Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig. (https://www.trojaner-board.de/168529-pc-friert-browser-benutzt-kein-blue-screen-fehlermeldung-manueller-neustart-noetig.html)

Carso 07.07.2015 22:05
PC friert ein wenn Browser benutzt wird. Kein Blue Screen/Fehlermeldung. Manueller Neustart nötig.
 
Hallo zusammen,

Zu meinem Problem: Seit gestern Nachmittag friert mein PC regelmäßig ein. Ich bekomme allerdings kein Blue Screen oder sonstige Warnungen/Meldungen. Wenn Sound läuft, "rauscht" dieser kurz (es klingt als wird der letzte Ton ganz schnell hintereinander immer wieder wiederholt) und die Maus bleibt hängen. Am PC geht dann Garnichts mehr (Weder Maus, noch sämtliche Tastatureingaben). Alles was hilft ist ein manueller Neustart.

Der Fehler kommt allerdings nur wenn ich einen Browser benutze und ich glaube auch meistens nur wenn Videos oder Sounddateien spielen. Heute morgen wollte ich direkt nach dem starten Chrome starten (benutze sonst eig. nur Firefox) und der PC hing direkt. Überhitzung kann es also eigentlich nicht sein. Der PC war ja gerade erst gestartet.
Konnte gestern Battlefield und LoL zocken, ohne Fehler zu bekommen.

Ich habe den Flash Player heute bereits neu installiert und Java aktualisiert, da ich die beiden im Verdacht hatte. Hat aber nix gebracht. Wenn ich mit TOR browse scheint nichts zu passieren. Aber hier sind ja auch alle Addons ausgeschaltet...

Ich bin nicht sicher, ob es sich um einen Virus/etc. handelt, aber ich weiß nicht weiter. Die ständigen Neustarts nerven ziemlich :( Ich hoffe ihr könnt helfen.

Vielen Dank im Voraus. Anbei meine Logs:

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 07.07.2015
Suchlaufzeit: 11:56
Protokolldatei:
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.07.07.02
Rootkit-Datenbank: v2015.07.05.03
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Scotty

Suchlauftyp: Benutzerdefinierter Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 997051
Abgelaufene Zeit: 4 Std., 11 Min., 3 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 1
PUP.Riskware.Patcher, D:\Videobearbeitung\Photodex Proshow Producer 7.0.3518 Final_1905\Patch.exe, In Quarantäne, [935b578766245ed8c6a31b2b34cd4cb4],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)

(end)
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:24 on 07/07/2015 (Scotty)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...

-=E.O.F=-

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Scotty (administrator) on SCOTTY-PC on 07-07-2015 22:24:51
Running from C:\Users\Scotty\Desktop
Loaded Profiles: Scotty (Available Profiles: Scotty)
Platform: Windows 7 Professional N Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) D:\Avast Antivir\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\ASGT.exe
(Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() D:\GnuPG\dirmngr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Flux Software LLC) C:\Users\Scotty\AppData\Local\FluxSoftware\Flux\flux.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Avast Software s.r.o.) D:\Avast Antivir\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avast Software s.r.o.) D:\Avast Antivir\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) D:\Tor\Browser\firefox.exe
() D:\Tor\Browser\TorBrowser\Tor\tor.exe
() C:\Users\Scotty\Desktop\Defogger.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2000-01-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => D:\Office 2010\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Avast Antivir\AvastUI.exe [5511352 2015-03-19] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\Run: [f.lux] => C:\Users\Scotty\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\MountPoints2: {12d205c2-1b66-11e5-a762-74d02b2709de} - N:\LaunchU3.exe -a
HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\MountPoints2: {551699af-0979-11e3-9b03-74d02b2709de} - F:\setup.exe
HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\MountPoints2: {96bdfa79-0808-11e3-aa33-806e6f6e6963} - D:\Bin\ASSETUP.exe
AppInit_DLLs: D:\Sophos\SOPHOS~1\SOPHOS~2.DLL => D:\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [218256 2012-09-21] (Sophos Limited)
AppInit_DLLs-x32: D:\Sophos\SOPHOS~1\SOPHOS~1.DLL => D:\Sophos\Sophos Anti-Virus\sophos_detoured.dll [221840 2012-09-21] (Sophos Limited)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Avast Antivir\ashShA64.dll [2015-03-19] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => D:\Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => D:\Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => D:\Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => D:\Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => D:\Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Avast Antivir\aswWebRepIE64.dll [2015-03-19] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Office 2010\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-06] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\Avast Antivir\aswWebRepIE.dll [2015-03-19] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Office 2010\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-06] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9F464A7F-1380-41B4-9A30-B723D70986A3}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B7416966-CFB3-445C-9893-0E14162E8441}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default
FF NewTab: about:blank
FF DefaultSearchEngine: DuckDuckGo
FF SearchEngineOrder.1: Google
FF Homepage: facebook.com
FF Keyword.URL: https://www.google.com/search
FF NetworkProxy: "ftp", "131.109.42.105"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "131.109.42.105"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "131.109.42.105"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "131.109.42.105"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-07-07] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\PDF_XViewer\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-06-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\PDF_XViewer\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-06-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-07] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\PDF_XViewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-06-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-06] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\OFFICE~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\OFFICE~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2015-06-26] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\PDF_XViewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-06-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> D:\VLC Player\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> D:\VLC Player\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> D:\VLC Player\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> D:\VLC Player\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\VLC Player\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\VLC Player\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-4268881813-2952948070-2875398935-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\PDF_XViewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-06-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4268881813-2952948070-2875398935-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Scotty\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-26] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4268881813-2952948070-2875398935-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-16] ()
FF SearchPlugin: C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\searchplugins\duckduckgo.xml [2014-09-22]
FF SearchPlugin: C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\searchplugins\metager.xml [2014-12-28]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-12-20]
FF Extension: Disconnect - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\2.0@disconnect.me.xpi [2015-04-18]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\elemhidehelper@adblockplus.org.xpi [2013-08-18]
FF Extension: Ghostery - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\firefox@ghostery.com.xpi [2014-01-08]
FF Extension: MEGA - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\firefox@mega.co.nz.xpi [2015-02-03]
FF Extension: YouTube Enhancer Plus - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\firefoxaddon@youtubeenhancer.com.xpi [2015-04-07]
FF Extension: Privacy Badger Firefox - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2015-04-18]
FF Extension: Reddit Enhancement Suite - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2013-10-29]
FF Extension: ProxTube - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-09-12]
FF Extension: Video DownloadHelper - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-18]
FF Extension: Adblock Plus - C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-18]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-20]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Avast Antivir\WebRep\FF
FF Extension: Avast Online Security - D:\Avast Antivir\WebRep\FF [2013-08-18]
FF HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-20]
StartMenuInternet: FIREFOX.EXE - D:\Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-18]
CHR Extension: (Google Drive) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-18]
CHR Extension: (YouTube) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-18]
CHR Extension: (Adblock Plus) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-18]
CHR Extension: (Google Search) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-18]
CHR Extension: (AdBlock) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-18]
CHR Extension: (Avast Online Security) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-09-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-19]
CHR Extension: (Ghostery) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-02-25]
CHR Extension: (Google Wallet) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Scotty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Avast Antivir\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 avast! Antivirus; D:\Avast Antivir\AvastSvc.exe [343336 2015-03-19] (Avast Software s.r.o.)
R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2647256 2014-01-24] (Blue Coat Systems, Inc.)
R2 DirMngr; D:\GnuPG\dirmngr.exe [218112 2013-10-07] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; D:\Malwarebytes' Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Microsoft SharePoint Workspace Audit Service; D:\Office 2010\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S3 Origin Client Service; G:\Origin\OriginClientService.exe [2004488 2015-07-01] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-06-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-06-16] ()
R2 Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [45056 2010-01-21] (Realtek) [File not signed]
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2015-06-26] ()
S2 SkypeUpdate; D:\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-01] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-10-26] ()
R2 bckd; C:\Windows\System32\drivers\bckd.sys [126168 2014-01-24] (Blue Coat Systems, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-08-20] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-10-26] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-07-07] (SlimWare Utilities, Inc.)
R1 truecrypt; C:\Windows\SysWOW64\drivers\truecrypt.sys [191264 2006-07-03] (TrueCrypt Foundation) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-07 22:24 - 2015-07-07 22:25 - 00023481 _____ C:\Users\Scotty\Desktop\FRST.txt
2015-07-07 22:24 - 2015-07-07 22:25 - 00000000 ____D C:\FRST
2015-07-07 22:24 - 2015-07-07 22:24 - 00000474 _____ C:\Users\Scotty\Desktop\defogger_disable.log
2015-07-07 22:24 - 2015-07-07 22:24 - 00000000 _____ C:\Users\Scotty\defogger_reenable
2015-07-07 20:26 - 2015-07-07 22:21 - 00000022 _____ C:\Windows\S.dirmngr
2015-07-07 20:25 - 2015-07-07 22:21 - 00001578 _____ C:\Windows\PFRO.log
2015-07-07 13:19 - 2015-07-07 13:19 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-07 13:19 - 2015-07-07 13:19 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-07 12:33 - 2015-07-07 12:33 - 00380416 _____ C:\Users\Scotty\Desktop\Gmer-19357.exe
2015-07-07 12:30 - 2015-07-07 12:30 - 02112512 _____ (Farbar) C:\Users\Scotty\Desktop\FRST64.exe
2015-07-07 12:29 - 2015-07-07 12:29 - 00050477 _____ C:\Users\Scotty\Desktop\Defogger.exe
2015-07-07 12:28 - 2015-07-07 12:28 - 00602112 _____ (OldTimer Tools) C:\Users\Scotty\Desktop\OTL.exe
2015-07-07 11:17 - 2015-07-07 22:21 - 00000840 _____ C:\Windows\setupact.log
2015-07-07 11:17 - 2015-07-07 11:17 - 746910759 _____ C:\Windows\MEMORY.DMP
2015-07-07 11:17 - 2015-07-07 11:17 - 00315280 _____ C:\Windows\Minidump\070715-13821-01.dmp
2015-07-07 11:17 - 2015-07-07 11:17 - 00000000 _____ C:\Windows\setuperr.log
2015-07-07 11:07 - 2015-07-07 11:07 - 00005387 _____ C:\Users\Scotty\AppData\Local\Temp8.html
2015-07-07 11:05 - 2015-07-07 11:05 - 00001667 _____ C:\Users\Scotty\AppData\Local\Temp1.html
2015-07-06 20:58 - 2015-07-06 20:58 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-06 20:58 - 2015-07-06 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-06 20:58 - 2015-07-06 20:58 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-06 20:03 - 2015-07-06 20:03 - 02884055 ____H C:\Users\Scotty\Desktop\~WRL0132.tmp
2015-07-05 21:36 - 2015-07-05 21:41 - 00011349 _____ C:\Users\Scotty\Desktop\Kosten.xlsx
2015-06-28 14:51 - 2015-06-28 14:51 - 00000000 ____D C:\Users\Scotty\Documents\Thief
2015-06-26 13:07 - 2015-06-26 13:07 - 00000000 ____D C:\Program Files (x86)\Photodex Presenter
2015-06-26 13:07 - 2015-06-26 13:07 - 00000000 ____D C:\Program Files (x86)\Photodex
2015-06-26 13:01 - 2015-06-26 13:01 - 00003114 _____ C:\Windows\System32\Tasks\{425D08CC-E5E1-475C-94DB-7668F900B965}
2015-06-23 23:42 - 2015-06-23 23:42 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\Netscape
2015-06-23 23:41 - 2015-06-23 23:41 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\Photodex
2015-06-23 23:41 - 2015-06-23 23:41 - 00000000 ____D C:\ProgramData\Photodex
2015-06-23 23:35 - 2015-06-23 23:38 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\Ashampoo Slideshow Studio HD 3
2015-06-23 23:34 - 2015-06-23 23:34 - 00000000 ____D C:\Users\Scotty\AppData\Local\ashampoo
2015-06-23 23:34 - 2015-06-23 23:34 - 00000000 ____D C:\ProgramData\Ashampoo
2015-06-23 20:30 - 2015-06-23 20:30 - 00000761 _____ C:\Users\Scotty\Desktop\Slideshow.lnk
2015-06-23 20:08 - 2015-06-23 20:08 - 00000000 ____D C:\Users\Scotty\Documents\MAGIX_MusicEditor
2015-06-23 20:08 - 2015-06-23 20:08 - 00000000 ____D C:\Users\Scotty\AppData\Local\Magix
2015-06-23 20:07 - 2015-06-23 22:55 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\MAGIX
2015-06-23 20:07 - 2015-06-23 20:07 - 00000000 ____D C:\Users\Scotty\AppData\Local\Xara
2015-06-23 20:06 - 2015-06-29 12:04 - 00000000 ___RD C:\Users\Scotty\Documents\MAGIX
2015-06-23 20:06 - 2015-06-29 12:04 - 00000000 ____D C:\ProgramData\MAGIX
2015-06-20 22:20 - 2015-06-20 22:20 - 00000000 ____D C:\Users\Scotty\AppData\Local\ESN
2015-06-12 16:37 - 2015-06-12 16:37 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-10 10:39 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 10:39 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 10:39 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 10:39 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 10:39 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 10:39 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 10:39 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 10:39 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 10:39 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 10:39 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 10:39 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 10:39 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 10:39 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 10:39 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 10:39 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 10:39 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 10:39 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 10:39 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 10:39 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 10:39 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 10:39 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 10:39 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 10:39 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 10:39 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 10:39 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 10:39 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 10:39 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 10:39 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 10:39 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 10:39 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 10:39 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 10:39 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 10:39 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 10:38 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 10:38 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 10:38 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 10:38 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 10:38 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 10:38 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 10:38 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 10:38 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 10:38 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 10:38 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 10:38 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 10:38 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 10:38 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 10:38 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 10:38 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 10:38 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 10:38 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 10:38 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 10:38 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 10:38 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 10:38 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 10:38 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 10:38 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 10:38 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 10:38 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 10:38 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 10:38 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 10:38 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 10:38 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 10:38 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 10:38 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 10:38 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 10:38 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 10:38 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 10:38 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 10:38 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 10:38 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 10:38 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 10:38 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 10:38 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 10:38 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 10:38 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 10:38 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 10:38 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 10:38 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 10:38 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 10:38 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 10:38 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 10:38 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 10:38 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 10:38 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 10:38 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 10:38 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 10:38 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 10:38 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 10:38 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 10:38 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 10:38 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 10:38 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 10:38 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 10:38 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 10:38 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 10:38 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 10:38 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 10:38 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 10:38 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 10:38 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 10:38 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 10:38 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 10:38 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 10:38 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 10:38 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 10:38 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 10:38 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 10:38 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 10:38 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 10:38 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 10:38 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 10:38 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 10:38 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 10:38 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 10:38 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 10:38 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 10:38 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 10:38 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 10:38 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 10:38 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 10:38 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 10:38 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 10:38 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 10:38 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 10:38 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-07 21:38 - 2015-07-07 22:24 - 01784647 _____ C:\Windows\WindowsUpdate.log
2015-06-07 21:08 - 2015-06-07 21:35 - 00000000 ____D C:\AdwCleaner

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-07 22:24 - 2013-08-18 15:22 - 00000000 ____D C:\Users\Scotty
2015-07-07 22:22 - 2013-08-18 17:21 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-07 22:21 - 2013-08-18 16:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-07 22:21 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-07 21:35 - 2013-08-18 17:21 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-07 20:41 - 2009-07-14 06:50 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-07 20:41 - 2009-07-14 06:50 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-07 20:32 - 2011-04-12 10:14 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-07-07 20:32 - 2011-04-12 10:14 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-07-07 20:32 - 2009-07-14 07:12 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-07 20:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache
2015-07-07 13:19 - 2014-10-23 11:41 - 00000000 ____D C:\Users\Scotty\AppData\Local\Adobe
2015-07-07 12:20 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-07-07 11:56 - 2015-06-06 23:36 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-07 11:17 - 2015-01-04 23:08 - 00000000 ____D C:\Windows\Minidump
2015-07-07 11:13 - 2013-08-26 17:35 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\Azureus
2015-07-07 11:00 - 2015-05-20 14:00 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2015-07-06 20:59 - 2013-10-01 12:55 - 00000000 ____D C:\ProgramData\Oracle
2015-07-06 15:44 - 2013-08-18 16:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-06 13:46 - 2015-03-20 00:28 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-06 13:38 - 2013-08-29 13:00 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-06 13:32 - 2013-08-28 21:34 - 00000000 ____D C:\ProgramData\Origin
2015-07-02 17:59 - 2013-08-18 17:41 - 00004140 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-30 23:08 - 2013-08-19 15:29 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\vlc
2015-06-24 11:34 - 2009-07-14 06:50 - 00456392 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-23 23:42 - 2013-08-18 16:49 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\Mozilla
2015-06-23 20:13 - 2013-08-18 16:47 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-23 20:13 - 2013-08-18 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-06-23 20:10 - 2013-08-18 16:04 - 00136720 _____ C:\Users\Scotty\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-23 20:06 - 2015-05-09 03:00 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-06-23 20:05 - 2013-09-30 20:46 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-23 13:30 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-22 23:37 - 2013-08-18 17:45 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-22 00:41 - 2013-08-29 14:33 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-06-21 11:51 - 2013-08-29 14:29 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-06-20 22:22 - 2014-06-28 13:32 - 00076152 _____ C:\Windows\system32\PnkBstrA.exe
2015-06-20 22:10 - 2014-01-24 17:14 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-06-18 08:41 - 2015-06-06 23:35 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-18 08:41 - 2015-06-06 23:35 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-18 08:41 - 2015-06-06 23:35 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-16 23:04 - 2013-12-30 03:24 - 00000000 ____D C:\Users\Scotty\Documents\My Games
2015-06-16 23:04 - 2013-08-29 14:33 - 00000000 ____D C:\Users\Scotty\AppData\Local\PunkBuster
2015-06-16 23:02 - 2014-01-17 02:25 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-12 16:37 - 2013-08-18 16:13 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-11 10:50 - 2013-10-16 02:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 10:48 - 2014-12-01 22:12 - 00000000 __SHD C:\Users\Scotty\AppData\Local\EmieBrowserModeList
2015-06-11 10:48 - 2014-07-21 13:57 - 00000000 __SHD C:\Users\Scotty\AppData\Local\EmieUserList
2015-06-11 10:48 - 2014-07-21 13:57 - 00000000 __SHD C:\Users\Scotty\AppData\Local\EmieSiteList
2015-06-10 19:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-10 18:27 - 2014-09-19 12:36 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-10 18:15 - 2014-12-10 20:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-10 18:15 - 2014-05-06 11:28 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 11:55 - 2013-08-18 16:56 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 11:51 - 2013-08-18 16:56 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 11:51 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-06-08 11:07 - 2013-10-18 11:20 - 00000537 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-06-07 21:37 - 2013-08-20 12:41 - 00000000 ____D C:\Users\Scotty\AppData\Roaming\DAEMON Tools Lite

==================== Files in the root of some directories =======

2014-02-21 17:57 - 2014-02-21 17:57 - 0000000 ___SH () C:\Users\Scotty\AppData\Local\LumaEmu
2014-02-27 19:54 - 2014-02-27 19:54 - 0001488 _____ () C:\Users\Scotty\AppData\Local\recently-used.xbel
2015-07-07 11:05 - 2015-07-07 11:05 - 0001667 _____ () C:\Users\Scotty\AppData\Local\Temp1.html
2015-07-07 11:07 - 2015-07-07 11:07 - 0005387 _____ () C:\Users\Scotty\AppData\Local\Temp8.html
2015-05-20 14:40 - 2015-05-20 14:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-25 16:02 - 2015-03-25 16:02 - 0001534 _____ () C:\ProgramData\ss.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 10:05

==================== End of log ============================

Carso 07.07.2015 22:10
Logs die zweite

FRST Additions Logfile:
[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Scotty at 2015-07-07 22:25:26
Running from C:\Users\Scotty\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4268881813-2952948070-2875398935-500 - Administrator - Disabled)
Gast (S-1-5-21-4268881813-2952948070-2875398935-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4268881813-2952948070-2875398935-1183 - Limited - Enabled)
Scotty (S-1-5-21-4268881813-2952948070-2875398935-1000 - Administrator - Enabled) => C:\Users\Scotty

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

0 A.D. (HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\0 A.D.) (Version: r15148P-alpha - Wildfire Games)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
ANNO 1404 - Venice (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.0.5008.0 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtMoney SE v7.43 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.43 - System SoftLab)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version:  - Ubisoft Montreal)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Banished version 1.0.3 (HKLM-x32\...\Banished_is1) (Version: 1.0.3 - theprodukkt)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Blue Coat K9 Web Protection (HKLM\...\Blue Coat K9 Web Protection) (Version: 4.4.276 - Blue Coat Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Burnout™ Paradise: The Ultimate Box (HKLM-x32\...\{1CDC8E7D-CDFC-4C2B-A080-23D943354625}) (Version: 1.1.0.0 - Electronic Arts)
Burnout™ Paradise: The Ultimate Box (HKLM-x32\...\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 1.1.0.0 - Electronic Arts)
Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities Skylines Deluxe Edition 1.0.6b (HKLM-x32\...\Cities Skylines Deluxe Edition 1.0.6b) (Version:  - )
Command & Conquer™ Alarmstufe Rot 3 Der Aufstand (HKLM-x32\...\{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}) (Version: 1.0.1.0 - Electronic Arts)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Die Gilde 2 Complete Edition 1.00 (HKLM-x32\...\Die Gilde 2 Complete Edition 1.00) (Version: 1.00 - specy123)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.5 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.20140326 - Landesfinanzdirektion Thüringen)
Empire Earth - The Art of Conquest (HKLM-x32\...\{B49C924C-A651-4378-94F6-5D9BF44A959F}) (Version:  - )
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
Europa Universalis IV Version 1.9.2 (HKLM-x32\...\Europa Universalis IV_is1) (Version: 1.9.2 - Paradox Interactive)
f.lux (HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\Flux) (Version:  - )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Free M4a to MP3 Converter 8.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
FreeRIP MP3 Converter 4.5.4 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.5.4 - GreenTree Applications SRL)
Game of Thrones (HKLM-x32\...\Game of Thrones_is1) (Version:  - )
Google Chrome (HKLM-x32\...\{6B50D4E7-A873-3102-A1F9-CD5B17976208}) (Version: 65.119.95 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
Grand Ages: Rome (HKLM-x32\...\Steam App 23450) (Version:  - Haemimont Games)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
How to Survive (HKLM-x32\...\Steam App 250400) (Version:  - )
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Imperium Romanum: Gold Edition (HKLM-x32\...\Steam App 23400) (Version:  - Haemimont Games)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 Uncut Edition 2.1.3.4 (HKLM-x32\...\Left 4 Dead 2 Uncut Edition 2.1.3.4) (Version:  - )
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Markstrat Team (HKLM-x32\...\{AF8FEA18-45B9-4DE0-8CA1-A98125423A93}) (Version: 5.1.0.7 - StratX)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version:  - The Creative Assembly)
Medieval II: Total War Kingdoms (HKLM-x32\...\Steam App 4780) (Version:  - The Creative Assembly)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version:  - The Creative Assembly)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Omerta - City of Gangsters (HKLM-x32\...\Steam App 208520) (Version:  - Haemimont Games)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Patrician IV: Steam Special Edition (HKLM-x32\...\Steam App 57620) (Version:  - Gaming Minds Studios)
Patrizier 4 (HKLM-x32\...\{25B473C3-2C62-482B-858F-94ED76880F79}) (Version: 1.0.0 - Kalypso Media)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.211.0 - Tracker Software Products Ltd)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
PeerGuardian 2.0 (HKLM-x32\...\PeerGuardian_is1) (Version: 2.0.6.4 - Methlabs Productions)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version:  - Photodex Corporation)
Port Royale 3 (HKLM-x32\...\{68DED384-1F74-4AEE-8B8E-95AF15572FE3}) (Version: 1.3.3.0 - Gaming Minds Studios GmbH)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version:  - Photodex Corporation)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.86.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0150 - REALTEK Semiconductor Corp.)
Risen (HKLM-x32\...\Steam App 40300) (Version:  - Piranha – Bytes)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version:  - Piranha Bytes)
Sacred 2 Gold (HKLM-x32\...\Steam App 225640) (Version:  - Ascaron)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SleepTimer Ultimate 1.2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version:  - Christian Handorf)
SlimDrivers (HKLM-x32\...\{5AD12E7A-D739-4451-9BD1-3610EC56D8F5}) (Version: 2.2.45206 - SlimWare Utilities, Inc.)
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Total War Attila German Edition Incl. Update 2 and DLCs 1.2.0 (HKLM-x32\...\Total War Attila German Edition Incl. Update 2 and DLCs 1.2.0) (Version:  - )
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity (HKLM-x32\...\Unity) (Version: 4.5.0f6 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Viking: Battle for Asgard (HKLM-x32\...\Steam App 211160) (Version:  - Creative Assembly, PC Port - Hardlight)
VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.4.0.0 - Azureus Software, Inc.)
WhoCrashed 3.01 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4268881813-2952948070-2875398935-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Scotty\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File

