1 )
19:20:01.0880 0x18c4  Detect skipped due to KSN trusted
19:20:01.0880 0x18c4  DivXMediaServer - ok
19:20:01.0889 0x18c4  [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
19:20:01.0914 0x18c4  LWS - ok
19:20:01.0941 0x18c4  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
19:20:01.0976 0x18c4  Adobe ARM - ok
19:20:01.0982 0x18c4  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
19:20:01.0994 0x18c4  GrooveMonitor - ok
19:20:02.0039 0x18c4  [ 16AFB34618E1286FF856DC600AC49C79, 431EC110507685A0F4472EAE35383B4C1E3DC0B56E01CDECFB18F753181DC995 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
19:20:02.0094 0x18c4  DivXUpdate - ok
19:20:02.0122 0x18c4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:20:02.0174 0x18c4  Sidebar - ok
19:20:02.0180 0x18c4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:20:02.0200 0x18c4  mctadmin - ok
19:20:02.0225 0x18c4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:20:02.0261 0x18c4  Sidebar - ok
19:20:02.0266 0x18c4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:20:02.0281 0x18c4  mctadmin - ok
19:20:02.0282 0x18c4  Waiting for KSN requests completion. In queue: 297
19:20:03.0282 0x18c4  Waiting for KSN requests completion. In queue: 297
19:20:04.0282 0x18c4  Waiting for KSN requests completion. In queue: 8
19:20:05.0305 0x18c4  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.266 ), 0x41000 ( enabled : updated )
19:20:05.0320 0x18c4  Win FW state via NFP2: enabled
19:20:08.0066 0x18c4  ============================================================
19:20:08.0066 0x18c4  Scan finished
19:20:08.0066 0x18c4  ============================================================
19:20:08.0079 0x14ec  Detected object count: 0
19:20:08.0079 0x14ec  Actual detected object count: 0
19:20:54.0636 0x1a3c  Deinitialize success
         

Alt 21.10.2014, 12:00   #7
schrauber
/// the machine
/// TB-Ausbilder
 

PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Standard

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



Wenn er einfriert, kannst Du dann die Maus noch bewegen?


ProcessExplorer als Ersatz für den Windows Taskmanager installieren

Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden.

Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt.

Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.10.2014, 12:26   #8
CMstorm
 
PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Standard

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



So hab alles so gemacht wie es beschrieben ist.

Wie du auf dem Bild sehen kannst ist "System Idle Process" unter CPU/History das auffälligste.

h:
Angehängte Grafiken
Dateityp: jpg Process Explorer.jpg (248,6 KB, 146x aufgerufen)

Alt 22.10.2014, 07:19   #9
schrauber
/// the machine
/// TB-Ausbilder
 

PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Standard

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



Das muss auch so sein, ist der Leerlaufprozess. Was ist mit meiner Frage wegen der Maus?

Lass Process Explorer mal offen, wenn er wieder einfriert schau mal was die CPU macht.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.10.2014, 22:44   #10
CMstorm
 
PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Standard

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



Also ich werde mal darauf achten wenn er wieder einfriert.

Ja ich kann die Maus bewegen nur Internetseiten, Bilder, Ordner und Programme lassen sich nicht öffnen.

Alt 23.10.2014, 19:39   #11
schrauber
/// the machine
/// TB-Ausbilder
 

PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Standard

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



Ok, also die Festplatte steht schon mal nicht. Ja beobachte mal den Process Explorer.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.10.2014, 20:02   #12
CMstorm
 
PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Standard

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



Also immer wenn er einfriert bekomme ich leider auch diesen neuen Task-Manager nicht auf. Bis er sich wieder fängt und danach sieht alles wie immer aus.
Ich weiß nicht mehr weiter.

Alt 26.10.2014, 14:09   #13
schrauber
/// the machine
/// TB-Ausbilder
 

PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Standard

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



Den Process Explorer aufmachen und offen lassen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.10.2014, 18:45   #14
CMstorm
 
PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Standard

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



Also es scheint das der Process Chrom.exe Probleme macht.
Der schießt immer beim einfrieren in die höhe.

Alt 28.10.2014, 18:02   #15
schrauber
/// the machine
/// TB-Ausbilder
 

PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Standard

PC friert ab und zu ein (nervig) #Forumszweig wechsel.



Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu PC friert ab und zu ein (nervig) #Forumszweig wechsel.
allgemein, amd, bilder, browser, festplatte, festplatten, folge, friert, home, internet, jahre, min, nervig, netzwerkadapter, neu, nicht mehr, problem, seite, speicher, spiele, surfen, trojaner, video, win, win7



Ähnliche Themen: PC friert ab und zu ein (nervig) #Forumszweig wechsel.


  1. PC friert ab und zu ein (nervig)
    Netzwerk und Hardware - 19.10.2014 (2)
  2. Wechsel XP - Xubuntu
    Alles rund um Mac OSX & Linux - 07.05.2014 (14)
  3. Windows Vista - Werbung überall im Internet - Nervig
    Plagegeister aller Art und deren Bekämpfung - 16.04.2014 (6)
  4. Werbung und Dateien, nervig.
    Plagegeister aller Art und deren Bekämpfung - 18.10.2013 (7)
  5. Sponsorship - Nervig!
    Plagegeister aller Art und deren Bekämpfung - 05.09.2013 (28)
  6. Nervig: Avira meldet URL:Mal daouvuim.cn und Win32.Malware.Gen
    Plagegeister aller Art und deren Bekämpfung - 07.08.2012 (3)
  7. Antivir v10 meldet immer wieder versteckte Systemdateien -nervig!- ...und anderes
    Antiviren-, Firewall- und andere Schutzprogramme - 02.04.2010 (1)
  8. ANTISPYDELUXE.Schädlich? Gefährlich oder nur Nervig ???
    Mülltonne - 08.10.2008 (0)
  9. GraKa Wechsel... was beachten?
    Netzwerk und Hardware - 08.08.2008 (5)
  10. WinAmp bzw. MedaiaPlayer geht andauernd auf - extrem nervig!
    Plagegeister aller Art und deren Bekämpfung - 15.09.2007 (8)
  11. Wie nervig , Hilfe!!!!
    Log-Analyse und Auswertung - 27.08.2007 (4)
  12. Nach NT-wechsel Probleme
    Netzwerk und Hardware - 25.06.2007 (11)
  13. Errorsafe total nervig!
    Plagegeister aller Art und deren Bekämpfung - 29.08.2006 (1)
  14. IP-Wechsel
    Alles rund um Windows - 12.06.2005 (1)
  15. Wechsel von za auf ZA Pro
    Antiviren-, Firewall- und andere Schutzprogramme - 24.09.2004 (1)
  16. Browser Wechsel?
    Alles rund um Windows - 07.08.2004 (6)
  17. Ich wechsel ganz ... *fg*
    Alles rund um Mac OSX & Linux - 25.10.2002 (2)

Zum Thema PC friert ab und zu ein (nervig) #Forumszweig wechsel. - Hallo Trojaner, habe seit einem Monate folgendes Problem, mein PC friert beim Surfen im Internet, beim Spielen von Games und allgemein einfach ein nach ca. 2 min läuft er normal - PC friert ab und zu ein (nervig) #Forumszweig wechsel....
Archiv
Du betrachtest: PC friert ab und zu ein (nervig) #Forumszweig wechsel. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.