==================== Restore Points =========================

24-06-2015 12:36:43 Windows Update
30-06-2015 11:53:34 Windows Update
06-07-2015 20:57:03 Removed Java 7 Update 67
07-07-2015 10:50:45 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-06-23 20:14 - 00000877 ____A C:\Windows\system32\Drivers\etc\hosts
- 127.0.0.1 www.magix.com
- 127.0.0.1 195.214.216.16

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {58AF0CD8-BF83-4323-8E07-D93E5628373A} - System32\Tasks\{425D08CC-E5E1-475C-94DB-7668F900B965} => pcalua.exe -a "D:\Videobearbeitung\Photodex ProShow Producer\remove.exe"
Task: {7B567AFF-7873-4876-B9CB-CF4390D9FACA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-18] (Google Inc.)
Task: {8C1CEB2F-BCB8-4C60-8436-D164E88E4682} - System32\Tasks\{0288D029-7E5E-4616-8E31-A26128487127} => Firefox.exe hxxp://ui.skype.com/ui/0/6.7.60.102/de/go/help.faq.installer?LastError=1618
Task: {8DFE7567-9C65-4E6F-B930-16998ABE4C35} - System32\Tasks\ASUS\i-Setup161428 => C:\Windows\Chipset\AsusSetup.exe
Task: {9E59521A-F3ED-4B1B-84FC-D998C79E4F0A} - System32\Tasks\avast! Emergency Update => D:\Avast Antivir\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {9F2E46AD-AEA8-4129-A5AF-956AFD4F3341} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-18] (Google Inc.)
Task: {D0FB459D-8C27-4277-A079-8F804B6137C4} - System32\Tasks\ASUS\i-Setup161342 => C:\Windows\Chipset\AsusSetup.exe
Task: {EF65DFE3-FE59-41A2-AC15-CB7C4D2603CA} - System32\Tasks\CCleanerSkipUAC => D:\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {FBE02011-8329-4FA6-AD46-BAD6D8FB031F} - System32\Tasks\{AED7B909-A030-4DF6-8789-799F3751DC60} => pcalua.exe -a D:\Downloads\pg2-050918-nt(1).exe -d D:\Downloads
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-08-18 16:06 - 2015-05-12 05:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2013-10-07 16:54 - 2013-10-07 16:54 - 00218112 _____ () D:\GnuPG\dirmngr.exe
2014-06-28 13:32 - 2015-06-20 22:22 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-06-26 13:07 - 2015-06-26 13:07 - 00186760 _____ () C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
2000-01-01 02:00 - 2015-07-07 11:57 - 02029056 _____ () D:\Tor\Browser\TorBrowser\Tor\tor.exe
2015-07-07 12:29 - 2015-07-07 12:29 - 00050477 _____ () C:\Users\Scotty\Desktop\Defogger.exe
2015-03-19 01:03 - 2015-03-19 01:03 - 00104400 _____ () D:\Avast Antivir\log.dll
2015-03-19 01:03 - 2015-03-19 01:03 - 00081728 _____ () D:\Avast Antivir\JsonRpcServer.dll
2015-07-07 20:24 - 2015-07-07 20:24 - 02956288 _____ () D:\Avast Antivir\defs\15070701\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00221184 _____ () D:\GnuPG\libksba-8.dll
2013-10-07 16:47 - 2013-10-07 16:47 - 00037888 _____ () D:\GnuPG\libgpg-error-0.dll
2013-10-07 16:44 - 2013-10-07 16:44 - 00050176 _____ () D:\GnuPG\libw32pth-0.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00069632 _____ () D:\GnuPG\libassuan-0.dll
2013-10-07 16:49 - 2013-10-07 16:49 - 00628224 _____ () D:\GnuPG\libgcrypt-11.dll
2014-01-30 12:52 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll
2015-05-20 14:26 - 2015-05-01 18:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-19 01:03 - 2015-03-19 01:03 - 40540672 _____ () D:\Avast Antivir\libcef.dll
2015-03-19 01:03 - 2015-03-19 01:03 - 01359872 _____ () D:\Avast Antivir\libglesv2.dll
2015-03-19 01:03 - 2015-03-19 01:03 - 00212992 _____ () D:\Avast Antivir\libegl.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00092087 _____ () D:\Tor\Browser\libssp-0.dll
2000-01-01 02:00 - 2015-07-07 11:57 - 05066766 _____ () D:\Tor\Browser\mozjs.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00714452 _____ () D:\Tor\Browser\TorBrowser\Tor\libevent-2-0-5.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00092087 _____ () D:\Tor\Browser\TorBrowser\Tor\libssp-0.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00517814 _____ () D:\Tor\Browser\TorBrowser\Tor\libgcc_s_sjlj-1.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00110592 _____ () D:\Tor\Browser\TorBrowser\Tor\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4268881813-2952948070-2875398935-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Scotty\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ApplePhotoStreams => D:\iCloud\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "D:\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: com.apple.dav.bookmarks.daemon => D:\iCloud\BookmarkDAV_client.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: iCloudServices => D:\iCloud\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "D:\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{FFA69B1D-AB91-41AF-A497-F3B3D9A576DF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AB4244AD-F701-4511-9C86-8F0C24E3B433}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{4D79D8EA-A4C6-4963-B8D7-80D7D59BC7C8}G:\call of duty black ops-skidrow\blackops.exe] => (Allow) G:\call of duty black ops-skidrow\blackops.exe
FirewallRules: [UDP Query User{AC0663FA-8A7D-4F4B-82AE-D16BB74689C2}G:\call of duty black ops-skidrow\blackops.exe] => (Allow) G:\call of duty black ops-skidrow\blackops.exe
FirewallRules: [{F0290F1A-FA08-48B6-828D-9976FDE76F8E}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{5F72131A-DDC1-4D96-A39C-8C8EE78C6194}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{712A819F-8CCA-4A69-8AD0-DDC57CF5AAF7}] => (Allow) G:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{6DE70122-09D4-46A6-A922-94AC7DF220DB}] => (Allow) G:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [TCP Query User{7F8E11CE-072B-43B2-A1DA-E70C8131AB4C}G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6mp.exe] => (Block) G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6mp.exe
FirewallRules: [UDP Query User{295255F7-6CA8-45B1-B262-634118598C00}G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6mp.exe] => (Block) G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6mp.exe
FirewallRules: [TCP Query User{DEADC0D7-D123-4664-A6FA-DC7EC1F80ADE}G:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe] => (Allow) G:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe
FirewallRules: [UDP Query User{76CE7EF4-78FC-406F-81FF-1B2D20A1FA7F}G:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe] => (Allow) G:\program files (x86)\origin games\crysis 2 maximum edition\bin32\crysis2.exe
FirewallRules: [TCP Query User{C8068A49-F557-4D21-868C-3CC9B1534D5A}G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6sp.exe] => (Allow) G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6sp.exe
FirewallRules: [UDP Query User{20098A8B-C5F2-458F-A932-DC5865635772}G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6sp.exe] => (Allow) G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6sp.exe
FirewallRules: [{EE7C22FE-45DE-451D-9E91-EAC322120AAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4EC5ADC1-316C-4136-9C49-08778B68CC68}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{97FDB33B-CEE6-46B3-B64B-CCDC38A61028}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{56A800AE-28E1-4411-BC09-2D38AE0D29EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{49642E5E-3974-42F6-8301-B2EDBFAABA39}] => (Allow) G:\Program Files (x86)\Origin Games\Burnout Paradise\BurnoutParadise.exe
FirewallRules: [{C41AA543-092F-4150-AA38-B10976810B29}] => (Allow) G:\Program Files (x86)\Origin Games\Burnout Paradise\BurnoutParadise.exe
FirewallRules: [{B71FD072-875A-4ED4-B756-771EF873698E}] => (Allow) D:\Office 2010\Office14\ONENOTE.EXE
FirewallRules: [{779EAC18-5136-47C4-BE43-40A2AB9AABFA}] => (Allow) D:\Office 2010\Office14\ONENOTE.EXE
FirewallRules: [{29AA05AB-4B22-489D-8AAF-134FC28F66C9}] => (Allow) D:\Office 2010\Office14\outlook.exe
FirewallRules: [{4301F59C-32C0-4F15-B920-CB6FAEE75EF0}] => (Allow) D:\Office 2010\Office14\GROOVE.EXE
FirewallRules: [{ED97FF70-9523-43A6-9268-400FBA54DF53}] => (Allow) D:\Office 2010\Office14\GROOVE.EXE
FirewallRules: [{AA8F1735-8886-4525-A63E-32E31691CBE7}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\Anno4.exe
FirewallRules: [{6EF0FD82-C269-4D55-98EB-F188C8A0D7E9}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\Anno4.exe
FirewallRules: [{BB86B4E8-27C3-48CB-A04A-1AD2D12180C5}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\tools\Anno4Web.exe
FirewallRules: [{5284E14D-5312-4FEF-8E9A-F981C9DA15F8}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\tools\Anno4Web.exe
FirewallRules: [{518F6F99-5071-45FF-A251-01374E17F8EE}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\Addon.exe
FirewallRules: [{A3DEF35E-71F4-4303-A3BF-FAEFB963320D}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\Addon.exe
FirewallRules: [{4662FE09-1A25-4B4E-BF63-6C69EEB8870D}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\tools\AddonWeb.exe
FirewallRules: [{7903B522-AAFD-4BA5-BD64-01C37A7F1158}] => (Allow) G:\Anno_1404_Dawn_Of_Discovery\tools\AddonWeb.exe
FirewallRules: [{67849F89-1798-4B35-B6D2-DA8D325873B1}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{97608F49-B0CB-4B7F-B81A-7AE2C725BC41}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{B85B17FB-0AE9-4D89-B1A6-635FFBFBA044}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{59E98CA6-D295-418C-B6B3-B9D715A916FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FA926770-646B-4024-887D-5F9B3C478F7F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{34D04A73-91FF-4829-9BD4-C194DE5D89AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9EACC2C3-DFD4-4B51-8C6D-3672FDEC1176}] => (Allow) G:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{0264A735-7EA2-4C0E-86E1-0FE607CA486A}] => (Allow) G:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{ABE7DB9C-3B6B-429F-9D89-176136B9D487}] => (Allow) G:\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{0C733E4D-621E-4D35-9C3E-66810D0EED5F}] => (Allow) G:\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{5E0FC3B4-8070-49C1-BED0-FBF6D5371AAE}] => (Allow) G:\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{D1149AF0-66ED-490F-A5F4-5E58580D140F}] => (Allow) G:\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{7F5B4CDD-6A28-45FB-8D79-D61E1490891A}] => (Allow) G:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{16FED7AD-DD44-4C5D-BF6B-36555FA3C892}] => (Allow) G:\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{A7506ABE-ED66-40D1-9027-083BC88E2069}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B0682A05-87C1-4DE6-B8CD-FCF176EC9A5B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{02CF6BB5-D8AA-4970-9EE3-E52728B183AF}] => (Allow) G:\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{CF10DF55-5A45-45C2-A307-1D785A777FA5}] => (Allow) G:\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [TCP Query User{A789040A-778E-4AC8-AC1F-0659777B52BC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{87F96826-8FFD-4F12-AFDD-4F8078FF5D0A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{94203678-DEDD-4A1E-8DB3-77DBBC68828E}G:\steam\steam.exe] => (Allow) G:\steam\steam.exe
FirewallRules: [UDP Query User{3A495DE5-DD0C-4F7E-88D3-30A241DD7CC8}G:\steam\steam.exe] => (Allow) G:\steam\steam.exe
FirewallRules: [TCP Query User{AD0A5D0C-ABD3-49D7-8E49-260C452D9E8D}I:\stronghold 2\stronghold2.exe] => (Allow) I:\stronghold 2\stronghold2.exe
FirewallRules: [UDP Query User{0C729C2F-7E4B-4629-AFCD-DCFA0C4E53D4}I:\stronghold 2\stronghold2.exe] => (Allow) I:\stronghold 2\stronghold2.exe
FirewallRules: [TCP Query User{744F4B7C-D235-435F-AB66-997123FB4390}I:\modern warfare 2\iw4mp.exe] => (Block) I:\modern warfare 2\iw4mp.exe
FirewallRules: [UDP Query User{B07A2882-FB29-4C96-B6CF-4A44BC3FE07D}I:\modern warfare 2\iw4mp.exe] => (Block) I:\modern warfare 2\iw4mp.exe
FirewallRules: [TCP Query User{43F64302-D87A-426B-8208-4E211FA39D94}I:\call of duty 5 - world at war\codwaw.exe] => (Block) I:\call of duty 5 - world at war\codwaw.exe
FirewallRules: [UDP Query User{D126FDB1-E277-441A-BA1A-129FE3E3DFC3}I:\call of duty 5 - world at war\codwaw.exe] => (Block) I:\call of duty 5 - world at war\codwaw.exe
FirewallRules: [TCP Query User{8401408D-84B0-430F-B2FD-404A6DAAD72D}I:\call of duty 5 - world at war\codwawmp.exe] => (Block) I:\call of duty 5 - world at war\codwawmp.exe
FirewallRules: [UDP Query User{E2EFF4E9-3334-4CEE-8B6F-603CF53071F2}I:\call of duty 5 - world at war\codwawmp.exe] => (Block) I:\call of duty 5 - world at war\codwawmp.exe
FirewallRules: [{1FB92D95-A6E8-44AD-BCC7-47C02D40DEFA}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{E4FB355B-121E-4894-AC9B-E527991C6FE1}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{6880DCC9-393F-4AD8-8658-C1BD9FA42527}] => (Allow) LPort=1542
FirewallRules: [{3BF54AA9-66E2-4827-A776-4788708E1D87}] => (Allow) LPort=1542
FirewallRules: [{ABCBD741-C888-487D-AB1C-ACE3201B6D7D}] => (Allow) LPort=53
FirewallRules: [TCP Query User{E5499EAD-2F7E-4055-BA2C-4B2F37F0D52C}G:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) G:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{2C5A3DE3-A831-4B5C-9E19-12EC3CE79320}G:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) G:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{1E0EE256-F7D7-437A-BF6F-EF24278ED160}G:\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) G:\steam\steamapps\common\planetside 2\planetside2.exe
FirewallRules: [UDP Query User{B053842F-AF80-4A7A-B659-F3BBAED431A4}G:\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) G:\steam\steamapps\common\planetside 2\planetside2.exe
FirewallRules: [TCP Query User{94BDD4FF-4C7B-4E3B-8A8A-D059B0B4E918}G:\dayz\dayz standalone v.0.34.115.106 - p2p-release\dayz_28.exe] => (Allow) G:\dayz\dayz standalone v.0.34.115.106 - p2p-release\dayz_28.exe
FirewallRules: [UDP Query User{D190307E-DE41-4292-93AD-EC0747AA24DF}G:\dayz\dayz standalone v.0.34.115.106 - p2p-release\dayz_28.exe] => (Allow) G:\dayz\dayz standalone v.0.34.115.106 - p2p-release\dayz_28.exe
FirewallRules: [TCP Query User{88E8EF81-B2A2-4D58-B73B-A6B2B5901FF9}G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6zm.exe] => (Allow) G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6zm.exe
FirewallRules: [UDP Query User{14552DF3-454D-4DF5-B5D5-168B745B1712}G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6zm.exe] => (Allow) G:\callofdutyblackopsiigermanpostmortemgerman\call of duty black ops ii\t6zm.exe
FirewallRules: [TCP Query User{531D67F4-A288-45CA-B779-E298A64149F5}D:\vuze\azureus.exe] => (Block) D:\vuze\azureus.exe
FirewallRules: [UDP Query User{85DA6337-C37D-4242-84DF-A4827B5FE8AA}D:\vuze\azureus.exe] => (Block) D:\vuze\azureus.exe
FirewallRules: [TCP Query User{BF58F7FD-5970-4F00-8FC0-96DA4A74D9A7}I:\stronghold 2\stronghold2.exe] => (Allow) I:\stronghold 2\stronghold2.exe
FirewallRules: [UDP Query User{37B11F96-AF1E-4F11-A9B2-B37D3A69683A}I:\stronghold 2\stronghold2.exe] => (Allow) I:\stronghold 2\stronghold2.exe
FirewallRules: [{51E45985-FB29-45F0-A435-AB2B013E5AE9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{98D1E901-7371-44B2-8199-B4A962FC7AFC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0EF02F5E-53F4-47EB-AB24-50774C010EC5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CE079958-9131-419B-94DF-79314EA0A920}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B5BEC0C4-6C50-4534-A13F-5E23F34E1E02}] => (Allow) D:\iTunes\iTunes.exe
FirewallRules: [{A00F5CE3-FDF1-4A81-832A-DAA08F08DBF1}] => (Allow) G:\Patrizier 4\Patrician4.exe
FirewallRules: [{A4D7F9E5-A668-4B34-884F-87EF760ED4AB}] => (Allow) G:\Patrizier 4\Patrician4.exe
FirewallRules: [TCP Query User{532A08D9-0D55-499A-AA52-DDF9F2B2EB2D}I:\borderlands\gearbox software\borderlands\binaries\borderlands.exe] => (Allow) I:\borderlands\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{078FEE7A-82C9-49B7-A06A-BD4F3E8F582B}I:\borderlands\gearbox software\borderlands\binaries\borderlands.exe] => (Allow) I:\borderlands\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [TCP Query User{15EFBF13-9CF7-45F0-8357-2FABEBAC4E4B}G:\left 4 dead 2\left4dead2.exe] => (Allow) G:\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{A664F030-ED2E-49FA-AFD8-9545BA5D7672}G:\left 4 dead 2\left4dead2.exe] => (Allow) G:\left 4 dead 2\left4dead2.exe
FirewallRules: [{26592723-CC72-41DD-9678-1EB7C1372499}] => (Allow) G:\Steam\SteamApps\common\Risen\bin\Risen.exe
FirewallRules: [{CE25EFD6-3E0F-4FCF-9C41-3E4C0FF6A1F6}] => (Allow) G:\Steam\SteamApps\common\Risen\bin\Risen.exe
FirewallRules: [{A02F1879-3501-4D60-B45A-AB9FDE1CBEF0}] => (Allow) G:\Steam\SteamApps\common\Risen 2\system\Risen2.exe
FirewallRules: [{B336EC0D-77DC-4F5D-89FA-952351258A64}] => (Allow) G:\Steam\SteamApps\common\Risen 2\system\Risen2.exe
FirewallRules: [{8A91371E-A338-4A5F-B01D-8D3CAD6A5580}] => (Allow) G:\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{FE10235B-2D9B-4B50-B7CA-418E9F4494C8}] => (Allow) G:\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{594B9B13-7365-40F2-A86C-F5B972978336}] => (Allow) G:\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{B92DA8DD-C600-4CF1-9DDF-BC76C07784A3}] => (Allow) G:\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{BA420E8B-7410-44E7-A13C-4659C7390DA6}] => (Allow) G:\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{5BD39739-93E0-42AC-9EBF-D7D25068300C}] => (Allow) G:\Steam\SteamApps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{A5602BEB-4F09-42A2-82AF-F8F353781002}] => (Allow) G:\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{FDAC2DE1-4567-4FB2-BA86-D4BC4D26CC31}] => (Allow) G:\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{FFD77448-B3E2-4BC6-BD2E-715E9B901967}] => (Allow) G:\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{E2389553-6CF9-4058-A7F8-D8763A623006}] => (Allow) G:\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [TCP Query User{A85D0C15-1061-4EBB-AE06-0714D1E4FE76}G:\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) G:\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [UDP Query User{CC40851D-7234-4407-A326-C053F38EEC3D}G:\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) G:\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{2D2A4BF6-A30B-481A-9043-62E6D1394A22}] => (Allow) G:\Steam\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{8D8B9027-F607-4481-AD01-BFAACC26EE01}] => (Allow) G:\Steam\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{780D4A08-6066-49DF-A5C5-A26F3885358C}] => (Allow) G:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{91138AC3-6F3D-43DD-972A-F5CE13A63CF5}] => (Allow) G:\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{D4F730AF-9698-4C83-9CD7-8F27DE747DEA}] => (Allow) G:\Steam\SteamApps\common\Viking Battle for Asgard\viking.exe
FirewallRules: [{8E0F56D6-8707-46ED-AA44-251B592DD113}] => (Allow) G:\Steam\SteamApps\common\Viking Battle for Asgard\viking.exe
FirewallRules: [{9C076CA0-6153-42F1-AC18-ED08C1E13AB6}] => (Allow) G:\Steam\SteamApps\common\Viking Battle for Asgard\ConfigTool.exe
FirewallRules: [{E7ED83C3-A6CA-4108-9925-8708CC37CCA9}] => (Allow) G:\Steam\SteamApps\common\Viking Battle for Asgard\ConfigTool.exe
FirewallRules: [{896F59FF-35E3-4D46-A882-DEF8F3137AEA}] => (Allow) G:\Steam\SteamApps\common\Medieval II Total War\Launcher.exe
FirewallRules: [{FAF60676-0C6D-46B9-B792-B39F9CE5A858}] => (Allow) G:\Steam\SteamApps\common\Medieval II Total War\Launcher.exe
FirewallRules: [TCP Query User{CBD29EEA-B7C7-4D80-B763-F305D46B72E0}D:\unity 3d\editor\unity.exe] => (Allow) D:\unity 3d\editor\unity.exe
FirewallRules: [UDP Query User{12F9F402-C522-4C99-8B83-DBF6B00BD7FC}D:\unity 3d\editor\unity.exe] => (Allow) D:\unity 3d\editor\unity.exe
FirewallRules: [TCP Query User{7FFF35AE-FDFE-409F-822A-2D4F389980A5}D:\unity 3d\under the sea.exe] => (Allow) D:\unity 3d\under the sea.exe
FirewallRules: [UDP Query User{C8CFE31C-C4C2-4C1B-B12A-A822DFF8B2AA}D:\unity 3d\under the sea.exe] => (Allow) D:\unity 3d\under the sea.exe
FirewallRules: [{28654D46-7B47-4020-961D-5B44051A8656}] => (Allow) G:\Steam\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{DE059310-4642-47F5-9FB8-62D48B78AF30}] => (Allow) G:\Steam\SteamApps\common\Empire Total War\Empire.exe
FirewallRules: [{44191E4F-B036-45F1-A55E-C92B4AE6418D}] => (Allow) G:\Port Royale 3\PortRoyale3.exe
FirewallRules: [{9ABAC60A-267A-4177-B3EB-61AE9380D40C}] => (Allow) G:\Steam\SteamApps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{2A689BD6-ABFC-468F-8FD3-33EA715C55F4}] => (Allow) G:\Steam\SteamApps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{48B2D8F7-AAE6-4FDD-82D1-7A231FCB61A1}] => (Allow) G:\Steam\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{7FA81C54-470F-48D2-B248-BB39FCB10612}] => (Allow) G:\Steam\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{A953EAA2-80C1-49C4-B7F4-A56C44014575}] => (Allow) G:\Steam\SteamApps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{90A2F7D4-7074-47F5-ACDD-5631FFDDE592}] => (Allow) G:\Steam\SteamApps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{CA1E33F9-F6E1-49DB-BB4B-69876569C1B2}] => (Allow) G:\Steam\SteamApps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{206E49AC-CD3C-497A-BB51-39FAB0A0EB70}] => (Allow) G:\Steam\SteamApps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{9CAC2605-95C7-4A3B-AE0B-FE7A320F5305}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{DB66B38B-63ED-4F44-B763-F3228DC1FC5D}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{6B338272-5D6E-4E81-9A13-BFF1A743D78F}G:\empire earth_aoc addon\ee-aoc (2).exe] => (Allow) G:\empire earth_aoc addon\ee-aoc (2).exe
FirewallRules: [UDP Query User{C50E8559-3E5A-40AB-9554-51EABFB8BC58}G:\empire earth_aoc addon\ee-aoc (2).exe] => (Allow) G:\empire earth_aoc addon\ee-aoc (2).exe
FirewallRules: [TCP Query User{DED40E84-7AB1-48DC-B0FD-F9E135E093FF}G:\0 a. d\binaries\system\pyrogenesis.exe] => (Allow) G:\0 a. d\binaries\system\pyrogenesis.exe
FirewallRules: [UDP Query User{88365C49-3CC7-449F-90CE-63BF6F7ED6F5}G:\0 a. d\binaries\system\pyrogenesis.exe] => (Allow) G:\0 a. d\binaries\system\pyrogenesis.exe
FirewallRules: [{BB089873-359E-4D88-B5FF-4D3C92E0A47C}] => (Allow) LPort=20595
FirewallRules: [{0288BAD5-8AF8-4A3D-8731-1663B567C342}] => (Allow) G:\Steam\SteamApps\common\Imperium Romanum\Imperium Romanum.exe
FirewallRules: [{2FC64BC6-32EC-4C9E-A0ED-9F011E2D4FF2}] => (Allow) G:\Steam\SteamApps\common\Imperium Romanum\Imperium Romanum.exe
FirewallRules: [{BCE3A93E-E953-4AA8-B35D-F5A2E04662EF}] => (Allow) G:\Steam\SteamApps\common\Omerta\OmertaSteam.exe
FirewallRules: [{2C8F6372-0275-4D23-8563-6D41C0598F1B}] => (Allow) G:\Steam\SteamApps\common\Omerta\OmertaSteam.exe
FirewallRules: [{2DD5D23B-F417-42C3-B859-6C5DC30AE623}] => (Allow) G:\Steam\SteamApps\common\Grand Ages Rome\Rome.exe
FirewallRules: [{CF05FF74-376E-4508-A396-AD9670E86839}] => (Allow) G:\Steam\SteamApps\common\Grand Ages Rome\Rome.exe
FirewallRules: [{4BF73FC7-F076-4A7A-B0B5-4FDBFACAA536}] => (Allow) G:\Steam\SteamApps\common\Patrician IV\Patrician4.exe
FirewallRules: [{C5AEF18B-B51D-41C1-8A79-9B798DEFC476}] => (Allow) G:\Steam\SteamApps\common\Patrician IV\Patrician4.exe
FirewallRules: [TCP Query User{FE574337-A967-4D64-8E35-5B149E4375B7}G:\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) G:\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [UDP Query User{D09B2B92-B410-48E3-8600-E1BF48712DF5}G:\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) G:\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [{541426ED-D598-4E7F-BFE7-A2BD951CFEB9}] => (Allow) D:\Skype\Phone\Skype.exe
FirewallRules: [{4DEC54AF-AEE2-4619-8C7D-F719CC98196F}] => (Allow) D:\Vuze\Azureus.exe
FirewallRules: [{B71C91E3-E0B3-4DD8-8F93-3451660F091F}] => (Allow) D:\Vuze\Azureus.exe
FirewallRules: [{DC46806A-28AE-49BA-B3A2-3DD6CD0BF8D2}] => (Allow) LPort=41780
FirewallRules: [TCP Query User{0B79457C-322E-4264-9110-FFF5ECE7E2A9}G:\landmark beta\landmark64.exe] => (Allow) G:\landmark beta\landmark64.exe
FirewallRules: [UDP Query User{14C72136-1D79-425F-A260-98056539F7B2}G:\landmark beta\landmark64.exe] => (Allow) G:\landmark beta\landmark64.exe
FirewallRules: [{4F061697-9B80-426D-8919-17223E0A8E02}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9A2FEE1C-A42B-457F-8E82-B2830B7C1889}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F1548A68-B5F7-4799-A22C-68238CBE1140}] => (Allow) G:\Battle.net\Battle.net.exe
FirewallRules: [{225914CC-F764-45A0-803E-D15F4BA1D2EB}] => (Allow) G:\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{904AEFF6-8152-41F9-8A5C-A0A2AC03C5D6}G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{893A2AC5-4E7F-47E6-B686-29A9356A9FF1}G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{10B9F722-865F-41B8-92AF-8CDACDD66AC6}G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{F0431EA5-6451-476A-99EF-D0BBAAE97887}G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) G:\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{D303ACA6-69E0-4324-986D-59581E7BCC2E}] => (Allow) G:\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{DEFF7D20-08AB-4916-B584-975AC480E190}] => (Allow) G:\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{A44B88D4-379E-4E09-86F6-4A219A2ACBC6}] => (Allow) G:\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{85AFB7B0-CF50-4219-8BF2-3F7ED9540F7F}] => (Allow) G:\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{B37EDFD3-0B19-4566-9920-F8A2CB727BB3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{97005664-463C-4980-AC69-B29519CFC468}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{3C036CE4-664C-40CD-9DB5-2CAEAD025CDA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{738E15CB-7C31-4190-9015-94D2BFF273C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{40D8C402-32E2-4821-8F50-9CF828D3143B}] => (Allow) D:\Firefox\firefox.exe
FirewallRules: [{E77586DB-C812-4450-B083-22B076FD3F5E}] => (Allow) D:\Firefox\firefox.exe
FirewallRules: [{363059F7-4F2B-4067-928D-2C268217432E}] => (Allow) G:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{9CBF6B6E-5572-42C4-AEA1-9DE8032903EA}] => (Allow) G:\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{E67A6002-19E5-47C8-8F3D-99C2861DED45}] => (Allow) G:\Age of Empires 3\AoE3\age3x.exe
FirewallRules: [{2A6F2CFF-0153-4FFA-949B-EFFA24EDFDED}] => (Allow) G:\Age of Empires 3\AoE3\age3x.exe
FirewallRules: [{5994F128-BC4C-468C-92BD-7667742DE787}] => (Allow) G:\Age of Empires 3\AoE3\age3y.exe
FirewallRules: [{E48DC774-1A75-4A1E-83ED-B7FDBD4A3990}] => (Allow) G:\Age of Empires 3\AoE3\age3y.exe
FirewallRules: [TCP Query User{7DE3C639-C14C-468A-9FA2-E2D24B3FB820}G:\steam\steamapps\common\total war attila\attila.exe] => (Allow) G:\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{EE27A8C1-F193-4BBD-858C-26E347420382}G:\steam\steamapps\common\total war attila\attila.exe] => (Allow) G:\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [{E6D82598-A427-40CB-A398-F17DDD62C909}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{0F364C7F-855B-4C2C-8C00-A115F15811D1}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{8EF25516-30AF-4697-9E27-1010E5334A5E}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{404197E2-14BA-4FAB-9075-C4E1059C5E9E}] => (Allow) G:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{F6221388-C064-4FA6-82FD-81F9E3A87F4B}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{E0BD414D-1207-4E70-9FC5-BF3E52272EC5}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{DF1D4E3D-81F6-4971-9EA2-46952CE3D538}] => (Allow) G:\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{A22BB3D8-1991-44B9-835F-6C12E9A966E9}] => (Allow) G:\Steam\SteamApps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{F5B8CBE9-2080-4586-8426-B4D68396CAF1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D088F147-001E-464F-89D6-1A55AE51B480}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{88E469E2-E545-4024-8D93-30AD1B8B44AE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{01516ECA-7E7F-4137-893A-45930B13A318}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{943439FB-7E2C-4751-8DF9-43E294442879}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{87036C02-0DF7-4F1C-8B64-3C3E18D63961}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{AEE1C49F-50D3-42CF-BF66-9BFA4E13AB0F}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{980064BB-E115-4D5E-AB1D-D6475E647383}] => (Allow) G:\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{225679CB-C30F-4A87-B5B6-894F4B23D327}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2015 10:21:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 08:26:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 01:17:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000df585
ID des fehlerhaften Prozesses: 0x60c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (07/07/2015 11:45:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 2.3.55.0, Zeitstempel: 0x557a2a02
Name des fehlerhaften Moduls: mbam.exe, Version: 2.3.55.0, Zeitstempel: 0x557a2a02
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001de590
ID des fehlerhaften Prozesses: 0x1574
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (07/07/2015 11:41:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 11:33:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 11:17:50 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (3320) WebCacheLocal: Fehler -1811 beim Öffnen von Protokolldatei C:\Users\Scotty\AppData\Local\Microsoft\Windows\WebCache\V01000E0.log.

Error: (07/07/2015 11:17:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 10:56:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 10:54:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/07/2015 10:21:33 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎07.‎2015 um 22:19:54 unerwartet heruntergefahren.

Error: (07/07/2015 11:41:08 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎07.‎2015 um 11:38:54 unerwartet heruntergefahren.

Error: (07/07/2015 11:35:41 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (07/07/2015 11:17:40 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff88007fbbd7b, 0xfffff88008c72798, 0xfffff88008c71ff0)C:\Windows\MEMORY.DMP070715-13821-01

Error: (07/07/2015 11:17:38 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎07.‎2015 um 11:16:14 unerwartet heruntergefahren.

Error: (07/07/2015 10:56:23 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎07.‎2015 um 10:54:43 unerwartet heruntergefahren.

Error: (07/07/2015 10:53:52 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎07.‎2015 um 10:51:27 unerwartet heruntergefahren.

Error: (07/07/2015 10:46:36 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎07.‎2015 um 10:43:41 unerwartet heruntergefahren.

Error: (07/06/2015 09:10:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎06.‎07.‎2015 um 21:07:58 unerwartet heruntergefahren.

Error: (07/06/2015 08:54:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎06.‎07.‎2015 um 20:51:08 unerwartet heruntergefahren.


Microsoft Office:
=========================
Error: (07/07/2015 10:21:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 08:26:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 01:17:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d6727a7unknown0.0.0.000000000c0000005000df58560c01d0b8a66fea0b3dC:\Windows\SysWOW64\explorer.exeunknownb6d0123e-2499-11e5-bce2-74d02b2709de

Error: (07/07/2015 11:45:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe2.3.55.0557a2a02mbam.exe2.3.55.0557a2a02c0000005001de590157401d0b8997a3abda5D:\Malwarebytes' Anti-Malware\mbam.exeD:\Malwarebytes' Anti-Malware\mbam.exedfd23feb-248c-11e5-bce2-74d02b2709de

Error: (07/07/2015 11:41:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 11:33:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 11:17:50 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost3320WebCacheLocal: C:\Users\Scotty\AppData\Local\Microsoft\Windows\WebCache\V01000E0.log-1811

Error: (07/07/2015 11:17:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 10:56:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 10:54:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2015-04-03 21:57:44.766
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-04-03 21:57:44.724
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-18 21:05:53.538
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-18 21:05:53.485
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-28 12:03:50.114
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-28 12:03:50.075
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-28 12:03:31.447
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-28 12:03:31.409
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-28 12:01:56.695
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-28 12:01:56.657
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Vuze\PeerGuardian2\pgfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz
Percentage of memory in use: 13%
Total physical RAM: 16327.51 MB
Available physical RAM: 14139.61 MB
Total Virtual: 32653.23 MB
Available Virtual: 30389.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:30.78 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.45 GB) (Free:810.06 GB) NTFS
Drive e: (Storage) (Fixed) (Total:39.08 GB) (Free:38.94 GB) NTFS
Drive g: (Games) (Fixed) (Total:931.44 GB) (Free:268.61 GB) NTFS
Drive h: (Daten) (Fixed) (Total:129.56 GB) (Free:115.9 GB) NTFS
Drive i: (Spiele) (Fixed) (Total:129.45 GB) (Free:24.91 GB) NTFS
Drive k: (VERBATIM) (Fixed) (Total:931.51 GB) (Free:61.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 796F09E5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: E4FC5876)
Partition 1: (Active) - (Size=39.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=129.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=129.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: 627EB82D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---

--- --- ---



Im Anhang findet ihr noch den GMER Log. Dieser war leider zu lang um ihn zu posten und zu groß um ihn ungezipt anzuhängen, Sorry!

schrauber 08.07.2015 05:52
hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Carso 08.07.2015 09:53
Hi,

wenn ich "Malwarebytes Anti-Rootkit" starte, kommt eine Fehlermeldung:

"Registry Value "AppInit_Dlls" has been found, which may be caused by rootkit activity."

Man kann den Wert erstmal ignorieren oder ihn direkt löschen. Ich habe ihn jetzt erstmal ignoriert.

Hier der Log von Malwarebyte Anti Rootkit: (kam sauber zurück)

Code:
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.07.08.02
  rootkit: v2015.07.07.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17843
Scotty :: SCOTTY-PC [administrator]

08.07.2015 10:42:44
mbar-log-2015-07-08 (10-42-44).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 375712
Time elapsed: 5 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
und hier der von TDSSKiller:

Code:
10:49:10.0230 0x07f8  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
10:49:30.0279 0x07f8  ============================================================
10:49:30.0279 0x07f8  Current date / time: 2015/07/08 10:49:30.0279
10:49:30.0279 0x07f8  SystemInfo:
10:49:30.0280 0x07f8 
10:49:30.0280 0x07f8  OS Version: 6.1.7601 ServicePack: 1.0
10:49:30.0280 0x07f8  Product type: Workstation
10:49:30.0280 0x07f8  ComputerName: SCOTTY-PC
10:49:30.0280 0x07f8  UserName: Scotty
10:49:30.0280 0x07f8  Windows directory: C:\Windows
10:49:30.0280 0x07f8  System windows directory: C:\Windows
10:49:30.0280 0x07f8  Running under WOW64
10:49:30.0280 0x07f8  Processor architecture: Intel x64
10:49:30.0280 0x07f8  Number of processors: 4
10:49:30.0280 0x07f8  Page size: 0x1000
10:49:30.0280 0x07f8  Boot type: Normal boot
10:49:30.0280 0x07f8  ============================================================
10:49:30.0621 0x07f8  KLMD registered as C:\Windows\system32\drivers\92483464.sys
10:49:30.0678 0x07f8  System UUID: {6FC7F923-4DD5-E1D5-DA64-BC184AF8A0AF}
10:49:30.0938 0x07f8  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:49:30.0938 0x07f8  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:49:30.0952 0x07f8  Drive \Device\Harddisk2\DR2 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:49:30.0954 0x07f8  Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:49:30.0955 0x07f8  Drive \Device\Harddisk4\DR4 - Size: 0x1E150DE00 ( 7.52 Gb ), SectorSize: 0x200, Cylinders: 0x3D5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:49:30.0957 0x07f8  ============================================================
10:49:30.0957 0x07f8  \Device\Harddisk1\DR1:
10:49:30.0957 0x07f8  GPT partitions:
10:49:30.0957 0x07f8  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {C6CE7D1F-3DC3-46E5-BF1B-DB8A98A3DE80}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
10:49:30.0957 0x07f8  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {38C72D1D-ACB6-4E1B-AF9D-D9D07FB8DBA7}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746E4000
10:49:30.0957 0x07f8  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3EB24C8A-DBA7-4135-A348-520086F9A7EE}, Name: Basic data partition, StartLBA 0x74724800, BlocksNum 0x746E3800
10:49:30.0957 0x07f8  MBR partitions:
10:49:30.0957 0x07f8  \Device\Harddisk0\DR0:
10:49:30.0957 0x07f8  MBR partitions:
10:49:30.0957 0x07f8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:49:30.0957 0x07f8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
10:49:30.0957 0x07f8  \Device\Harddisk2\DR2:
10:49:30.0958 0x07f8  MBR partitions:
10:49:30.0958 0x07f8  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4E26B6E
10:49:30.0958 0x07f8  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x4E27000, BlocksNum 0x10320800
10:49:30.0958 0x07f8  \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x15147800, BlocksNum 0x102E6800
10:49:30.0958 0x07f8  \Device\Harddisk3\DR3:
10:49:30.0958 0x07f8  MBR partitions:
10:49:30.0958 0x07f8  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
10:49:30.0958 0x07f8  \Device\Harddisk4\DR4:
10:49:30.0958 0x07f8  MBR partitions:
10:49:30.0958 0x07f8  \Device\Harddisk4\DR4\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xF07956
10:49:30.0958 0x07f8  ============================================================
10:49:30.0960 0x07f8  C: <-> \Device\Harddisk0\DR0\Partition2
10:49:30.0999 0x07f8  D: <-> \Device\Harddisk1\DR1\Partition2
10:49:31.0011 0x07f8  E: <-> \Device\Harddisk2\DR2\Partition1
10:49:31.0047 0x07f8  G: <-> \Device\Harddisk1\DR1\Partition3
10:49:31.0075 0x07f8  H: <-> \Device\Harddisk2\DR2\Partition2
10:49:31.0113 0x07f8  I: <-> \Device\Harddisk2\DR2\Partition3
10:49:31.0148 0x07f8  K: <-> \Device\Harddisk3\DR3\Partition1
10:49:31.0148 0x07f8  ============================================================
10:49:31.0149 0x07f8  Initialize success
10:49:31.0149 0x07f8  ============================================================
10:50:09.0094 0x061c  ============================================================
10:50:09.0094 0x061c  Scan started
10:50:09.0094 0x061c  Mode: Manual; SigCheck; TDLFS;
10:50:09.0094 0x061c  ============================================================
10:50:09.0094 0x061c  KSN ping started
10:50:11.0537 0x061c  KSN ping finished: true
10:50:12.0350 0x061c  ================ Scan system memory ========================
10:50:12.0350 0x061c  System memory - ok
10:50:12.0350 0x061c  ================ Scan services =============================
10:50:12.0376 0x061c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:50:12.0416 0x061c  1394ohci - ok
10:50:12.0425 0x061c  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
10:50:12.0438 0x061c  acedrv11 - ok
10:50:12.0445 0x061c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:50:12.0457 0x061c  ACPI - ok
10:50:12.0460 0x061c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
10:50:12.0470 0x061c  AcpiPmi - ok
10:50:12.0481 0x061c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
10:50:12.0494 0x061c  adp94xx - ok
10:50:12.0503 0x061c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\drivers\adpahci.sys
10:50:12.0514 0x061c  adpahci - ok
10:50:12.0519 0x061c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
10:50:12.0528 0x061c  adpu320 - ok
10:50:12.0532 0x061c  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
10:50:12.0542 0x061c  AeLookupSvc - ok
10:50:12.0552 0x061c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD            C:\Windows\system32\drivers\afd.sys
10:50:12.0568 0x061c  AFD - ok
10:50:12.0571 0x061c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:50:12.0579 0x061c  agp440 - ok
10:50:12.0582 0x061c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
10:50:12.0592 0x061c  ALG - ok
10:50:12.0594 0x061c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:50:12.0601 0x061c  aliide - ok
10:50:12.0604 0x061c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:50:12.0610 0x061c  amdide - ok
10:50:12.0613 0x061c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
10:50:12.0623 0x061c  AmdK8 - ok
10:50:12.0626 0x061c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
10:50:12.0636 0x061c  AmdPPM - ok
10:50:12.0640 0x061c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
10:50:12.0648 0x061c  amdsata - ok
10:50:12.0653 0x061c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:50:12.0662 0x061c  amdsbs - ok
10:50:12.0665 0x061c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata        C:\Windows\system32\drivers\amdxata.sys
10:50:12.0672 0x061c  amdxata - ok
10:50:12.0675 0x061c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID          C:\Windows\system32\drivers\appid.sys
10:50:12.0684 0x061c  AppID - ok
10:50:12.0687 0x061c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:50:12.0695 0x061c  AppIDSvc - ok
10:50:12.0699 0x061c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo        C:\Windows\System32\appinfo.dll
10:50:12.0708 0x061c  Appinfo - ok
10:50:12.0713 0x061c  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:50:12.0720 0x061c  Apple Mobile Device - ok
10:50:12.0725 0x061c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt        C:\Windows\System32\appmgmts.dll
10:50:12.0736 0x061c  AppMgmt - ok
10:50:12.0740 0x061c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\drivers\arc.sys
10:50:12.0747 0x061c  arc - ok
10:50:12.0751 0x061c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:50:12.0758 0x061c  arcsas - ok
10:50:12.0772 0x061c  [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT            C:\Windows\SysWOW64\ASGT.exe
10:50:12.0776 0x061c  ASGT - detected UnsignedFile.Multi.Generic ( 1 )
10:50:15.0216 0x061c  Detect skipped due to KSN trusted
10:50:15.0216 0x061c  ASGT - ok
10:50:15.0228 0x061c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:50:15.0245 0x061c  aspnet_state - ok
10:50:15.0250 0x061c  [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid        C:\Windows\system32\drivers\aswHwid.sys
10:50:15.0264 0x061c  aswHwid - ok
10:50:15.0269 0x061c  [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt      C:\Windows\system32\drivers\aswMonFlt.sys
10:50:15.0276 0x061c  aswMonFlt - ok
10:50:15.0280 0x061c  [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
10:50:15.0288 0x061c  aswRdr - ok
10:50:15.0291 0x061c  [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt        C:\Windows\system32\drivers\aswRvrt.sys
10:50:15.0298 0x061c  aswRvrt - ok
10:50:15.0316 0x061c  [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
10:50:15.0339 0x061c  aswSnx - ok
10:50:15.0349 0x061c  [ A04F190FCD762E7BCC9BFC70563C52DB, 2BF6823F2EADBDA28DF1CCECCAC84D9FF37D3CFB66A7B402575C6B9FCFB45EB3 ] aswSP          C:\Windows\system32\drivers\aswSP.sys
10:50:15.0363 0x061c  aswSP - ok
10:50:15.0368 0x061c  [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm          C:\Windows\system32\drivers\aswStm.sys
10:50:15.0376 0x061c  aswStm - ok
10:50:15.0383 0x061c  [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
10:50:15.0394 0x061c  aswVmm - ok
10:50:15.0396 0x061c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:50:15.0419 0x061c  AsyncMac - ok
10:50:15.0421 0x061c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
10:50:15.0429 0x061c  atapi - ok
10:50:15.0436 0x061c  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
10:50:15.0447 0x061c  atksgt - ok
10:50:15.0460 0x061c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:50:15.0479 0x061c  AudioEndpointBuilder - ok
10:50:15.0492 0x061c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:50:15.0509 0x061c  AudioSrv - ok
10:50:15.0569 0x061c  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus D:\Avast Antivir\AvastSvc.exe
10:50:15.0586 0x061c  avast! Antivirus - ok
10:50:15.0592 0x061c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:50:15.0607 0x061c  AxInstSV - ok
10:50:15.0616 0x061c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
10:50:15.0632 0x061c  b06bdrv - ok
10:50:15.0639 0x061c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:50:15.0652 0x061c  b57nd60a - ok
10:50:15.0658 0x061c  [ C6CD10195F9D303F879147D2CB5CA7AB, 647AE383E27C76539CD88CD21D7C542DE86B73C04E01188597B6877CBA5DCCEE ] bckd            C:\Windows\system32\drivers\bckd.sys
10:50:15.0666 0x061c  bckd - ok
10:50:15.0710 0x061c  [ 49ECC740AED507520C596ECD48C12667, ADFCE39104EA1841828207D5C5E4A8EBADC5C6BA2AE94E4BE5D99EE669BF0EC3 ] bckwfs          C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
10:50:15.0754 0x061c  bckwfs - ok
10:50:15.0760 0x061c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:50:15.0770 0x061c  BDESVC - ok
10:50:15.0772 0x061c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:50:15.0793 0x061c  Beep - ok
10:50:15.0806 0x061c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
10:50:15.0825 0x061c  BFE - ok
10:50:15.0842 0x061c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:50:15.0877 0x061c  BITS - ok
10:50:15.0880 0x061c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:50:15.0889 0x061c  blbdrive - ok
10:50:15.0898 0x061c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:50:15.0910 0x061c  Bonjour Service - ok
10:50:15.0914 0x061c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:50:15.0923 0x061c  bowser - ok
10:50:15.0926 0x061c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
10:50:15.0936 0x061c  BrFiltLo - ok
10:50:15.0939 0x061c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
10:50:15.0948 0x061c  BrFiltUp - ok
10:50:15.0953 0x061c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
10:50:15.0963 0x061c  Browser - ok
10:50:15.0970 0x061c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
10:50:15.0982 0x061c  Brserid - ok
10:50:15.0985 0x061c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:50:15.0996 0x061c  BrSerWdm - ok
10:50:15.0998 0x061c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:50:16.0008 0x061c  BrUsbMdm - ok
10:50:16.0010 0x061c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:50:16.0018 0x061c  BrUsbSer - ok
10:50:16.0022 0x061c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:50:16.0032 0x061c  BTHMODEM - ok
10:50:16.0037 0x061c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
10:50:16.0059 0x061c  bthserv - ok
10:50:16.0063 0x061c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:50:16.0085 0x061c  cdfs - ok
10:50:16.0090 0x061c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
10:50:16.0101 0x061c  cdrom - ok
10:50:16.0104 0x061c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
10:50:16.0126 0x061c  CertPropSvc - ok
10:50:16.0129 0x061c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:50:16.0140 0x061c  circlass - ok
10:50:16.0148 0x061c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
10:50:16.0160 0x061c  CLFS - ok
10:50:16.0165 0x061c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:50:16.0172 0x061c  clr_optimization_v2.0.50727_32 - ok
10:50:16.0178 0x061c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:50:16.0186 0x061c  clr_optimization_v2.0.50727_64 - ok
10:50:16.0192 0x061c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:50:16.0201 0x061c  clr_optimization_v4.0.30319_32 - ok
10:50:16.0205 0x061c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:50:16.0214 0x061c  clr_optimization_v4.0.30319_64 - ok
10:50:16.0217 0x061c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
10:50:16.0225 0x061c  CmBatt - ok
10:50:16.0228 0x061c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:50:16.0235 0x061c  cmdide - ok
10:50:16.0244 0x061c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG            C:\Windows\system32\Drivers\cng.sys
10:50:16.0261 0x061c  CNG - ok
10:50:16.0264 0x061c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
10:50:16.0270 0x061c  Compbatt - ok
10:50:16.0273 0x061c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
10:50:16.0284 0x061c  CompositeBus - ok
10:50:16.0286 0x061c  COMSysApp - ok
10:50:16.0288 0x061c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
10:50:16.0295 0x061c  crcdisk - ok
10:50:16.0301 0x061c  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:50:16.0313 0x061c  CryptSvc - ok
10:50:16.0324 0x061c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC            C:\Windows\system32\drivers\csc.sys
10:50:16.0340 0x061c  CSC - ok
10:50:16.0357 0x061c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
10:50:16.0376 0x061c  CscService - ok
10:50:16.0387 0x061c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:50:16.0417 0x061c  DcomLaunch - ok
10:50:16.0424 0x061c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
10:50:16.0450 0x061c  defragsvc - ok
10:50:16.0454 0x061c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:50:16.0476 0x061c  DfsC - ok
10:50:16.0483 0x061c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:50:16.0496 0x061c  Dhcp - ok
10:50:16.0519 0x061c  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack      C:\Windows\system32\diagtrack.dll
10:50:16.0547 0x061c  DiagTrack - ok
10:50:16.0574 0x061c  [ 05F99DFF3A8D705F9AA6B87224F7BEB1, DDE133A44A330A07A0EB961559C840BBFC9D9E0CCA27DE0B4284C76BCAD31EDE ] DirMngr        D:\GnuPG\dirmngr.exe
10:50:16.0580 0x061c  DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
10:50:19.0033 0x061c  Detect skipped due to KSN trusted
10:50:19.0033 0x061c  DirMngr - ok
10:50:19.0037 0x061c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:50:19.0078 0x061c  discache - ok
10:50:19.0081 0x061c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
10:50:19.0089 0x061c  Disk - ok
10:50:19.0093 0x061c  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc          C:\Windows\system32\drivers\dmvsc.sys
10:50:19.0102 0x061c  dmvsc - ok
10:50:19.0108 0x061c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:50:19.0119 0x061c  Dnscache - ok
10:50:19.0126 0x061c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
10:50:19.0151 0x061c  dot3svc - ok
10:50:19.0156 0x061c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
10:50:19.0180 0x061c  DPS - ok
10:50:19.0182 0x061c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
10:50:19.0190 0x061c  drmkaud - ok
10:50:19.0197 0x061c  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01    C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:50:19.0207 0x061c  dtsoftbus01 - ok
10:50:19.0225 0x061c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
10:50:19.0246 0x061c  DXGKrnl - ok
10:50:19.0250 0x061c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
10:50:19.0274 0x061c  EapHost - ok
10:50:19.0324 0x061c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\drivers\evbda.sys
10:50:19.0382 0x061c  ebdrv - ok
10:50:19.0387 0x061c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS            C:\Windows\System32\lsass.exe
10:50:19.0396 0x061c  EFS - ok
10:50:19.0411 0x061c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
10:50:19.0430 0x061c  ehRecvr - ok
10:50:19.0434 0x061c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
10:50:19.0444 0x061c  ehSched - ok
10:50:19.0455 0x061c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
10:50:19.0469 0x061c  elxstor - ok
10:50:19.0472 0x061c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:50:19.0481 0x061c  ErrDev - ok
10:50:19.0491 0x061c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
10:50:19.0518 0x061c  EventSystem - ok
10:50:19.0523 0x061c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
10:50:19.0548 0x061c  exfat - ok
10:50:19.0553 0x061c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
10:50:19.0578 0x061c  fastfat - ok
10:50:19.0591 0x061c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
10:50:19.0609 0x061c  Fax - ok
10:50:19.0612 0x061c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\drivers\fdc.sys
10:50:19.0621 0x061c  fdc - ok
10:50:19.0624 0x061c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
10:50:19.0646 0x061c  fdPHost - ok
10:50:19.0649 0x061c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:50:19.0671 0x061c  FDResPub - ok
10:50:19.0674 0x061c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:50:19.0682 0x061c  FileInfo - ok
10:50:19.0685 0x061c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
10:50:19.0707 0x061c  Filetrace - ok
10:50:19.0709 0x061c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
10:50:19.0718 0x061c  flpydisk - ok
10:50:19.0724 0x061c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:50:19.0735 0x061c  FltMgr - ok
10:50:19.0756 0x061c  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache      C:\Windows\system32\FntCache.dll
10:50:19.0782 0x061c  FontCache - ok
10:50:19.0786 0x061c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:50:19.0793 0x061c  FontCache3.0.0.0 - ok
10:50:19.0796 0x061c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
10:50:19.0804 0x061c  FsDepends - ok
10:50:19.0807 0x061c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:50:19.0814 0x061c  Fs_Rec - ok
10:50:19.0819 0x061c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:50:19.0831 0x061c  fvevol - ok
10:50:19.0834 0x061c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:50:19.0841 0x061c  gagp30kx - ok
10:50:19.0844 0x061c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:50:19.0850 0x061c  GEARAspiWDM - ok
10:50:19.0870 0x061c  [ C2730FE9713C1C474257A7085386B11E, 7D35D00D2B455841C8C9A87CE92885CD22F4B8B6690CB21443ED1B515117EF95 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
10:50:19.0893 0x061c  GfExperienceService - ok
10:50:19.0909 0x061c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\Windows\System32\gpsvc.dll
10:50:19.0941 0x061c  gpsvc - ok
10:50:19.0946 0x061c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:50:19.0953 0x061c  gupdate - ok
10:50:19.0957 0x061c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:50:19.0963 0x061c  gupdatem - ok
10:50:19.0966 0x061c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:50:19.0975 0x061c  hcw85cir - ok
10:50:19.0982 0x061c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:50:19.0997 0x061c  HdAudAddService - ok
10:50:20.0002 0x061c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:50:20.0013 0x061c  HDAudBus - ok
10:50:20.0015 0x061c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
10:50:20.0024 0x061c  HidBatt - ok
10:50:20.0028 0x061c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:50:20.0039 0x061c  HidBth - ok
10:50:20.0042 0x061c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\drivers\hidir.sys
10:50:20.0052 0x061c  HidIr - ok
10:50:20.0055 0x061c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\system32\hidserv.dll
10:50:20.0077 0x061c  hidserv - ok
10:50:20.0080 0x061c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:50:20.0088 0x061c  HidUsb - ok
10:50:20.0092 0x061c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:50:20.0115 0x061c  hkmsvc - ok
10:50:20.0121 0x061c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:50:20.0133 0x061c  HomeGroupListener - ok
10:50:20.0138 0x061c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:50:20.0151 0x061c  HomeGroupProvider - ok
10:50:20.0154 0x061c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:50:20.0162 0x061c  HpSAMD - ok
10:50:20.0176 0x061c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:50:20.0195 0x061c  HTTP - ok
10:50:20.0198 0x061c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:50:20.0205 0x061c  hwpolicy - ok
10:50:20.0208 0x061c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:50:20.0218 0x061c  i8042prt - ok
10:50:20.0227 0x061c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
10:50:20.0239 0x061c  iaStorV - ok
10:50:20.0243 0x061c  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:50:20.0248 0x061c  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
10:50:22.0686 0x061c  Detect skipped due to KSN trusted
10:50:22.0686 0x061c  IDriverT - ok
10:50:22.0714 0x061c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:50:22.0745 0x061c  idsvc - ok
10:50:22.0748 0x061c  IEEtwCollectorService - ok
10:50:22.0751 0x061c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
10:50:22.0758 0x061c  iirsp - ok
10:50:22.0774 0x061c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:50:22.0796 0x061c  IKEEXT - ok
10:50:22.0864 0x061c  [ D2B1DA73B6E8769A1BE1A55693B7F1B3, FE26FEAD6A45E4596A7CA9689B66511C4BCB4686A1914505257648DCE048CA26 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:50:22.0933 0x061c  IntcAzAudAddService - ok
10:50:22.0939 0x061c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:50:22.0946 0x061c  intelide - ok
10:50:22.0949 0x061c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:50:22.0958 0x061c  intelppm - ok
10:50:22.0962 0x061c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
10:50:22.0986 0x061c  IPBusEnum - ok
10:50:22.0989 0x061c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:50:23.0011 0x061c  IpFilterDriver - ok
10:50:23.0022 0x061c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:50:23.0040 0x061c  iphlpsvc - ok
10:50:23.0044 0x061c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
10:50:23.0053 0x061c  IPMIDRV - ok
10:50:23.0057 0x061c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
10:50:23.0079 0x061c  IPNAT - ok
10:50:23.0092 0x061c  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:50:23.0106 0x061c  iPod Service - ok
10:50:23.0109 0x061c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:50:23.0121 0x061c  IRENUM - ok
10:50:23.0123 0x061c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:50:23.0130 0x061c  isapnp - ok
10:50:23.0137 0x061c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:50:23.0147 0x061c  iScsiPrt - ok
10:50:23.0150 0x061c  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
10:50:23.0156 0x061c  iusb3hcs - ok
10:50:23.0165 0x061c  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
10:50:23.0176 0x061c  iusb3hub - ok
10:50:23.0191 0x061c  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
10:50:23.0208 0x061c  iusb3xhc - ok
10:50:23.0212 0x061c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:50:23.0219 0x061c  kbdclass - ok
10:50:23.0221 0x061c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:50:23.0230 0x061c  kbdhid - ok
10:50:23.0233 0x061c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso          C:\Windows\system32\lsass.exe
10:50:23.0242 0x061c  KeyIso - ok
10:50:23.0245 0x061c  [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:50:23.0253 0x061c  KSecDD - ok
10:50:23.0258 0x061c  [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
10:50:23.0267 0x061c  KSecPkg - ok
10:50:23.0269 0x061c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
10:50:23.0291 0x061c  ksthunk - ok
10:50:23.0298 0x061c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
10:50:23.0326 0x061c  KtmRm - ok
10:50:23.0332 0x061c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:50:23.0359 0x061c  LanmanServer - ok
10:50:23.0362 0x061c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:50:23.0387 0x061c  LanmanWorkstation - ok
10:50:23.0392 0x061c  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
10:50:23.0398 0x061c  lirsgt - ok
10:50:23.0401 0x061c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:50:23.0423 0x061c  lltdio - ok
10:50:23.0430 0x061c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
10:50:23.0456 0x061c  lltdsvc - ok
10:50:23.0459 0x061c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
10:50:23.0482 0x061c  lmhosts - ok
10:50:23.0486 0x061c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:50:23.0495 0x061c  LSI_FC - ok
10:50:23.0499 0x061c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
10:50:23.0507 0x061c  LSI_SAS - ok
10:50:23.0510 0x061c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:50:23.0518 0x061c  LSI_SAS2 - ok
10:50:23.0522 0x061c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:50:23.0530 0x061c  LSI_SCSI - ok
10:50:23.0534 0x061c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
10:50:23.0558 0x061c  luafv - ok
10:50:23.0561 0x061c  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
10:50:23.0568 0x061c  MBAMProtector - ok
10:50:23.0639 0x061c  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService    D:\Malwarebytes' Anti-Malware\mbamservice.exe
10:50:23.0662 0x061c  MBAMService - ok
10:50:23.0666 0x061c  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
10:50:23.0673 0x061c  MBAMWebAccessControl - ok
10:50:23.0677 0x061c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
10:50:23.0688 0x061c  Mcx2Svc - ok
10:50:23.0691 0x061c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\drivers\megasas.sys
10:50:23.0698 0x061c  megasas - ok
10:50:23.0705 0x061c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:50:23.0716 0x061c  MegaSR - ok
10:50:23.0719 0x061c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
10:50:23.0727 0x061c  MEIx64 - ok
10:50:23.0781 0x061c  Microsoft SharePoint Workspace Audit Service - ok
10:50:23.0786 0x061c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
10:50:23.0824 0x061c  MMCSS - ok
10:50:23.0827 0x061c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
10:50:23.0849 0x061c  Modem - ok
10:50:23.0851 0x061c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
10:50:23.0862 0x061c  monitor - ok
10:50:23.0865 0x061c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:50:23.0872 0x061c  mouclass - ok
10:50:23.0875 0x061c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:50:23.0884 0x061c  mouhid - ok
10:50:23.0888 0x061c  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:50:23.0896 0x061c  mountmgr - ok
10:50:23.0901 0x061c  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:50:23.0909 0x061c  MozillaMaintenance - ok
10:50:23.0914 0x061c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:50:23.0923 0x061c  mpio - ok
10:50:23.0926 0x061c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:50:23.0948 0x061c  mpsdrv - ok
10:50:23.0963 0x061c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:50:23.0998 0x061c  MpsSvc - ok
10:50:24.0003 0x061c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:50:24.0013 0x061c  MRxDAV - ok
10:50:24.0018 0x061c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:50:24.0028 0x061c  mrxsmb - ok
10:50:24.0035 0x061c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:50:24.0048 0x061c  mrxsmb10 - ok
10:50:24.0052 0x061c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:50:24.0062 0x061c  mrxsmb20 - ok
10:50:24.0065 0x061c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:50:24.0072 0x061c  msahci - ok
10:50:24.0076 0x061c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
10:50:24.0085 0x061c  msdsm - ok
10:50:24.0089 0x061c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
10:50:24.0101 0x061c  MSDTC - ok
10:50:24.0105 0x061c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:50:24.0127 0x061c  Msfs - ok
10:50:24.0129 0x061c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
10:50:24.0151 0x061c  mshidkmdf - ok
10:50:24.0153 0x061c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:50:24.0160 0x061c  msisadrv - ok
10:50:24.0164 0x061c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
10:50:24.0189 0x061c  MSiSCSI - ok
10:50:24.0191 0x061c  msiserver - ok
10:50:24.0193 0x061c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
10:50:24.0215 0x061c  MSKSSRV - ok
10:50:24.0217 0x061c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:50:24.0238 0x061c  MSPCLOCK - ok
10:50:24.0240 0x061c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
10:50:24.0262 0x061c  MSPQM - ok
10:50:24.0270 0x061c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
10:50:24.0282 0x061c  MsRPC - ok
10:50:24.0286 0x061c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:50:24.0292 0x061c  mssmbios - ok
10:50:24.0295 0x061c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
10:50:24.0316 0x061c  MSTEE - ok
10:50:24.0318 0x061c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
10:50:24.0327 0x061c  MTConfig - ok
10:50:24.0330 0x061c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\Windows\system32\Drivers\mup.sys
10:50:24.0338 0x061c  Mup - ok
10:50:24.0347 0x061c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:50:24.0377 0x061c  napagent - ok
10:50:24.0384 0x061c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
10:50:24.0400 0x061c  NativeWifiP - ok
10:50:24.0417 0x061c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:50:24.0437 0x061c  NDIS - ok
10:50:24.0441 0x061c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
10:50:24.0463 0x061c  NdisCap - ok
10:50:24.0465 0x061c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:50:24.0487 0x061c  NdisTapi - ok
10:50:24.0489 0x061c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
10:50:24.0511 0x061c  Ndisuio - ok
10:50:24.0515 0x061c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
10:50:24.0539 0x061c  NdisWan - ok
10:50:24.0542 0x061c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
10:50:24.0564 0x061c  NDProxy - ok
10:50:24.0567 0x061c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
10:50:24.0589 0x061c  NetBIOS - ok
10:50:24.0595 0x061c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
10:50:24.0619 0x061c  NetBT - ok
10:50:24.0622 0x061c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon        C:\Windows\system32\lsass.exe
10:50:24.0631 0x061c  Netlogon - ok
10:50:24.0638 0x061c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:50:24.0666 0x061c  Netman - ok
10:50:24.0671 0x061c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:24.0680 0x061c  NetMsmqActivator - ok
10:50:24.0685 0x061c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:24.0695 0x061c  NetPipeActivator - ok
10:50:24.0704 0x061c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:50:24.0734 0x061c  netprofm - ok
10:50:24.0738 0x061c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:24.0748 0x061c  NetTcpActivator - ok
10:50:24.0751 0x061c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:24.0761 0x061c  NetTcpPortSharing - ok
10:50:24.0764 0x061c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
10:50:24.0771 0x061c  nfrd960 - ok
10:50:24.0778 0x061c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:50:24.0792 0x061c  NlaSvc - ok
10:50:24.0794 0x061c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:50:24.0816 0x061c  Npfs - ok
10:50:24.0819 0x061c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
10:50:24.0843 0x061c  nsi - ok
10:50:24.0845 0x061c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:50:24.0867 0x061c  nsiproxy - ok
10:50:24.0895 0x061c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:50:24.0927 0x061c  Ntfs - ok
10:50:24.0930 0x061c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:50:24.0952 0x061c  Null - ok
10:50:24.0957 0x061c  [ 624C1453F9109D98F7E2612DAD76BBB1, 4578623BF7EA1AF42038070AA3A1A9AC4A9582132ABBFAD9C3A99F46308DE8C3 ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
10:50:24.0966 0x061c  NVHDA - ok
10:50:25.0132 0x061c  [ 3E188568A3D51195399A790B51F0A7B8, 76BBE2F6CD8B67D184FACE85D638E0861842784F5A087A412F0F05AF27079DC4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:50:25.0302 0x061c  nvlddmkm - ok
10:50:25.0342 0x061c  [ F9CF3FB8DD81B390783532B3C98D6976, 8C94638136CFAEB3ED6DD7CE2059E98B64B15918DDB0796CC0B88474EE99F5BF ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
10:50:25.0376 0x061c  NvNetworkService - ok
10:50:25.0382 0x061c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:50:25.0391 0x061c  nvraid - ok
10:50:25.0396 0x061c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:50:25.0405 0x061c  nvstor - ok
10:50:25.0408 0x061c  [ 3A7B0570D896602E37EAF80EC3D1615A, 1F5A71432F96731115ADA2A50E605923666188D08F9FD748424AB6588D0E1482 ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
10:50:25.0414 0x061c  NvStreamKms - ok
10:50:25.0416 0x061c  NvStreamSvc - ok
10:50:25.0434 0x061c  [ D768CA15B379A9611B22719A1364D3C0, 2F2D6143E2B06A3EE7011E559475BFC3DEFC8AB67F1F93404E6B83CDB69185C0 ] nvsvc          C:\Windows\system32\nvvsvc.exe
10:50:25.0455 0x061c  nvsvc - ok
10:50:25.0458 0x061c  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
10:50:25.0464 0x061c  nvvad_WaveExtensible - ok
10:50:25.0468 0x061c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:50:25.0477 0x061c  nv_agp - ok
10:50:25.0480 0x061c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:50:25.0490 0x061c  ohci1394 - ok
10:50:25.0624 0x061c  [ 880CD3C9ACE342F29AB2F90C751B91A4, 7882ED604EE443E182B323D9A38E35B49FD8C28EDC1196B65EDFABB22CBF6161 ] Origin Client Service G:\Origin\OriginClientService.exe
10:50:25.0660 0x061c  Origin Client Service - ok
10:50:25.0666 0x061c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:50:25.0674 0x061c  ose - ok
10:50:25.0750 0x061c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:50:25.0830 0x061c  osppsvc - ok
10:50:25.0843 0x061c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:50:25.0857 0x061c  p2pimsvc - ok
10:50:25.0867 0x061c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:50:25.0883 0x061c  p2psvc - ok
10:50:25.0887 0x061c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
10:50:25.0897 0x061c  Parport - ok
10:50:25.0900 0x061c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
10:50:25.0908 0x061c  partmgr - ok
10:50:25.0913 0x061c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:50:25.0926 0x061c  PcaSvc - ok
10:50:25.0931 0x061c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
10:50:25.0940 0x061c  pci - ok
10:50:25.0942 0x061c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:50:25.0949 0x061c  pciide - ok
10:50:25.0955 0x061c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:50:25.0965 0x061c  pcmcia - ok
10:50:25.0968 0x061c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
10:50:25.0975 0x061c  pcw - ok
10:50:25.0987 0x061c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:50:26.0006 0x061c  PEAUTH - ok
10:50:26.0030 0x061c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
10:50:26.0060 0x061c  PeerDistSvc - ok
10:50:26.0075 0x061c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:50:26.0085 0x061c  PerfHost - ok
10:50:26.0112 0x061c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
10:50:26.0156 0x061c  pla - ok
10:50:26.0166 0x061c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:50:26.0182 0x061c  PlugPlay - ok
10:50:26.0186 0x061c  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
10:50:26.0195 0x061c  PnkBstrA - ok
10:50:26.0197 0x061c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
10:50:26.0207 0x061c  PNRPAutoReg - ok
10:50:26.0214 0x061c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
10:50:26.0228 0x061c  PNRPsvc - ok
10:50:26.0239 0x061c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
10:50:26.0267 0x061c  PolicyAgent - ok
10:50:26.0273 0x061c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power          C:\Windows\system32\umpo.dll
10:50:26.0299 0x061c  Power - ok
10:50:26.0303 0x061c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:50:26.0325 0x061c  PptpMiniport - ok
10:50:26.0328 0x061c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\drivers\processr.sys
10:50:26.0338 0x061c  Processor - ok
10:50:26.0343 0x061c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc        C:\Windows\system32\profsvc.dll
10:50:26.0355 0x061c  ProfSvc - ok
10:50:26.0358 0x061c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
10:50:26.0367 0x061c  ProtectedStorage - ok
10:50:26.0372 0x061c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:50:26.0394 0x061c  Psched - ok
10:50:26.0420 0x061c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:50:26.0449 0x061c  ql2300 - ok
10:50:26.0454 0x061c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:50:26.0482 0x061c  ql40xx - ok
10:50:26.0488 0x061c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
10:50:26.0504 0x061c  QWAVE - ok
10:50:26.0506 0x061c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:50:26.0518 0x061c  QWAVEdrv - ok
10:50:26.0521 0x061c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:50:26.0543 0x061c  RasAcd - ok
10:50:26.0546 0x061c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
10:50:26.0569 0x061c  RasAgileVpn - ok
10:50:26.0573 0x061c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
10:50:26.0598 0x061c  RasAuto - ok
10:50:26.0602 0x061c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
10:50:26.0624 0x061c  Rasl2tp - ok
10:50:26.0632 0x061c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:50:26.0659 0x061c  RasMan - ok
10:50:26.0663 0x061c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:50:26.0686 0x061c  RasPppoe - ok
10:50:26.0689 0x061c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
10:50:26.0711 0x061c  RasSstp - ok
10:50:26.0718 0x061c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
10:50:26.0743 0x061c  rdbss - ok
10:50:26.0746 0x061c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:50:26.0756 0x061c  rdpbus - ok
10:50:26.0759 0x061c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:50:26.0781 0x061c  RDPCDD - ok
10:50:26.0787 0x061c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
10:50:26.0797 0x061c  RDPDR - ok
10:50:26.0799 0x061c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:50:26.0821 0x061c  RDPENCDD - ok
10:50:26.0824 0x061c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:50:26.0846 0x061c  RDPREFMP - ok
10:50:26.0850 0x061c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:50:26.0858 0x061c  RdpVideoMiniport - ok
10:50:26.0864 0x061c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
10:50:26.0875 0x061c  RDPWD - ok
10:50:26.0881 0x061c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:50:26.0890 0x061c  rdyboost - ok
10:50:26.0894 0x061c  [ E1A6731867765FBC01B37150AEFC00F3, 4ADB0FE791ACF0BBCF314FB73AE6025D70BAFB8DF925B4A4CFB3B50EA191C94E ] Realtek11nSU    C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
10:50:26.0898 0x061c  Realtek11nSU - detected UnsignedFile.Multi.Generic ( 1 )
10:50:29.0351 0x061c  Detect skipped due to KSN trusted
10:50:29.0351 0x061c  Realtek11nSU - ok
10:50:29.0357 0x061c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:50:29.0401 0x061c  RemoteAccess - ok
10:50:29.0406 0x061c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:50:29.0432 0x061c  RemoteRegistry - ok
10:50:29.0436 0x061c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:50:29.0461 0x061c  RpcEptMapper - ok
10:50:29.0464 0x061c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:50:29.0474 0x061c  RpcLocator - ok
10:50:29.0483 0x061c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
10:50:29.0514 0x061c  RpcSs - ok
10:50:29.0518 0x061c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:50:29.0541 0x061c  rspndr - ok
10:50:29.0559 0x061c  [ D2D055E7ED70A5EE885D17D35DF97E80, 51781E55EEE111140A261822D3F78D76AD288E9DDF8578E236358E0AEB872C2F ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
10:50:29.0579 0x061c  RTL8167 - ok
10:50:29.0593 0x061c  [ 216BBB8753FE1C9F79716AB8851FB4E1, DF697B864AE92CB863E9DB6980810EAD8EF4CB9C871CE0DB9E83C2F9447A62A8 ] RTL8192su      C:\Windows\system32\DRIVERS\RTL8192su.sys
10:50:29.0610 0x061c  RTL8192su - ok
10:50:29.0613 0x061c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap          C:\Windows\system32\drivers\vms3cap.sys
10:50:29.0622 0x061c  s3cap - ok
10:50:29.0624 0x061c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs          C:\Windows\system32\lsass.exe
10:50:29.0633 0x061c  SamSs - ok
10:50:29.0637 0x061c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:50:29.0645 0x061c  sbp2port - ok
10:50:29.0650 0x061c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:50:29.0677 0x061c  SCardSvr - ok
10:50:29.0679 0x061c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:50:29.0701 0x061c  scfilter - ok
10:50:29.0721 0x061c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:50:29.0760 0x061c  Schedule - ok
10:50:29.0764 0x061c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
10:50:29.0787 0x061c  SCPolicySvc - ok
10:50:29.0800 0x061c  [ 958E956E119EB7B9ABA142AFED1B5FF4, DB76B53124C91C959AF6F6E3FA8BEE4B74C1D7CB4684CD88380270CFF3C4469F ] ScsiAccess      C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
10:50:29.0808 0x061c  ScsiAccess - ok
10:50:29.0813 0x061c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:50:29.0825 0x061c  SDRSVC - ok
10:50:29.0827 0x061c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:50:29.0849 0x061c  secdrv - ok
10:50:29.0852 0x061c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:50:29.0875 0x061c  seclogon - ok
10:50:29.0878 0x061c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:50:29.0901 0x061c  SENS - ok
10:50:29.0904 0x061c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:50:29.0914 0x061c  SensrSvc - ok
10:50:29.0917 0x061c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
10:50:29.0925 0x061c  Serenum - ok
10:50:29.0929 0x061c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:50:29.0939 0x061c  Serial - ok
10:50:29.0941 0x061c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:50:29.0950 0x061c  sermouse - ok
10:50:29.0957 0x061c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:50:29.0980 0x061c  SessionEnv - ok
10:50:29.0982 0x061c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
10:50:29.0992 0x061c  sffdisk - ok
10:50:29.0995 0x061c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:50:30.0005 0x061c  sffp_mmc - ok
10:50:30.0007 0x061c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
10:50:30.0017 0x061c  sffp_sd - ok
10:50:30.0020 0x061c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
10:50:30.0028 0x061c  sfloppy - ok
10:50:30.0036 0x061c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:50:30.0064 0x061c  SharedAccess - ok
10:50:30.0072 0x061c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:50:30.0100 0x061c  ShellHWDetection - ok
10:50:30.0103 0x061c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:50:30.0110 0x061c  SiSRaid2 - ok
10:50:30.0113 0x061c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:50:30.0121 0x061c  SiSRaid4 - ok
10:50:30.0161 0x061c  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate    D:\Skype\Updater\Updater.exe
10:50:30.0182 0x061c  SkypeUpdate - ok
10:50:30.0187 0x061c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
10:50:30.0215 0x061c  Smb - ok
10:50:30.0219 0x061c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:50:30.0229 0x061c  SNMPTRAP - ok
10:50:30.0232 0x061c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
10:50:30.0239 0x061c  spldr - ok
10:50:30.0250 0x061c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler        C:\Windows\System32\spoolsv.exe
10:50:30.0268 0x061c  Spooler - ok
10:50:30.0324 0x061c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:50:30.0399 0x061c  sppsvc - ok
10:50:30.0405 0x061c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
10:50:30.0429 0x061c  sppuinotify - ok
10:50:30.0439 0x061c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
10:50:30.0454 0x061c  srv - ok
10:50:30.0462 0x061c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:50:30.0477 0x061c  srv2 - ok
10:50:30.0482 0x061c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:50:30.0492 0x061c  srvnet - ok
10:50:30.0497 0x061c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
10:50:30.0523 0x061c  SSDPSRV - ok
10:50:30.0526 0x061c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
10:50:30.0550 0x061c  SstpSvc - ok
10:50:30.0561 0x061c  [ 6E1A473DD2A4714EAF7D11E2315DF794, 4460546191072C7DF8B2E5A00577BA8E4FF5A1B2EA399DDF65EBE1AE4A5A5C84 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:50:30.0575 0x061c  Steam Client Service - ok
10:50:30.0584 0x061c  [ C64C157B167FE562E8670984E72C25FA, 9302C82A75CA65515297B72F3A6230307AAE0B14FD8C9C7FA343F7B62E5ED376 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:50:30.0596 0x061c  Stereo Service - ok
10:50:30.0599 0x061c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:50:30.0606 0x061c  stexstor - ok
10:50:30.0617 0x061c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:50:30.0640 0x061c  stisvc - ok
10:50:30.0643 0x061c  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt        C:\Windows\system32\drivers\vmstorfl.sys
10:50:30.0650 0x061c  storflt - ok
10:50:30.0653 0x061c  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc        C:\Windows\system32\storsvc.dll
10:50:30.0663 0x061c  StorSvc - ok
10:50:30.0665 0x061c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc        C:\Windows\system32\drivers\storvsc.sys
10:50:30.0672 0x061c  storvsc - ok
10:50:30.0675 0x061c  [ CE2D5CABC80ABC8A605A55C3954FB313, 468FD63049C489515A117906E2D23CE86E3727F4F1613F4BDFC28D0392A35AB6 ] SWDUMon        C:\Windows\system32\DRIVERS\SWDUMon.sys
10:50:30.0682 0x061c  SWDUMon - ok
10:50:30.0684 0x061c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:50:30.0691 0x061c  swenum - ok
10:50:30.0700 0x061c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
10:50:30.0731 0x061c  swprv - ok
10:50:30.0762 0x061c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain        C:\Windows\system32\sysmain.dll
10:50:30.0800 0x061c  SysMain - ok
10:50:30.0805 0x061c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:50:30.0819 0x061c  TabletInputService - ok
10:50:30.0826 0x061c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
10:50:30.0853 0x061c  TapiSrv - ok
10:50:30.0857 0x061c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
10:50:30.0881 0x061c  TBS - ok
10:50:30.0911 0x061c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
10:50:30.0946 0x061c  Tcpip - ok
10:50:30.0979 0x061c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:50:31.0014 0x061c  TCPIP6 - ok
10:50:31.0024 0x061c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:50:31.0033 0x061c  tcpipreg - ok
10:50:31.0036 0x061c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:50:31.0044 0x061c  TDPIPE - ok
10:50:31.0047 0x061c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
10:50:31.0055 0x061c  TDTCP - ok
10:50:31.0059 0x061c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
10:50:31.0069 0x061c  tdx - ok
10:50:31.0072 0x061c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:50:31.0079 0x061c  TermDD - ok
10:50:31.0093 0x061c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService    C:\Windows\System32\termsrv.dll
10:50:31.0112 0x061c  TermService - ok
10:50:31.0115 0x061c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:50:31.0128 0x061c  Themes - ok
10:50:31.0132 0x061c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
10:50:31.0155 0x061c  THREADORDER - ok
10:50:31.0159 0x061c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:50:31.0184 0x061c  TrkWks - ok
10:50:31.0190 0x061c  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt      C:\Windows\system32\drivers\truecrypt.sys
10:50:31.0200 0x061c  truecrypt - ok
10:50:31.0205 0x061c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:50:31.0228 0x061c  TrustedInstaller - ok
10:50:31.0232 0x061c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:50:31.0241 0x061c  tssecsrv - ok
10:50:31.0245 0x061c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:50:31.0253 0x061c  TsUsbFlt - ok
10:50:31.0256 0x061c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
10:50:31.0264 0x061c  TsUsbGD - ok
10:50:31.0269 0x061c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:50:31.0292 0x061c  tunnel - ok
10:50:31.0295 0x061c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:50:31.0302 0x061c  uagp35 - ok
10:50:31.0309 0x061c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:50:31.0336 0x061c  udfs - ok
10:50:31.0340 0x061c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
10:50:31.0352 0x061c  UI0Detect - ok
10:50:31.0355 0x061c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:50:31.0363 0x061c  uliagpkx - ok
10:50:31.0365 0x061c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
10:50:31.0374 0x061c  umbus - ok
10:50:31.0377 0x061c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
10:50:31.0386 0x061c  UmPass - ok
10:50:31.0391 0x061c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
10:50:31.0404 0x061c  UmRdpService - ok
10:50:31.0412 0x061c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:50:31.0440 0x061c  upnphost - ok
10:50:31.0443 0x061c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64      C:\Windows\system32\Drivers\usbaapl64.sys
10:50:31.0452 0x061c  USBAAPL64 - ok
10:50:31.0456 0x061c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
10:50:31.0466 0x061c  usbccgp - ok
10:50:31.0469 0x061c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:50:31.0478 0x061c  usbcir - ok
10:50:31.0482 0x061c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
10:50:31.0490 0x061c  usbehci - ok
10:50:31.0498 0x061c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:50:31.0511 0x061c  usbhub - ok
10:50:31.0514 0x061c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci        C:\Windows\system32\drivers\usbohci.sys
10:50:31.0522 0x061c  usbohci - ok
10:50:31.0524 0x061c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
10:50:31.0534 0x061c  usbprint - ok
10:50:31.0538 0x061c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:50:31.0547 0x061c  USBSTOR - ok
10:50:31.0550 0x061c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
10:50:31.0558 0x061c  usbuhci - ok
10:50:31.0570 0x061c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
10:50:31.0595 0x061c  UxSms - ok
10:50:31.0597 0x061c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc        C:\Windows\system32\lsass.exe
10:50:31.0606 0x061c  VaultSvc - ok
10:50:31.0609 0x061c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:50:31.0616 0x061c  vdrvroot - ok
10:50:31.0627 0x061c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
10:50:31.0659 0x061c  vds - ok
10:50:31.0686 0x061c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
10:50:31.0731 0x061c  vga - ok
10:50:31.0735 0x061c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
10:50:31.0761 0x061c  VgaSave - ok
10:50:31.0767 0x061c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
10:50:31.0777 0x061c  vhdmp - ok
10:50:31.0779 0x061c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:50:31.0786 0x061c  viaide - ok
10:50:31.0791 0x061c  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus          C:\Windows\system32\drivers\vmbus.sys
10:50:31.0801 0x061c  vmbus - ok
10:50:31.0803 0x061c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
10:50:31.0812 0x061c  VMBusHID - ok
10:50:31.0815 0x061c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:50:31.0822 0x061c  volmgr - ok
10:50:31.0830 0x061c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
10:50:31.0842 0x061c  volmgrx - ok
10:50:31.0849 0x061c  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap        C:\Windows\system32\drivers\volsnap.sys
10:50:31.0860 0x061c  volsnap - ok
10:50:31.0866 0x061c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
10:50:31.0875 0x061c  vsmraid - ok
10:50:31.0901 0x061c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
10:50:31.0948 0x061c  VSS - ok
10:50:31.0951 0x061c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
10:50:31.0962 0x061c  vwifibus - ok
10:50:31.0965 0x061c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:50:31.0976 0x061c  vwififlt - ok
10:50:31.0985 0x061c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
10:50:32.0013 0x061c  W32Time - ok
10:50:32.0017 0x061c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:50:32.0027 0x061c  WacomPen - ok
10:50:32.0031 0x061c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:50:32.0053 0x061c  WANARP - ok
10:50:32.0056 0x061c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:50:32.0078 0x061c  Wanarpv6 - ok
10:50:32.0103 0x061c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:50:32.0135 0x061c  wbengine - ok
10:50:32.0142 0x061c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:50:32.0158 0x061c  WbioSrvc - ok
10:50:32.0166 0x061c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
10:50:32.0184 0x061c  wcncsvc - ok
10:50:32.0187 0x061c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:50:32.0198 0x061c  WcsPlugInService - ok
10:50:32.0200 0x061c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
10:50:32.0207 0x061c  Wd - ok
10:50:32.0221 0x061c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:50:32.0240 0x061c  Wdf01000 - ok
10:50:32.0244 0x061c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:50:32.0256 0x061c  WdiServiceHost - ok
10:50:32.0259 0x061c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost  C:\Windows\system32\wdi.dll
10:50:32.0270 0x061c  WdiSystemHost - ok
10:50:32.0276 0x061c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient      C:\Windows\System32\webclnt.dll
10:50:32.0290 0x061c  WebClient - ok
10:50:32.0296 0x061c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:50:32.0322 0x061c  Wecsvc - ok
10:50:32.0326 0x061c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
10:50:32.0350 0x061c  wercplsupport - ok
10:50:32.0354 0x061c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:50:32.0378 0x061c  WerSvc - ok
10:50:32.0380 0x061c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:50:32.0402 0x061c  WfpLwf - ok
10:50:32.0404 0x061c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:50:32.0411 0x061c  WIMMount - ok
10:50:32.0413 0x061c  WinDefend - ok
10:50:32.0417 0x061c  WinHttpAutoProxySvc - ok
10:50:32.0425 0x061c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
10:50:32.0450 0x061c  Winmgmt - ok
10:50:32.0484 0x061c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM          C:\Windows\system32\WsmSvc.dll
10:50:32.0524 0x061c  WinRM - ok
10:50:32.0531 0x061c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:50:32.0541 0x061c  WinUsb - ok
10:50:32.0557 0x061c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
10:50:32.0584 0x061c  Wlansvc - ok
10:50:32.0624 0x061c  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:50:32.0664 0x061c  wlidsvc - ok
10:50:32.0675 0x061c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
10:50:32.0684 0x061c  WmiAcpi - ok
10:50:32.0690 0x061c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:50:32.0702 0x061c  wmiApSrv - ok
10:50:32.0704 0x061c  WMPNetworkSvc - ok
10:50:32.0707 0x061c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:50:32.0718 0x061c  WPCSvc - ok
10:50:32.0723 0x061c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:50:32.0735 0x061c  WPDBusEnum - ok
10:50:32.0738 0x061c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
10:50:32.0759 0x061c  ws2ifsl - ok
10:50:32.0763 0x061c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:50:32.0777 0x061c  wscsvc - ok
10:50:32.0779 0x061c  WSearch - ok
10:50:32.0827 0x061c  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:50:32.0875 0x061c  wuauserv - ok
10:50:32.0880 0x061c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:50:32.0890 0x061c  WudfPf - ok
10:50:32.0896 0x061c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:50:32.0907 0x061c  WUDFRd - ok
10:50:32.0910 0x061c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
10:50:32.0921 0x061c  wudfsvc - ok
10:50:32.0927 0x061c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\Windows\System32\wwansvc.dll
10:50:32.0941 0x061c  WwanSvc - ok
10:50:32.0944 0x061c  ================ Scan global ===============================
10:50:32.0947 0x061c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:50:32.0952 0x061c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
10:50:32.0961 0x061c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
10:50:32.0968 0x061c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:50:32.0976 0x061c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:50:32.0982 0x061c  [ Global ] - ok
10:50:32.0982 0x061c  ================ Scan MBR ==================================
10:50:32.0983 0x061c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:50:33.0058 0x061c  \Device\Harddisk1\DR1 - ok
10:50:33.0061 0x061c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:50:33.0124 0x061c  \Device\Harddisk0\DR0 - ok
10:50:33.0141 0x061c  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
10:50:33.0260 0x061c  \Device\Harddisk2\DR2 - detected TDSS File System ( 1 )
10:50:33.0260 0x061c  \Device\Harddisk2\DR2 ( TDSS File System ) - warning
10:50:35.0685 0x061c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
10:50:35.0767 0x061c  \Device\Harddisk3\DR3 - ok
10:50:35.0771 0x061c  [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk4\DR4
10:50:35.0832 0x061c  \Device\Harddisk4\DR4 - ok
10:50:35.0832 0x061c  ================ Scan VBR ==================================
10:50:35.0857 0x061c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
10:50:35.0857 0x061c  \Device\Harddisk1\DR1\Partition1 - ok
10:50:35.0878 0x061c  [ 9A6817862D87A9770C14D17DBE88B2B1 ] \Device\Harddisk1\DR1\Partition2
10:50:35.0949 0x061c  \Device\Harddisk1\DR1\Partition2 - ok
10:50:35.0978 0x061c  [ 658216DF9A80071CD89E9DADBA817322 ] \Device\Harddisk1\DR1\Partition3
10:50:36.0036 0x061c  \Device\Harddisk1\DR1\Partition3 - ok
10:50:36.0039 0x061c  [ 7B435AE345F8F63103F234AE0496FD54 ] \Device\Harddisk0\DR0\Partition1
10:50:36.0041 0x061c  \Device\Harddisk0\DR0\Partition1 - ok
10:50:36.0043 0x061c  [ 5C55994C42B6ADD9F277CB15657E8878 ] \Device\Harddisk0\DR0\Partition2
10:50:36.0045 0x061c  \Device\Harddisk0\DR0\Partition2 - ok
10:50:36.0048 0x061c  [ F5702576E9FBB5621D606ECBD6CFCA52 ] \Device\Harddisk2\DR2\Partition1
10:50:36.0050 0x061c  \Device\Harddisk2\DR2\Partition1 - ok
10:50:36.0052 0x061c  [ 879CD96E61C9DD30DC357048FDD07650 ] \Device\Harddisk2\DR2\Partition2
10:50:36.0054 0x061c  \Device\Harddisk2\DR2\Partition2 - ok
10:50:36.0056 0x061c  [ DDE6E425C1F6E124366D43FBD74D0DE6 ] \Device\Harddisk2\DR2\Partition3
10:50:36.0083 0x061c  \Device\Harddisk2\DR2\Partition3 - ok
10:50:36.0085 0x061c  [ F50DAF8BC01CADB98532F6032ED38729 ] \Device\Harddisk3\DR3\Partition1
10:50:36.0128 0x061c  \Device\Harddisk3\DR3\Partition1 - ok
10:50:36.0131 0x061c  [ BD94A2F4CD989037BA4EBB4C0ADC5041 ] \Device\Harddisk4\DR4\Partition1
10:50:36.0132 0x061c  \Device\Harddisk4\DR4\Partition1 - ok
10:50:36.0133 0x061c  ================ Scan generic autorun ======================
10:50:36.0133 0x061c  Nvtmru - ok
10:50:36.0196 0x061c  [ 046DDF9B31BEC14D03CCC97DD728A4D1, D29F49F870B27553E13F9C1486D9B27A27C41FBEC7ACEC77EDFD5552C941E710 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
10:50:36.0242 0x061c  NvBackend - ok
10:50:36.0246 0x061c  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
10:50:36.0257 0x061c  ShadowPlay - ok
10:50:36.0376 0x061c  [ 26E56C4065A4AFB61F38CE9F9DB2BBB9, F969A8EB22CB9F8A5F9E47E7DD53F14F5AF813665DE8A465895A5C216DFA927A ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
10:50:36.0493 0x061c  RTHDVCPL - ok
10:50:36.0504 0x061c  [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
10:50:36.0514 0x061c  USB3MON - ok
10:50:36.0557 0x061c  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] D:\Office 2010\Office14\BCSSync.exe
10:50:36.0565 0x061c  BCSSync - ok
10:50:36.0712 0x061c  [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] D:\Avast Antivir\AvastUI.exe
10:50:36.0822 0x061c  AvastUI.exe - ok
10:50:36.0832 0x061c  [ 34084D25BE6F48D072AA54DE630438FD, 522C96429FC679C2D07E9254E8D1793FEC018D65CD43D88FE9851CC8CEB61A07 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10:50:36.0843 0x061c  SunJavaUpdateSched - ok
10:50:36.0865 0x061c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:50:36.0891 0x061c  Sidebar - ok
10:50:36.0895 0x061c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:50:36.0908 0x061c  mctadmin - ok
10:50:36.0929 0x061c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:50:36.0956 0x061c  Sidebar - ok
10:50:36.0960 0x061c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:50:36.0974 0x061c  mctadmin - ok
10:50:36.0992 0x061c  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Scotty\AppData\Local\FluxSoftware\Flux\flux.exe
10:50:37.0013 0x061c  f.lux - ok
10:50:37.0014 0x061c  Waiting for KSN requests completion. In queue: 302
10:50:38.0015 0x061c  Waiting for KSN requests completion. In queue: 302
10:50:39.0015 0x061c  Waiting for KSN requests completion. In queue: 302
10:50:40.0059 0x061c  AV detected via SS2: avast! Antivirus, D:\Avast Antivir\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
10:50:40.0066 0x061c  Win FW state via NFP2: enabled
10:50:42.0433 0x061c  ============================================================
10:50:42.0433 0x061c  Scan finished
10:50:42.0433 0x061c  ============================================================
10:50:42.0442 0x140c  Detected object count: 1
10:50:42.0442 0x140c  Actual detected object count: 1
10:51:14.0153 0x140c  \Device\Harddisk2\DR2 ( TDSS File System ) - skipped by user
10:51:14.0153 0x140c  \Device\Harddisk2\DR2 ( TDSS File System ) - User select action: Skip

schrauber 08.07.2015 12:55
Zitat:
10:51:14.0153 0x140c \Device\Harddisk2\DR2 ( TDSS File System ) - skipped by user
10:51:14.0153 0x140c \Device\Harddisk2\DR2 ( TDSS File System ) - User select action: Skip


Starte TDSSkiller.exe mit Doppelklick.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Drücke auf Start Scan.
    Mache während dem Scan nichts am Rechner
  • Gehe sicher das Cure ( default ) angehackt ist !
  • Drücke Continue --> Reboot.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.

Carso 08.07.2015 18:23
Hallo,

die Option cure steht leider nicht zur Auswahl. Ich kann nur:
  • Skip
  • Copy to qurantine
  • delete
auswählen.

Ich hatte gerade einen Blue Screen (was sonst nicht passiert). Whocrashed (das vorher keine Crashdumps gefunden hat) sagt dazu:

Code:
On Wed 08.07.2015 17:11:27 GMT your computer crashed
crash dump file: C:\Windows\Minidump\070815-14352-01.dmp
This was probably caused by the following module: bckd.sys (bckd+0x1D7B)
Bugcheck code: 0x1000007E (0xFFFFFFFFC0000005, 0xFFFFF8800B5B7D7B, 0xFFFFF8800B651798, 0xFFFFF8800B650FF0)
Error: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M
file path: C:\Windows\system32\drivers\bckd.sys
product: K9 Web Protection
company: Blue Coat Systems, Inc.
description: K9 Web Protection Driver (WFP)
Bug check description: This indicates that a system thread generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: bckd.sys (K9 Web Protection Driver (WFP), Blue Coat Systems, Inc.).
Google query: bckd.sys Blue Coat Systems, Inc. SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M
Ich habe das entsprechende Programm nun deinstalliert.
Kann es vielleicht daran gelegen haben? Wie gesagt waren die Fehler bisher aber keine BlueScreens. Ich werde weiterhin beobachten.

schrauber 09.07.2015 08:31
Dann bitte delete wählen, Log posten. Dann nochmal einen neuen Scan mit TDSSKiller machen.

Carso 09.07.2015 10:40
Habe den Fund gelöscht. Hier der Log von dem Suchlauf:

Code:
11:36:46.0215 0x1370  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
11:36:47.0818 0x1370  ============================================================
11:36:47.0819 0x1370  Current date / time: 2015/07/09 11:36:47.0818
11:36:47.0819 0x1370  SystemInfo:
11:36:47.0819 0x1370 
11:36:47.0819 0x1370  OS Version: 6.1.7601 ServicePack: 1.0
11:36:47.0819 0x1370  Product type: Workstation
11:36:47.0819 0x1370  ComputerName: SCOTTY-PC
11:36:47.0819 0x1370  UserName: Scotty
11:36:47.0819 0x1370  Windows directory: C:\Windows
11:36:47.0819 0x1370  System windows directory: C:\Windows
11:36:47.0819 0x1370  Running under WOW64
11:36:47.0819 0x1370  Processor architecture: Intel x64
11:36:47.0819 0x1370  Number of processors: 4
11:36:47.0819 0x1370  Page size: 0x1000
11:36:47.0819 0x1370  Boot type: Normal boot
11:36:47.0819 0x1370  ============================================================
11:36:48.0142 0x1370  KLMD registered as C:\Windows\system32\drivers\71106820.sys
11:36:48.0221 0x1370  System UUID: {6FC7F923-4DD5-E1D5-DA64-BC184AF8A0AF}
11:36:48.0491 0x1370  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:36:48.0492 0x1370  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:36:53.0457 0x1370  Drive \Device\Harddisk2\DR2 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:36:53.0465 0x1370  Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:36:53.0467 0x1370  Drive \Device\Harddisk4\DR4 - Size: 0x1E150DE00 ( 7.52 Gb ), SectorSize: 0x200, Cylinders: 0x3D5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:36:53.0468 0x1370  ============================================================
11:36:53.0468 0x1370  \Device\Harddisk1\DR1:
11:36:53.0468 0x1370  GPT partitions:
11:36:53.0468 0x1370  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {C6CE7D1F-3DC3-46E5-BF1B-DB8A98A3DE80}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
11:36:53.0469 0x1370  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {38C72D1D-ACB6-4E1B-AF9D-D9D07FB8DBA7}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746E4000
11:36:53.0469 0x1370  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3EB24C8A-DBA7-4135-A348-520086F9A7EE}, Name: Basic data partition, StartLBA 0x74724800, BlocksNum 0x746E3800
11:36:53.0469 0x1370  MBR partitions:
11:36:53.0469 0x1370  \Device\Harddisk0\DR0:
11:36:53.0469 0x1370  MBR partitions:
11:36:53.0469 0x1370  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:36:53.0469 0x1370  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
11:36:53.0469 0x1370  \Device\Harddisk2\DR2:
11:36:53.0482 0x1370  MBR partitions:
11:36:53.0482 0x1370  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4E26B6E
11:36:53.0482 0x1370  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x4E27000, BlocksNum 0x10320800
11:36:53.0482 0x1370  \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x15147800, BlocksNum 0x102E6800
11:36:53.0482 0x1370  \Device\Harddisk3\DR3:
11:36:53.0483 0x1370  MBR partitions:
11:36:53.0483 0x1370  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
11:36:53.0483 0x1370  \Device\Harddisk4\DR4:
11:36:53.0483 0x1370  MBR partitions:
11:36:53.0483 0x1370  \Device\Harddisk4\DR4\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xF07956
11:36:53.0483 0x1370  ============================================================
11:36:53.0485 0x1370  C: <-> \Device\Harddisk0\DR0\Partition2
11:36:53.0530 0x1370  D: <-> \Device\Harddisk1\DR1\Partition2
11:36:53.0541 0x1370  E: <-> \Device\Harddisk2\DR2\Partition1
11:36:53.0589 0x1370  G: <-> \Device\Harddisk1\DR1\Partition3
11:36:53.0621 0x1370  H: <-> \Device\Harddisk2\DR2\Partition2
11:36:53.0652 0x1370  I: <-> \Device\Harddisk2\DR2\Partition3
11:36:53.0673 0x1370  K: <-> \Device\Harddisk3\DR3\Partition1
11:36:53.0673 0x1370  ============================================================
11:36:53.0674 0x1370  Initialize success
11:36:53.0674 0x1370  ============================================================
11:37:16.0164 0x155c  ============================================================
11:37:16.0164 0x155c  Scan started
11:37:16.0164 0x155c  Mode: Manual; SigCheck; TDLFS;
11:37:16.0164 0x155c  ============================================================
11:37:16.0164 0x155c  KSN ping started
11:37:18.0547 0x155c  KSN ping finished: true
11:37:19.0046 0x155c  ================ Scan system memory ========================
11:37:19.0046 0x155c  System memory - ok
11:37:19.0047 0x155c  ================ Scan services =============================
11:37:19.0078 0x155c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:37:19.0123 0x155c  1394ohci - ok
11:37:19.0132 0x155c  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
11:37:19.0145 0x155c  acedrv11 - ok
11:37:19.0153 0x155c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:37:19.0165 0x155c  ACPI - ok
11:37:19.0167 0x155c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
11:37:19.0177 0x155c  AcpiPmi - ok
11:37:19.0188 0x155c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
11:37:19.0203 0x155c  adp94xx - ok
11:37:19.0211 0x155c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\drivers\adpahci.sys
11:37:19.0223 0x155c  adpahci - ok
11:37:19.0229 0x155c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
11:37:19.0238 0x155c  adpu320 - ok
11:37:19.0242 0x155c  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
11:37:19.0251 0x155c  AeLookupSvc - ok
11:37:19.0261 0x155c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD            C:\Windows\system32\drivers\afd.sys
11:37:19.0279 0x155c  AFD - ok
11:37:19.0282 0x155c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:37:19.0289 0x155c  agp440 - ok
11:37:19.0292 0x155c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
11:37:19.0303 0x155c  ALG - ok
11:37:19.0305 0x155c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:37:19.0311 0x155c  aliide - ok
11:37:19.0314 0x155c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:37:19.0320 0x155c  amdide - ok
11:37:19.0323 0x155c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
11:37:19.0332 0x155c  AmdK8 - ok
11:37:19.0335 0x155c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:37:19.0344 0x155c  AmdPPM - ok
11:37:19.0348 0x155c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
11:37:19.0356 0x155c  amdsata - ok
11:37:19.0361 0x155c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:37:19.0371 0x155c  amdsbs - ok
11:37:19.0374 0x155c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata        C:\Windows\system32\drivers\amdxata.sys
11:37:19.0380 0x155c  amdxata - ok
11:37:19.0383 0x155c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID          C:\Windows\system32\drivers\appid.sys
11:37:19.0392 0x155c  AppID - ok
11:37:19.0394 0x155c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:37:19.0403 0x155c  AppIDSvc - ok
11:37:19.0406 0x155c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo        C:\Windows\System32\appinfo.dll
11:37:19.0415 0x155c  Appinfo - ok
11:37:19.0420 0x155c  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:37:19.0426 0x155c  Apple Mobile Device - ok
11:37:19.0432 0x155c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt        C:\Windows\System32\appmgmts.dll
11:37:19.0443 0x155c  AppMgmt - ok
11:37:19.0446 0x155c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\drivers\arc.sys
11:37:19.0454 0x155c  arc - ok
11:37:19.0457 0x155c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:37:19.0465 0x155c  arcsas - ok
11:37:19.0477 0x155c  [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT            C:\Windows\SysWOW64\ASGT.exe
11:37:19.0481 0x155c  ASGT - detected UnsignedFile.Multi.Generic ( 1 )
11:37:21.0829 0x155c  Detect skipped due to KSN trusted
11:37:21.0829 0x155c  ASGT - ok
11:37:21.0841 0x155c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:37:21.0857 0x155c  aspnet_state - ok
11:37:21.0861 0x155c  [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid        C:\Windows\system32\drivers\aswHwid.sys
11:37:21.0869 0x155c  aswHwid - ok
11:37:21.0873 0x155c  [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt      C:\Windows\system32\drivers\aswMonFlt.sys
11:37:21.0881 0x155c  aswMonFlt - ok
11:37:21.0885 0x155c  [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
11:37:21.0892 0x155c  aswRdr - ok
11:37:21.0896 0x155c  [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt        C:\Windows\system32\drivers\aswRvrt.sys
11:37:21.0903 0x155c  aswRvrt - ok
11:37:21.0921 0x155c  [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
11:37:21.0943 0x155c  aswSnx - ok
11:37:21.0953 0x155c  [ A04F190FCD762E7BCC9BFC70563C52DB, 2BF6823F2EADBDA28DF1CCECCAC84D9FF37D3CFB66A7B402575C6B9FCFB45EB3 ] aswSP          C:\Windows\system32\drivers\aswSP.sys
11:37:21.0965 0x155c  aswSP - ok
11:37:21.0970 0x155c  [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm          C:\Windows\system32\drivers\aswStm.sys
11:37:21.0977 0x155c  aswStm - ok
11:37:21.0984 0x155c  [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
11:37:21.0995 0x155c  aswVmm - ok
11:37:21.0997 0x155c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:37:22.0019 0x155c  AsyncMac - ok
11:37:22.0021 0x155c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
11:37:22.0027 0x155c  atapi - ok
11:37:22.0035 0x155c  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
11:37:22.0044 0x155c  atksgt - ok
11:37:22.0058 0x155c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:37:22.0078 0x155c  AudioEndpointBuilder - ok
11:37:22.0090 0x155c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:37:22.0108 0x155c  AudioSrv - ok
11:37:22.0170 0x155c  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus D:\Avast Antivir\AvastSvc.exe
11:37:22.0189 0x155c  avast! Antivirus - ok
11:37:22.0193 0x155c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:37:22.0206 0x155c  AxInstSV - ok
11:37:22.0216 0x155c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
11:37:22.0233 0x155c  b06bdrv - ok
11:37:22.0239 0x155c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:37:22.0253 0x155c  b57nd60a - ok
11:37:22.0257 0x155c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:37:22.0266 0x155c  BDESVC - ok
11:37:22.0269 0x155c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:37:22.0289 0x155c  Beep - ok
11:37:22.0302 0x155c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
11:37:22.0324 0x155c  BFE - ok
11:37:22.0340 0x155c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:37:22.0377 0x155c  BITS - ok
11:37:22.0381 0x155c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:37:22.0389 0x155c  blbdrive - ok
11:37:22.0399 0x155c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:37:22.0411 0x155c  Bonjour Service - ok
11:37:22.0415 0x155c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:37:22.0424 0x155c  bowser - ok
11:37:22.0426 0x155c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:37:22.0436 0x155c  BrFiltLo - ok
11:37:22.0438 0x155c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:37:22.0448 0x155c  BrFiltUp - ok
11:37:22.0453 0x155c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
11:37:22.0463 0x155c  Browser - ok
11:37:22.0470 0x155c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
11:37:22.0483 0x155c  Brserid - ok
11:37:22.0486 0x155c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:37:22.0496 0x155c  BrSerWdm - ok
11:37:22.0498 0x155c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:37:22.0507 0x155c  BrUsbMdm - ok
11:37:22.0509 0x155c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:37:22.0517 0x155c  BrUsbSer - ok
11:37:22.0520 0x155c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:37:22.0530 0x155c  BTHMODEM - ok
11:37:22.0534 0x155c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
11:37:22.0557 0x155c  bthserv - ok
11:37:22.0560 0x155c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:37:22.0585 0x155c  cdfs - ok
11:37:22.0589 0x155c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
11:37:22.0600 0x155c  cdrom - ok
11:37:22.0604 0x155c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
11:37:22.0625 0x155c  CertPropSvc - ok
11:37:22.0628 0x155c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:37:22.0638 0x155c  circlass - ok
11:37:22.0646 0x155c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
11:37:22.0659 0x155c  CLFS - ok
11:37:22.0664 0x155c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:37:22.0672 0x155c  clr_optimization_v2.0.50727_32 - ok
11:37:22.0678 0x155c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:37:22.0686 0x155c  clr_optimization_v2.0.50727_64 - ok
11:37:22.0692 0x155c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:37:22.0702 0x155c  clr_optimization_v4.0.30319_32 - ok
11:37:22.0705 0x155c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:37:22.0714 0x155c  clr_optimization_v4.0.30319_64 - ok
11:37:22.0717 0x155c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:37:22.0726 0x155c  CmBatt - ok
11:37:22.0728 0x155c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:37:22.0735 0x155c  cmdide - ok
11:37:22.0744 0x155c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG            C:\Windows\system32\Drivers\cng.sys
11:37:22.0762 0x155c  CNG - ok
11:37:22.0765 0x155c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:37:22.0772 0x155c  Compbatt - ok
11:37:22.0774 0x155c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:37:22.0784 0x155c  CompositeBus - ok
11:37:22.0786 0x155c  COMSysApp - ok
11:37:22.0789 0x155c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
11:37:22.0795 0x155c  crcdisk - ok
11:37:22.0801 0x155c  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:37:22.0813 0x155c  CryptSvc - ok
11:37:22.0824 0x155c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC            C:\Windows\system32\drivers\csc.sys
11:37:22.0841 0x155c  CSC - ok
11:37:22.0855 0x155c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
11:37:22.0875 0x155c  CscService - ok
11:37:22.0886 0x155c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:37:22.0918 0x155c  DcomLaunch - ok
11:37:22.0925 0x155c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
11:37:22.0952 0x155c  defragsvc - ok
11:37:22.0956 0x155c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:37:22.0979 0x155c  DfsC - ok
11:37:22.0986 0x155c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:37:23.0001 0x155c  Dhcp - ok
11:37:23.0024 0x155c  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack      C:\Windows\system32\diagtrack.dll
11:37:23.0056 0x155c  DiagTrack - ok
11:37:23.0098 0x155c  [ 05F99DFF3A8D705F9AA6B87224F7BEB1, DDE133A44A330A07A0EB961559C840BBFC9D9E0CCA27DE0B4284C76BCAD31EDE ] DirMngr        D:\GnuPG\dirmngr.exe
11:37:23.0111 0x155c  DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
11:37:25.0460 0x155c  Detect skipped due to KSN trusted
11:37:25.0460 0x155c  DirMngr - ok
11:37:25.0465 0x155c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:37:25.0497 0x155c  discache - ok
11:37:25.0500 0x155c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
11:37:25.0508 0x155c  Disk - ok
11:37:25.0511 0x155c  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc          C:\Windows\system32\drivers\dmvsc.sys
11:37:25.0520 0x155c  dmvsc - ok
11:37:25.0526 0x155c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:37:25.0539 0x155c  Dnscache - ok
11:37:25.0546 0x155c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
11:37:25.0571 0x155c  dot3svc - ok
11:37:25.0576 0x155c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
11:37:25.0600 0x155c  DPS - ok
11:37:25.0602 0x155c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
11:37:25.0610 0x155c  drmkaud - ok
11:37:25.0616 0x155c  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01    C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:37:25.0626 0x155c  dtsoftbus01 - ok
11:37:25.0644 0x155c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
11:37:25.0664 0x155c  DXGKrnl - ok
11:37:25.0669 0x155c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
11:37:25.0692 0x155c  EapHost - ok
11:37:25.0743 0x155c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\drivers\evbda.sys
11:37:25.0811 0x155c  ebdrv - ok
11:37:25.0816 0x155c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS            C:\Windows\System32\lsass.exe
11:37:25.0825 0x155c  EFS - ok
11:37:25.0840 0x155c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
11:37:25.0861 0x155c  ehRecvr - ok
11:37:25.0865 0x155c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
11:37:25.0876 0x155c  ehSched - ok
11:37:25.0887 0x155c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
11:37:25.0903 0x155c  elxstor - ok
11:37:25.0905 0x155c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:37:25.0914 0x155c  ErrDev - ok
11:37:25.0924 0x155c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
11:37:25.0953 0x155c  EventSystem - ok
11:37:25.0958 0x155c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
11:37:25.0982 0x155c  exfat - ok
11:37:25.0987 0x155c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
11:37:26.0011 0x155c  fastfat - ok
11:37:26.0024 0x155c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
11:37:26.0044 0x155c  Fax - ok
11:37:26.0048 0x155c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\drivers\fdc.sys
11:37:26.0056 0x155c  fdc - ok
11:37:26.0058 0x155c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
11:37:26.0080 0x155c  fdPHost - ok
11:37:26.0082 0x155c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:37:26.0104 0x155c  FDResPub - ok
11:37:26.0107 0x155c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:37:26.0114 0x155c  FileInfo - ok
11:37:26.0117 0x155c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
11:37:26.0138 0x155c  Filetrace - ok
11:37:26.0141 0x155c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:37:26.0149 0x155c  flpydisk - ok
11:37:26.0156 0x155c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:37:26.0167 0x155c  FltMgr - ok
11:37:26.0188 0x155c  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache      C:\Windows\system32\FntCache.dll
11:37:26.0218 0x155c  FontCache - ok
11:37:26.0221 0x155c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:37:26.0228 0x155c  FontCache3.0.0.0 - ok
11:37:26.0231 0x155c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
11:37:26.0238 0x155c  FsDepends - ok
11:37:26.0240 0x155c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:37:26.0246 0x155c  Fs_Rec - ok
11:37:26.0252 0x155c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:37:26.0264 0x155c  fvevol - ok
11:37:26.0267 0x155c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:37:26.0275 0x155c  gagp30kx - ok
11:37:26.0278 0x155c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:37:26.0283 0x155c  GEARAspiWDM - ok
11:37:26.0303 0x155c  [ 171CCFEB86294AFAA3609DB3899A841E, 0C2162A2D4A276182E922BBEF195CB936ABCBE6729C535CA23CDA9DAD0DDF491 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
11:37:26.0329 0x155c  GfExperienceService - ok
11:37:26.0346 0x155c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\Windows\System32\gpsvc.dll
11:37:26.0381 0x155c  gpsvc - ok
11:37:26.0386 0x155c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:37:26.0392 0x155c  gupdate - ok
11:37:26.0396 0x155c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:37:26.0402 0x155c  gupdatem - ok
11:37:26.0405 0x155c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:37:26.0413 0x155c  hcw85cir - ok
11:37:26.0420 0x155c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:37:26.0436 0x155c  HdAudAddService - ok
11:37:26.0440 0x155c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:37:26.0451 0x155c  HDAudBus - ok
11:37:26.0454 0x155c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
11:37:26.0462 0x155c  HidBatt - ok
11:37:26.0466 0x155c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:37:26.0477 0x155c  HidBth - ok
11:37:26.0480 0x155c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\drivers\hidir.sys
11:37:26.0489 0x155c  HidIr - ok
11:37:26.0492 0x155c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\system32\hidserv.dll
11:37:26.0514 0x155c  hidserv - ok
11:37:26.0517 0x155c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:37:26.0524 0x155c  HidUsb - ok
11:37:26.0528 0x155c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:37:26.0550 0x155c  hkmsvc - ok
11:37:26.0556 0x155c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:37:26.0568 0x155c  HomeGroupListener - ok
11:37:26.0574 0x155c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:37:26.0586 0x155c  HomeGroupProvider - ok
11:37:26.0589 0x155c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:37:26.0597 0x155c  HpSAMD - ok
11:37:26.0611 0x155c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:37:26.0632 0x155c  HTTP - ok
11:37:26.0635 0x155c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:37:26.0641 0x155c  hwpolicy - ok
11:37:26.0645 0x155c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:37:26.0654 0x155c  i8042prt - ok
11:37:26.0663 0x155c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
11:37:26.0677 0x155c  iaStorV - ok
11:37:26.0681 0x155c  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:37:26.0686 0x155c  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
11:37:29.0034 0x155c  Detect skipped due to KSN trusted
11:37:29.0034 0x155c  IDriverT - ok
11:37:29.0062 0x155c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:37:29.0095 0x155c  idsvc - ok
11:37:29.0098 0x155c  IEEtwCollectorService - ok
11:37:29.0101 0x155c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
11:37:29.0108 0x155c  iirsp - ok
11:37:29.0124 0x155c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:37:29.0149 0x155c  IKEEXT - ok
11:37:29.0216 0x155c  [ D2B1DA73B6E8769A1BE1A55693B7F1B3, FE26FEAD6A45E4596A7CA9689B66511C4BCB4686A1914505257648DCE048CA26 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:37:29.0285 0x155c  IntcAzAudAddService - ok
11:37:29.0290 0x155c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:37:29.0297 0x155c  intelide - ok
11:37:29.0300 0x155c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:37:29.0308 0x155c  intelppm - ok
11:37:29.0312 0x155c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
11:37:29.0335 0x155c  IPBusEnum - ok
11:37:29.0339 0x155c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:37:29.0361 0x155c  IpFilterDriver - ok
11:37:29.0372 0x155c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:37:29.0390 0x155c  iphlpsvc - ok
11:37:29.0394 0x155c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
11:37:29.0403 0x155c  IPMIDRV - ok
11:37:29.0407 0x155c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
11:37:29.0430 0x155c  IPNAT - ok
11:37:29.0443 0x155c  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:37:29.0460 0x155c  iPod Service - ok
11:37:29.0462 0x155c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:37:29.0473 0x155c  IRENUM - ok
11:37:29.0476 0x155c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:37:29.0482 0x155c  isapnp - ok
11:37:29.0489 0x155c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:37:29.0501 0x155c  iScsiPrt - ok
11:37:29.0503 0x155c  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
11:37:29.0509 0x155c  iusb3hcs - ok
11:37:29.0516 0x155c  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
11:37:29.0526 0x155c  iusb3hub - ok
11:37:29.0542 0x155c  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
11:37:29.0558 0x155c  iusb3xhc - ok
11:37:29.0562 0x155c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:37:29.0569 0x155c  kbdclass - ok
11:37:29.0571 0x155c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:37:29.0580 0x155c  kbdhid - ok
11:37:29.0583 0x155c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso          C:\Windows\system32\lsass.exe
11:37:29.0591 0x155c  KeyIso - ok
11:37:29.0594 0x155c  [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:37:29.0602 0x155c  KSecDD - ok
11:37:29.0607 0x155c  [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
11:37:29.0616 0x155c  KSecPkg - ok
11:37:29.0618 0x155c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
11:37:29.0639 0x155c  ksthunk - ok
11:37:29.0647 0x155c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
11:37:29.0676 0x155c  KtmRm - ok
11:37:29.0681 0x155c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:37:29.0708 0x155c  LanmanServer - ok
11:37:29.0712 0x155c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:37:29.0736 0x155c  LanmanWorkstation - ok
11:37:29.0740 0x155c  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
11:37:29.0746 0x155c  lirsgt - ok
11:37:29.0749 0x155c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:37:29.0771 0x155c  lltdio - ok
11:37:29.0778 0x155c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
11:37:29.0805 0x155c  lltdsvc - ok
11:37:29.0807 0x155c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
11:37:29.0830 0x155c  lmhosts - ok
11:37:29.0834 0x155c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:37:29.0843 0x155c  LSI_FC - ok
11:37:29.0846 0x155c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
11:37:29.0854 0x155c  LSI_SAS - ok
11:37:29.0857 0x155c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:37:29.0864 0x155c  LSI_SAS2 - ok
11:37:29.0868 0x155c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:37:29.0876 0x155c  LSI_SCSI - ok
11:37:29.0880 0x155c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
11:37:29.0903 0x155c  luafv - ok
11:37:29.0906 0x155c  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
11:37:29.0912 0x155c  MBAMProtector - ok
11:37:29.0985 0x155c  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService    D:\Malwarebytes' Anti-Malware\mbamservice.exe
11:37:30.0024 0x155c  MBAMService - ok
11:37:30.0028 0x155c  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
11:37:30.0035 0x155c  MBAMWebAccessControl - ok
11:37:30.0038 0x155c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
11:37:30.0049 0x155c  Mcx2Svc - ok
11:37:30.0052 0x155c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\drivers\megasas.sys
11:37:30.0059 0x155c  megasas - ok
11:37:30.0065 0x155c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:37:30.0076 0x155c  MegaSR - ok
11:37:30.0080 0x155c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
11:37:30.0086 0x155c  MEIx64 - ok
11:37:30.0134 0x155c  Microsoft SharePoint Workspace Audit Service - ok
11:37:30.0138 0x155c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
11:37:30.0174 0x155c  MMCSS - ok
11:37:30.0177 0x155c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
11:37:30.0199 0x155c  Modem - ok
11:37:30.0202 0x155c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
11:37:30.0211 0x155c  monitor - ok
11:37:30.0214 0x155c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:37:30.0221 0x155c  mouclass - ok
11:37:30.0223 0x155c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:37:30.0232 0x155c  mouhid - ok
11:37:30.0236 0x155c  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:37:30.0243 0x155c  mountmgr - ok
11:37:30.0248 0x155c  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:37:30.0256 0x155c  MozillaMaintenance - ok
11:37:30.0261 0x155c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:37:30.0270 0x155c  mpio - ok
11:37:30.0273 0x155c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:37:30.0295 0x155c  mpsdrv - ok
11:37:30.0310 0x155c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:37:30.0347 0x155c  MpsSvc - ok
11:37:30.0352 0x155c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:37:30.0362 0x155c  MRxDAV - ok
11:37:30.0367 0x155c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:37:30.0377 0x155c  mrxsmb - ok
11:37:30.0384 0x155c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:37:30.0397 0x155c  mrxsmb10 - ok
11:37:30.0401 0x155c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:37:30.0411 0x155c  mrxsmb20 - ok
11:37:30.0413 0x155c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:37:30.0420 0x155c  msahci - ok
11:37:30.0425 0x155c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
11:37:30.0433 0x155c  msdsm - ok
11:37:30.0438 0x155c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
11:37:30.0450 0x155c  MSDTC - ok
11:37:30.0454 0x155c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:37:30.0475 0x155c  Msfs - ok
11:37:30.0477 0x155c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
11:37:30.0498 0x155c  mshidkmdf - ok
11:37:30.0501 0x155c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:37:30.0507 0x155c  msisadrv - ok
11:37:30.0512 0x155c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
11:37:30.0536 0x155c  MSiSCSI - ok
11:37:30.0538 0x155c  msiserver - ok
11:37:30.0541 0x155c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
11:37:30.0562 0x155c  MSKSSRV - ok
11:37:30.0564 0x155c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:37:30.0585 0x155c  MSPCLOCK - ok
11:37:30.0587 0x155c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
11:37:30.0608 0x155c  MSPQM - ok
11:37:30.0616 0x155c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
11:37:30.0629 0x155c  MsRPC - ok
11:37:30.0632 0x155c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:37:30.0639 0x155c  mssmbios - ok
11:37:30.0641 0x155c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
11:37:30.0662 0x155c  MSTEE - ok
11:37:30.0664 0x155c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:37:30.0672 0x155c  MTConfig - ok
11:37:30.0675 0x155c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\Windows\system32\Drivers\mup.sys
11:37:30.0682 0x155c  Mup - ok
11:37:30.0691 0x155c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:37:30.0722 0x155c  napagent - ok
11:37:30.0729 0x155c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
11:37:30.0745 0x155c  NativeWifiP - ok
11:37:30.0763 0x155c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:37:30.0787 0x155c  NDIS - ok
11:37:30.0790 0x155c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
11:37:30.0811 0x155c  NdisCap - ok
11:37:30.0814 0x155c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:37:30.0836 0x155c  NdisTapi - ok
11:37:30.0838 0x155c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
11:37:30.0859 0x155c  Ndisuio - ok
11:37:30.0864 0x155c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
11:37:30.0887 0x155c  NdisWan - ok
11:37:30.0890 0x155c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
11:37:30.0911 0x155c  NDProxy - ok
11:37:30.0914 0x155c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
11:37:30.0935 0x155c  NetBIOS - ok
11:37:30.0941 0x155c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
11:37:30.0966 0x155c  NetBT - ok
11:37:30.0968 0x155c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon        C:\Windows\system32\lsass.exe
11:37:30.0976 0x155c  Netlogon - ok
11:37:30.0984 0x155c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:37:31.0012 0x155c  Netman - ok
11:37:31.0017 0x155c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:31.0027 0x155c  NetMsmqActivator - ok
11:37:31.0031 0x155c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:31.0040 0x155c  NetPipeActivator - ok
11:37:31.0050 0x155c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:37:31.0081 0x155c  netprofm - ok
11:37:31.0085 0x155c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:31.0094 0x155c  NetTcpActivator - ok
11:37:31.0098 0x155c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:31.0107 0x155c  NetTcpPortSharing - ok
11:37:31.0110 0x155c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
11:37:31.0117 0x155c  nfrd960 - ok
11:37:31.0124 0x155c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:37:31.0138 0x155c  NlaSvc - ok
11:37:31.0141 0x155c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:37:31.0162 0x155c  Npfs - ok
11:37:31.0165 0x155c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
11:37:31.0188 0x155c  nsi - ok
11:37:31.0190 0x155c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:37:31.0211 0x155c  nsiproxy - ok
11:37:31.0239 0x155c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:37:31.0276 0x155c  Ntfs - ok
11:37:31.0279 0x155c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:37:31.0300 0x155c  Null - ok
11:37:31.0306 0x155c  [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
11:37:31.0315 0x155c  NVHDA - ok
11:37:31.0480 0x155c  [ BF769EC1CC472FAD4C6EAEEB96ED857E, BBF8BA2B703BF4C36DFC7F69B4D8E477C8162BEC492C6C5D1A7751C19305ABE8 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:37:31.0648 0x155c  nvlddmkm - ok
11:37:31.0686 0x155c  [ 4B1E6975B565883985FB43C3FD6C88C6, D4CCA860A9AFDF5D729885896B3034A55C4778FE0A333C06B8B71C20BF73A48A ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
11:37:31.0724 0x155c  NvNetworkService - ok
11:37:31.0730 0x155c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:37:31.0739 0x155c  nvraid - ok
11:37:31.0743 0x155c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:37:31.0753 0x155c  nvstor - ok
11:37:31.0755 0x155c  [ DD8043B662B1F0CFC037976E38271975, A129975AE17677783A76E8DBEC6D01709BC40202672AAB5BB72A8E19A285C4C9 ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
11:37:31.0761 0x155c  NvStreamKms - ok
11:37:31.0762 0x155c  NvStreamSvc - ok
11:37:31.0786 0x155c  [ 039ACFA07F59DB2109BB6A2C0FA2C0D9, E641179FCDB83BBFFADDDECD646F69D667F494BFC41FCE1F035EE78A944C6D5B ] nvsvc          C:\Windows\system32\nvvsvc.exe
11:37:31.0809 0x155c  nvsvc - ok
11:37:31.0812 0x155c  [ 6AC68DDFCAC19A300D738AF3493E46AA, 4E92215B6E3ED263E89489851C6FEAD08D3155C82A74E880DA460DED0021DF42 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
11:37:31.0819 0x155c  nvvad_WaveExtensible - ok
11:37:31.0823 0x155c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:37:31.0832 0x155c  nv_agp - ok
11:37:31.0835 0x155c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:37:31.0844 0x155c  ohci1394 - ok
11:37:31.0976 0x155c  [ 880CD3C9ACE342F29AB2F90C751B91A4, 7882ED604EE443E182B323D9A38E35B49FD8C28EDC1196B65EDFABB22CBF6161 ] Origin Client Service G:\Origin\OriginClientService.exe
11:37:32.0040 0x155c  Origin Client Service - ok
11:37:32.0046 0x155c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:37:32.0054 0x155c  ose - ok
11:37:32.0129 0x155c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:37:32.0231 0x155c  osppsvc - ok
11:37:32.0243 0x155c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:37:32.0258 0x155c  p2pimsvc - ok
11:37:32.0268 0x155c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:37:32.0285 0x155c  p2psvc - ok
11:37:32.0289 0x155c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
11:37:32.0299 0x155c  Parport - ok
11:37:32.0302 0x155c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
11:37:32.0310 0x155c  partmgr - ok
11:37:32.0315 0x155c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:37:32.0327 0x155c  PcaSvc - ok
11:37:32.0332 0x155c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
11:37:32.0342 0x155c  pci - ok
11:37:32.0344 0x155c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:37:32.0350 0x155c  pciide - ok
11:37:32.0356 0x155c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:37:32.0366 0x155c  pcmcia - ok
11:37:32.0368 0x155c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
11:37:32.0376 0x155c  pcw - ok
11:37:32.0388 0x155c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:37:32.0408 0x155c  PEAUTH - ok
11:37:32.0431 0x155c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
11:37:32.0465 0x155c  PeerDistSvc - ok
11:37:32.0480 0x155c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:37:32.0489 0x155c  PerfHost - ok
11:37:32.0516 0x155c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
11:37:32.0563 0x155c  pla - ok
11:37:32.0573 0x155c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:37:32.0590 0x155c  PlugPlay - ok
11:37:32.0594 0x155c  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
11:37:32.0601 0x155c  PnkBstrA - ok
11:37:32.0604 0x155c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
11:37:32.0613 0x155c  PNRPAutoReg - ok
11:37:32.0621 0x155c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
11:37:32.0634 0x155c  PNRPsvc - ok
11:37:32.0644 0x155c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
11:37:32.0675 0x155c  PolicyAgent - ok
11:37:32.0681 0x155c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power          C:\Windows\system32\umpo.dll
11:37:32.0706 0x155c  Power - ok
11:37:32.0710 0x155c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:37:32.0732 0x155c  PptpMiniport - ok
11:37:32.0735 0x155c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\drivers\processr.sys
11:37:32.0744 0x155c  Processor - ok
11:37:32.0749 0x155c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc        C:\Windows\system32\profsvc.dll
11:37:32.0762 0x155c  ProfSvc - ok
11:37:32.0764 0x155c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
11:37:32.0772 0x155c  ProtectedStorage - ok
11:37:32.0777 0x155c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:37:32.0799 0x155c  Psched - ok
11:37:32.0823 0x155c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:37:32.0859 0x155c  ql2300 - ok
11:37:32.0864 0x155c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:37:32.0909 0x155c  ql40xx - ok
11:37:32.0919 0x155c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
11:37:32.0938 0x155c  QWAVE - ok
11:37:32.0941 0x155c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:37:32.0953 0x155c  QWAVEdrv - ok
11:37:32.0955 0x155c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:37:32.0977 0x155c  RasAcd - ok
11:37:32.0980 0x155c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
11:37:33.0001 0x155c  RasAgileVpn - ok
11:37:33.0005 0x155c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
11:37:33.0029 0x155c  RasAuto - ok
11:37:33.0033 0x155c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
11:37:33.0056 0x155c  Rasl2tp - ok
11:37:33.0063 0x155c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:37:33.0092 0x155c  RasMan - ok
11:37:33.0096 0x155c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:37:33.0118 0x155c  RasPppoe - ok
11:37:33.0122 0x155c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
11:37:33.0144 0x155c  RasSstp - ok
11:37:33.0151 0x155c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
11:37:33.0177 0x155c  rdbss - ok
11:37:33.0179 0x155c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:37:33.0189 0x155c  rdpbus - ok
11:37:33.0191 0x155c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:37:33.0212 0x155c  RDPCDD - ok
11:37:33.0217 0x155c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
11:37:33.0228 0x155c  RDPDR - ok
11:37:33.0231 0x155c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:37:33.0252 0x155c  RDPENCDD - ok
11:37:33.0255 0x155c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:37:33.0276 0x155c  RDPREFMP - ok
11:37:33.0279 0x155c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:37:33.0287 0x155c  RdpVideoMiniport - ok
11:37:33.0293 0x155c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
11:37:33.0304 0x155c  RDPWD - ok
11:37:33.0310 0x155c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:37:33.0320 0x155c  rdyboost - ok
11:37:33.0324 0x155c  [ E1A6731867765FBC01B37150AEFC00F3, 4ADB0FE791ACF0BBCF314FB73AE6025D70BAFB8DF925B4A4CFB3B50EA191C94E ] Realtek11nSU    C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
11:37:33.0328 0x155c  Realtek11nSU - detected UnsignedFile.Multi.Generic ( 1 )
11:37:35.0677 0x155c  Detect skipped due to KSN trusted
11:37:35.0678 0x155c  Realtek11nSU - ok
11:37:35.0684 0x155c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:37:35.0723 0x155c  RemoteAccess - ok
11:37:35.0728 0x155c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:37:35.0754 0x155c  RemoteRegistry - ok
11:37:35.0757 0x155c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:37:35.0781 0x155c  RpcEptMapper - ok
11:37:35.0783 0x155c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:37:35.0792 0x155c  RpcLocator - ok
11:37:35.0802 0x155c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
11:37:35.0831 0x155c  RpcSs - ok
11:37:35.0834 0x155c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:37:35.0856 0x155c  rspndr - ok
11:37:35.0873 0x155c  [ D2D055E7ED70A5EE885D17D35DF97E80, 51781E55EEE111140A261822D3F78D76AD288E9DDF8578E236358E0AEB872C2F ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
11:37:35.0892 0x155c  RTL8167 - ok
11:37:35.0906 0x155c  [ 216BBB8753FE1C9F79716AB8851FB4E1, DF697B864AE92CB863E9DB6980810EAD8EF4CB9C871CE0DB9E83C2F9447A62A8 ] RTL8192su      C:\Windows\system32\DRIVERS\RTL8192su.sys
11:37:35.0925 0x155c  RTL8192su - ok
11:37:35.0928 0x155c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap          C:\Windows\system32\drivers\vms3cap.sys
11:37:35.0935 0x155c  s3cap - ok
11:37:35.0938 0x155c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs          C:\Windows\system32\lsass.exe
11:37:35.0946 0x155c  SamSs - ok
11:37:35.0950 0x155c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:37:35.0957 0x155c  sbp2port - ok
11:37:35.0963 0x155c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:37:35.0988 0x155c  SCardSvr - ok
11:37:35.0991 0x155c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:37:36.0012 0x155c  scfilter - ok
11:37:36.0032 0x155c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
11:37:36.0075 0x155c  Schedule - ok
11:37:36.0079 0x155c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
11:37:36.0100 0x155c  SCPolicySvc - ok
11:37:36.0106 0x155c  [ 958E956E119EB7B9ABA142AFED1B5FF4, DB76B53124C91C959AF6F6E3FA8BEE4B74C1D7CB4684CD88380270CFF3C4469F ] ScsiAccess      C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
11:37:36.0114 0x155c  ScsiAccess - ok
11:37:36.0119 0x155c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:37:36.0132 0x155c  SDRSVC - ok
11:37:36.0134 0x155c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:37:36.0155 0x155c  secdrv - ok
11:37:36.0158 0x155c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
11:37:36.0181 0x155c  seclogon - ok
11:37:36.0184 0x155c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:37:36.0208 0x155c  SENS - ok
11:37:36.0210 0x155c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:37:36.0220 0x155c  SensrSvc - ok
11:37:36.0222 0x155c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
11:37:36.0231 0x155c  Serenum - ok
11:37:36.0234 0x155c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:37:36.0243 0x155c  Serial - ok
11:37:36.0246 0x155c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:37:36.0254 0x155c  sermouse - ok
11:37:36.0261 0x155c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:37:36.0285 0x155c  SessionEnv - ok
11:37:36.0287 0x155c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
11:37:36.0297 0x155c  sffdisk - ok
11:37:36.0299 0x155c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:37:36.0309 0x155c  sffp_mmc - ok
11:37:36.0311 0x155c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
11:37:36.0321 0x155c  sffp_sd - ok
11:37:36.0323 0x155c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
11:37:36.0332 0x155c  sfloppy - ok
11:37:36.0340 0x155c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:37:36.0368 0x155c  SharedAccess - ok
11:37:36.0376 0x155c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:37:36.0406 0x155c  ShellHWDetection - ok
11:37:36.0409 0x155c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:37:36.0416 0x155c  SiSRaid2 - ok
11:37:36.0421 0x155c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:37:36.0428 0x155c  SiSRaid4 - ok
11:37:36.0468 0x155c  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate    D:\Skype\Updater\Updater.exe
11:37:36.0491 0x155c  SkypeUpdate - ok
11:37:36.0497 0x155c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
11:37:36.0520 0x155c  Smb - ok
11:37:36.0524 0x155c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:37:36.0534 0x155c  SNMPTRAP - ok
11:37:36.0536 0x155c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
11:37:36.0543 0x155c  spldr - ok
11:37:36.0554 0x155c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler        C:\Windows\System32\spoolsv.exe
11:37:36.0573 0x155c  Spooler - ok
11:37:36.0628 0x155c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:37:36.0714 0x155c  sppsvc - ok
11:37:36.0720 0x155c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
11:37:36.0744 0x155c  sppuinotify - ok
11:37:36.0753 0x155c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
11:37:36.0769 0x155c  srv - ok
11:37:36.0778 0x155c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:37:36.0793 0x155c  srv2 - ok
11:37:36.0798 0x155c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:37:36.0808 0x155c  srvnet - ok
11:37:36.0813 0x155c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
11:37:36.0839 0x155c  SSDPSRV - ok
11:37:36.0842 0x155c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
11:37:36.0866 0x155c  SstpSvc - ok
11:37:36.0876 0x155c  [ 6E1A473DD2A4714EAF7D11E2315DF794, 4460546191072C7DF8B2E5A00577BA8E4FF5A1B2EA399DDF65EBE1AE4A5A5C84 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:37:36.0891 0x155c  Steam Client Service - ok
11:37:36.0901 0x155c  [ D2B4376F9F36C5873A6CF99EF5750724, 2A5C12EE3657D4A6819080549ADFA3288E0DAC975114D9466DCCC3ED922D2539 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:37:36.0913 0x155c  Stereo Service - ok
11:37:36.0916 0x155c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:37:36.0923 0x155c  stexstor - ok
11:37:36.0934 0x155c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:37:36.0957 0x155c  stisvc - ok
11:37:36.0960 0x155c  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt        C:\Windows\system32\drivers\vmstorfl.sys
11:37:36.0968 0x155c  storflt - ok
11:37:36.0970 0x155c  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc        C:\Windows\system32\storsvc.dll
11:37:36.0979 0x155c  StorSvc - ok
11:37:36.0982 0x155c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc        C:\Windows\system32\drivers\storvsc.sys
11:37:36.0989 0x155c  storvsc - ok
11:37:36.0991 0x155c  [ CE2D5CABC80ABC8A605A55C3954FB313, 468FD63049C489515A117906E2D23CE86E3727F4F1613F4BDFC28D0392A35AB6 ] SWDUMon        C:\Windows\system32\DRIVERS\SWDUMon.sys
11:37:36.0998 0x155c  SWDUMon - ok
11:37:37.0000 0x155c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:37:37.0006 0x155c  swenum - ok
11:37:37.0016 0x155c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
11:37:37.0047 0x155c  swprv - ok
11:37:37.0077 0x155c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain        C:\Windows\system32\sysmain.dll
11:37:37.0122 0x155c  SysMain - ok
11:37:37.0132 0x155c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:37:37.0146 0x155c  TabletInputService - ok
11:37:37.0153 0x155c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
11:37:37.0180 0x155c  TapiSrv - ok
11:37:37.0184 0x155c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
11:37:37.0207 0x155c  TBS - ok
11:37:37.0238 0x155c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
11:37:37.0280 0x155c  Tcpip - ok
11:37:37.0312 0x155c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:37:37.0346 0x155c  TCPIP6 - ok
11:37:37.0351 0x155c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:37:37.0359 0x155c  tcpipreg - ok
11:37:37.0362 0x155c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:37:37.0370 0x155c  TDPIPE - ok
11:37:37.0373 0x155c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
11:37:37.0380 0x155c  TDTCP - ok
11:37:37.0384 0x155c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
11:37:37.0394 0x155c  tdx - ok
11:37:37.0397 0x155c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:37:37.0404 0x155c  TermDD - ok
11:37:37.0417 0x155c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService    C:\Windows\System32\termsrv.dll
11:37:37.0438 0x155c  TermService - ok
11:37:37.0442 0x155c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:37:37.0454 0x155c  Themes - ok
11:37:37.0458 0x155c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
11:37:37.0480 0x155c  THREADORDER - ok
11:37:37.0484 0x155c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:37:37.0508 0x155c  TrkWks - ok
11:37:37.0515 0x155c  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt      C:\Windows\system32\drivers\truecrypt.sys
11:37:37.0524 0x155c  truecrypt - ok
11:37:37.0529 0x155c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:37:37.0551 0x155c  TrustedInstaller - ok
11:37:37.0555 0x155c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:37:37.0563 0x155c  tssecsrv - ok
11:37:37.0567 0x155c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:37:37.0575 0x155c  TsUsbFlt - ok
11:37:37.0578 0x155c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
11:37:37.0585 0x155c  TsUsbGD - ok
11:37:37.0590 0x155c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:37:37.0612 0x155c  tunnel - ok
11:37:37.0615 0x155c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:37:37.0623 0x155c  uagp35 - ok
11:37:37.0630 0x155c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:37:37.0657 0x155c  udfs - ok
11:37:37.0662 0x155c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
11:37:37.0672 0x155c  UI0Detect - ok
11:37:37.0676 0x155c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:37:37.0683 0x155c  uliagpkx - ok
11:37:37.0686 0x155c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
11:37:37.0694 0x155c  umbus - ok
11:37:37.0697 0x155c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:37:37.0705 0x155c  UmPass - ok
11:37:37.0710 0x155c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:37:37.0723 0x155c  UmRdpService - ok
11:37:37.0731 0x155c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:37:37.0759 0x155c  upnphost - ok
11:37:37.0763 0x155c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64      C:\Windows\system32\Drivers\usbaapl64.sys
11:37:37.0772 0x155c  USBAAPL64 - ok
11:37:37.0776 0x155c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
11:37:37.0785 0x155c  usbccgp - ok
11:37:37.0789 0x155c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:37:37.0798 0x155c  usbcir - ok
11:37:37.0801 0x155c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
11:37:37.0809 0x155c  usbehci - ok
11:37:37.0817 0x155c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:37:37.0830 0x155c  usbhub - ok
11:37:37.0833 0x155c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci        C:\Windows\system32\drivers\usbohci.sys
11:37:37.0840 0x155c  usbohci - ok
11:37:37.0843 0x155c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
11:37:37.0853 0x155c  usbprint - ok
11:37:37.0856 0x155c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:37:37.0865 0x155c  USBSTOR - ok
11:37:37.0868 0x155c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
11:37:37.0876 0x155c  usbuhci - ok
11:37:37.0878 0x155c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
11:37:37.0902 0x155c  UxSms - ok
11:37:37.0904 0x155c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc        C:\Windows\system32\lsass.exe
11:37:37.0912 0x155c  VaultSvc - ok
11:37:37.0915 0x155c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:37:37.0922 0x155c  vdrvroot - ok
11:37:37.0933 0x155c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
11:37:37.0964 0x155c  vds - ok
11:37:37.0967 0x155c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
11:37:37.0977 0x155c  vga - ok
11:37:37.0979 0x155c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
11:37:38.0000 0x155c  VgaSave - ok
11:37:38.0006 0x155c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
11:37:38.0017 0x155c  vhdmp - ok
11:37:38.0044 0x155c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:37:38.0083 0x155c  viaide - ok
11:37:38.0092 0x155c  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus          C:\Windows\system32\drivers\vmbus.sys
11:37:38.0109 0x155c  vmbus - ok
11:37:38.0113 0x155c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:37:38.0123 0x155c  VMBusHID - ok
11:37:38.0126 0x155c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:37:38.0134 0x155c  volmgr - ok
11:37:38.0143 0x155c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
11:37:38.0155 0x155c  volmgrx - ok
11:37:38.0162 0x155c  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap        C:\Windows\system32\drivers\volsnap.sys
11:37:38.0174 0x155c  volsnap - ok
11:37:38.0179 0x155c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
11:37:38.0189 0x155c  vsmraid - ok
11:37:38.0216 0x155c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
11:37:38.0268 0x155c  VSS - ok
11:37:38.0272 0x155c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:37:38.0282 0x155c  vwifibus - ok
11:37:38.0285 0x155c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:37:38.0297 0x155c  vwififlt - ok
11:37:38.0305 0x155c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
11:37:38.0334 0x155c  W32Time - ok
11:37:38.0338 0x155c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:37:38.0346 0x155c  WacomPen - ok
11:37:38.0349 0x155c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:37:38.0371 0x155c  WANARP - ok
11:37:38.0374 0x155c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:37:38.0396 0x155c  Wanarpv6 - ok
11:37:38.0420 0x155c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:37:38.0458 0x155c  wbengine - ok
11:37:38.0464 0x155c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:37:38.0480 0x155c  WbioSrvc - ok
11:37:38.0488 0x155c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
11:37:38.0508 0x155c  wcncsvc - ok
11:37:38.0511 0x155c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:37:38.0522 0x155c  WcsPlugInService - ok
11:37:38.0525 0x155c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:37:38.0532 0x155c  Wd - ok
11:37:38.0547 0x155c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:37:38.0568 0x155c  Wdf01000 - ok
11:37:38.0572 0x155c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:37:38.0583 0x155c  WdiServiceHost - ok
11:37:38.0586 0x155c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost  C:\Windows\system32\wdi.dll
11:37:38.0596 0x155c  WdiSystemHost - ok
11:37:38.0602 0x155c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient      C:\Windows\System32\webclnt.dll
11:37:38.0616 0x155c  WebClient - ok
11:37:38.0623 0x155c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:37:38.0650 0x155c  Wecsvc - ok
11:37:38.0653 0x155c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
11:37:38.0680 0x155c  wercplsupport - ok
11:37:38.0683 0x155c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:37:38.0707 0x155c  WerSvc - ok
11:37:38.0710 0x155c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:37:38.0730 0x155c  WfpLwf - ok
11:37:38.0733 0x155c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:37:38.0739 0x155c  WIMMount - ok
11:37:38.0741 0x155c  WinDefend - ok
11:37:38.0745 0x155c  WinHttpAutoProxySvc - ok
11:37:38.0752 0x155c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
11:37:38.0779 0x155c  Winmgmt - ok
11:37:38.0843 0x155c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM          C:\Windows\system32\WsmSvc.dll
11:37:38.0890 0x155c  WinRM - ok
11:37:38.0897 0x155c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:37:38.0907 0x155c  WinUsb - ok
11:37:38.0924 0x155c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
11:37:38.0954 0x155c  Wlansvc - ok
11:37:38.0994 0x155c  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:37:39.0041 0x155c  wlidsvc - ok
11:37:39.0045 0x155c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
11:37:39.0053 0x155c  WmiAcpi - ok
11:37:39.0059 0x155c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:37:39.0071 0x155c  wmiApSrv - ok
11:37:39.0073 0x155c  WMPNetworkSvc - ok
11:37:39.0076 0x155c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:37:39.0085 0x155c  WPCSvc - ok
11:37:39.0090 0x155c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:37:39.0102 0x155c  WPDBusEnum - ok
11:37:39.0105 0x155c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
11:37:39.0126 0x155c  ws2ifsl - ok
11:37:39.0130 0x155c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
11:37:39.0144 0x155c  wscsvc - ok
11:37:39.0146 0x155c  WSearch - ok
11:37:39.0188 0x155c  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:37:39.0245 0x155c  wuauserv - ok
11:37:39.0251 0x155c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:37:39.0259 0x155c  WudfPf - ok
11:37:39.0265 0x155c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:37:39.0276 0x155c  WUDFRd - ok
11:37:39.0280 0x155c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
11:37:39.0291 0x155c  wudfsvc - ok
11:37:39.0297 0x155c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\Windows\System32\wwansvc.dll
11:37:39.0310 0x155c  WwanSvc - ok
11:37:39.0314 0x155c  ================ Scan global ===============================
11:37:39.0321 0x155c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
11:37:39.0331 0x155c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
11:37:39.0341 0x155c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
11:37:39.0348 0x155c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:37:39.0357 0x155c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:37:39.0364 0x155c  [ Global ] - ok
11:37:39.0364 0x155c  ================ Scan MBR ==================================
11:37:39.0365 0x155c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
11:37:39.0435 0x155c  \Device\Harddisk1\DR1 - ok
11:37:39.0438 0x155c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:37:39.0497 0x155c  \Device\Harddisk0\DR0 - ok
11:37:39.0513 0x155c  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
11:37:39.0640 0x155c  \Device\Harddisk2\DR2 - detected TDSS File System ( 1 )
11:37:39.0640 0x155c  \Device\Harddisk2\DR2 ( TDSS File System ) - warning
11:37:42.0072 0x155c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
11:37:42.0158 0x155c  \Device\Harddisk3\DR3 - ok
11:37:42.0162 0x155c  [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk4\DR4
11:37:42.0223 0x155c  \Device\Harddisk4\DR4 - ok
11:37:42.0224 0x155c  ================ Scan VBR ==================================
11:37:42.0226 0x155c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
11:37:42.0226 0x155c  \Device\Harddisk1\DR1\Partition1 - ok
11:37:42.0229 0x155c  [ 9A6817862D87A9770C14D17DBE88B2B1 ] \Device\Harddisk1\DR1\Partition2
11:37:42.0292 0x155c  \Device\Harddisk1\DR1\Partition2 - ok
11:37:42.0295 0x155c  [ 658216DF9A80071CD89E9DADBA817322 ] \Device\Harddisk1\DR1\Partition3
11:37:42.0358 0x155c  \Device\Harddisk1\DR1\Partition3 - ok
11:37:42.0361 0x155c  [ 7B435AE345F8F63103F234AE0496FD54 ] \Device\Harddisk0\DR0\Partition1
11:37:42.0362 0x155c  \Device\Harddisk0\DR0\Partition1 - ok
11:37:42.0365 0x155c  [ 5C55994C42B6ADD9F277CB15657E8878 ] \Device\Harddisk0\DR0\Partition2
11:37:42.0367 0x155c  \Device\Harddisk0\DR0\Partition2 - ok
11:37:42.0369 0x155c  [ F5702576E9FBB5621D606ECBD6CFCA52 ] \Device\Harddisk2\DR2\Partition1
11:37:42.0371 0x155c  \Device\Harddisk2\DR2\Partition1 - ok
11:37:42.0373 0x155c  [ 879CD96E61C9DD30DC357048FDD07650 ] \Device\Harddisk2\DR2\Partition2
11:37:42.0375 0x155c  \Device\Harddisk2\DR2\Partition2 - ok
11:37:42.0377 0x155c  [ DDE6E425C1F6E124366D43FBD74D0DE6 ] \Device\Harddisk2\DR2\Partition3
11:37:42.0404 0x155c  \Device\Harddisk2\DR2\Partition3 - ok
11:37:42.0406 0x155c  [ F50DAF8BC01CADB98532F6032ED38729 ] \Device\Harddisk3\DR3\Partition1
11:37:42.0452 0x155c  \Device\Harddisk3\DR3\Partition1 - ok
11:37:42.0455 0x155c  [ BD94A2F4CD989037BA4EBB4C0ADC5041 ] \Device\Harddisk4\DR4\Partition1
11:37:42.0456 0x155c  \Device\Harddisk4\DR4\Partition1 - ok
11:37:42.0457 0x155c  ================ Scan generic autorun ======================
11:37:42.0457 0x155c  Nvtmru - ok
11:37:42.0516 0x155c  [ 2DC2C370F785AD5B2717A205238B03E2, 50D002FF269741855986179D4B9D5A820C04E881B624AFEF0B76E80A68930F3D ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
11:37:42.0560 0x155c  NvBackend - ok
11:37:42.0565 0x155c  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
11:37:42.0575 0x155c  ShadowPlay - ok
11:37:42.0693 0x155c  [ 26E56C4065A4AFB61F38CE9F9DB2BBB9, F969A8EB22CB9F8A5F9E47E7DD53F14F5AF813665DE8A465895A5C216DFA927A ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
11:37:42.0810 0x155c  RTHDVCPL - ok
11:37:42.0820 0x155c  [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
11:37:42.0830 0x155c  USB3MON - ok
11:37:42.0868 0x155c  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] D:\Office 2010\Office14\BCSSync.exe
11:37:42.0882 0x155c  BCSSync - ok
11:37:43.0026 0x155c  [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] D:\Avast Antivir\AvastUI.exe
11:37:43.0171 0x155c  AvastUI.exe - ok
11:37:43.0186 0x155c  [ 34084D25BE6F48D072AA54DE630438FD, 522C96429FC679C2D07E9254E8D1793FEC018D65CD43D88FE9851CC8CEB61A07 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:37:43.0196 0x155c  SunJavaUpdateSched - ok
11:37:43.0217 0x155c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:37:43.0246 0x155c  Sidebar - ok
11:37:43.0250 0x155c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:37:43.0263 0x155c  mctadmin - ok
11:37:43.0283 0x155c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:37:43.0307 0x155c  Sidebar - ok
11:37:43.0311 0x155c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:37:43.0323 0x155c  mctadmin - ok
11:37:43.0343 0x155c  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Scotty\AppData\Local\FluxSoftware\Flux\flux.exe
11:37:43.0362 0x155c  f.lux - ok
11:37:43.0363 0x155c  Waiting for KSN requests completion. In queue: 51
11:37:44.0364 0x155c  Waiting for KSN requests completion. In queue: 51
11:37:45.0364 0x155c  Waiting for KSN requests completion. In queue: 51
11:37:46.0402 0x155c  AV detected via SS2: avast! Antivirus, D:\Avast Antivir\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
11:37:46.0408 0x155c  Win FW state via NFP2: enabled
11:37:48.0773 0x155c  ============================================================
11:37:48.0773 0x155c  Scan finished
11:37:48.0773 0x155c  ============================================================
11:37:48.0780 0x08bc  Detected object count: 1
11:37:48.0780 0x08bc  Actual detected object count: 1
11:38:04.0513 0x08bc  \Device\Harddisk2\DR2\TDLFS\config.ini - copied to quarantine
11:38:04.0517 0x08bc  \Device\Harddisk2\DR2\TDLFS\tdl - copied to quarantine
11:38:04.0518 0x08bc  \Device\Harddisk2\DR2\TDLFS\rsrc.dat - copied to quarantine
11:38:04.0519 0x08bc  \Device\Harddisk2\DR2\TDLFS\bckfg.tmp - copied to quarantine
11:38:04.0521 0x08bc  \Device\Harddisk2\DR2\TDLFS\tdlcmd.dll - copied to quarantine
11:38:04.0522 0x08bc  \Device\Harddisk2\DR2\TDLFS - deleted
11:38:04.0522 0x08bc  \Device\Harddisk2\DR2 ( TDSS File System ) - User select action: Delete
Ein erneuter Scan hat keine weiteren Bedrohungen gefunden.

schrauber 09.07.2015 13:22
perfekt :)


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Carso 09.07.2015 17:02
Hallo, anbei die Log-Datei. Bevor das Programm den PC neu starten konnte, kam die folgende Fehlermeldung:

"Unable to create backup of current registry file
C:\windows\system32\config\security!
continue with restoration of this file?"

Habe dann ja geklickt. Danach kamen noch ca. 10 weitere, ähnliche Fehlermeldungen, deren genauen Wortlaut ich mir allerdings nicht aufgeschrieben habe -.-

Code:
ComboFix 15-07-08.01 - Scotty 09.07.2015  17:40:46.1.4 - x64
Microsoft Windows 7 Professional N  6.1.7601.1.1252.49.1031.18.16328.11347 [GMT 2:00]
ausgeführt von:: c:\users\Scotty\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Scotty\AppData\Roaming\0ad
c:\users\Scotty\AppData\Roaming\0ad\config\user.cfg
D:\install.exe
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
.
.
(((((((((((((((((((((((  Dateien erstellt von 2015-06-09 bis 2015-07-09  ))))))))))))))))))))))))))))))
.
.
2015-07-09 15:44 . 2015-07-09 15:44        --------        d-----w-        c:\users\Default\AppData\Local\temp
2015-07-09 09:38 . 2015-07-09 09:38        --------        d-----w-        C:\TDSSKiller_Quarantine
2015-07-08 18:44 . 2015-06-17 06:03        571024        ----a-w-        c:\windows\SysWow64\nvStreaming.exe
2015-07-08 18:27 . 2015-05-19 03:29        46768        ----a-w-        c:\windows\system32\drivers\nvvad64v.sys
2015-07-08 18:27 . 2015-05-19 03:14        57520        ----a-w-        c:\windows\SysWow64\nvaudcap32v.dll
2015-07-08 08:42 . 2015-07-08 08:48        --------        d-----w-        c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-07-07 20:33 . 2015-07-07 20:33        --------        d-----w-        c:\program files\avast software
2015-07-07 20:32 . 2015-07-07 20:32        364472        ----a-w-        c:\windows\system32\aswBoot.exe
2015-07-07 20:32 . 2015-07-07 20:32        43112        ----a-w-        c:\windows\avastSS.scr
2015-07-07 20:24 . 2015-07-07 20:25        --------        d-----w-        C:\FRST
2015-07-07 11:19 . 2015-07-07 11:19        778416        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-07 11:19 . 2015-07-07 11:19        142512        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-07 08:50 . 2015-06-12 07:50        12221144        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{65886CE1-2BAF-412A-83E2-A0EFE9089A45}\mpengine.dll
2015-07-06 18:58 . 2015-07-06 18:58        --------        d-----w-        c:\program files (x86)\Common Files\Java
2015-07-06 18:58 . 2015-07-06 18:58        97888        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-07-06 18:58 . 2015-07-06 18:58        --------        d-----w-        c:\program files (x86)\Java
2015-06-26 11:07 . 2015-06-26 11:07        --------        d-----w-        c:\program files (x86)\Photodex Presenter
2015-06-26 11:07 . 2015-06-26 11:07        --------        d-----w-        c:\program files (x86)\Photodex
2015-06-23 21:42 . 2015-06-23 21:42        --------        d-----w-        c:\users\Scotty\AppData\Roaming\Netscape
2015-06-23 21:41 . 2015-06-23 21:41        --------        d-----w-        c:\users\Scotty\AppData\Roaming\Photodex
2015-06-23 21:41 . 2015-06-23 21:41        --------        d-----w-        c:\programdata\Photodex
2015-06-23 21:35 . 2015-06-23 21:38        --------        d-----w-        c:\users\Scotty\AppData\Roaming\Ashampoo Slideshow Studio HD 3
2015-06-23 21:34 . 2015-06-23 21:34        --------        d-----w-        c:\users\Scotty\AppData\Local\ashampoo
2015-06-23 21:34 . 2015-06-23 21:34        --------        d-----w-        c:\programdata\Ashampoo
2015-06-23 18:08 . 2015-06-23 18:08        --------        d-----w-        c:\users\Scotty\AppData\Local\Magix
2015-06-23 18:07 . 2015-06-23 18:07        --------        d-----w-        c:\users\Scotty\AppData\Local\Xara
2015-06-23 18:07 . 2015-06-23 20:55        --------        d-----w-        c:\users\Scotty\AppData\Roaming\MAGIX
2015-06-23 18:07 . 2015-06-23 18:07        --------        d-----w-        c:\program files (x86)\Common Files\MAGIX Shared
2015-06-23 18:06 . 2015-06-29 10:04        --------        d-----w-        c:\programdata\MAGIX
2015-06-23 18:06 . 2015-06-29 10:04        --------        d-----w-        c:\program files (x86)\Common Files\MAGIX Services
2015-06-20 20:20 . 2015-06-20 20:20        --------        d-----w-        c:\users\Scotty\AppData\Local\ESN
2015-06-10 08:38 . 2015-05-25 18:00        40448        ----a-w-        c:\windows\SysWow64\typeperf.exe
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-08 17:14 . 2015-05-20 12:00        16056        ----a-w-        c:\windows\system32\drivers\SWDUMon.sys
2015-07-08 08:42 . 2015-06-06 21:36        136408        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-08 08:41 . 2015-06-06 21:35        107736        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys
2015-07-07 20:33 . 2013-08-18 15:41        442264        ----a-w-        c:\windows\system32\drivers\aswsp.sys
2015-07-07 20:32 . 2014-05-18 13:45        29168        ----a-w-        c:\windows\system32\drivers\aswHwid.sys
2015-07-07 20:32 . 2014-01-03 19:37        137288        ----a-w-        c:\windows\system32\drivers\aswStm.sys
2015-07-07 20:32 . 2013-08-18 15:41        89944        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2015-07-07 20:32 . 2013-08-18 15:41        65736        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys
2015-07-07 20:32 . 2013-08-18 15:41        272248        ----a-w-        c:\windows\system32\drivers\aswVmm.sys
2015-07-07 20:32 . 2013-08-18 15:41        93528        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys
2015-07-07 20:32 . 2013-08-18 15:41        1047320        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2015-07-06 11:46 . 2015-03-19 22:28        226168        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2015-07-06 11:38 . 2013-08-29 11:00        226168        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2015-06-24 11:36 . 2013-12-11 18:47        1320120        ----a-w-        c:\windows\SysWow64\nvspcap.dll
2015-06-24 11:36 . 2014-11-15 01:27        1316000        ----a-w-        c:\windows\SysWow64\nvspbridge.dll
2015-06-24 11:36 . 2013-12-11 18:47        1571696        ----a-w-        c:\windows\system32\nvspcap64.dll
2015-06-24 11:36 . 2014-11-15 01:27        1756424        ----a-w-        c:\windows\system32\nvspbridge64.dll
2015-06-23 11:30 . 2010-11-21 03:27        300704        ------w-        c:\windows\system32\MpSigStub.exe
2015-06-21 22:41 . 2013-08-29 12:33        281688        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2015-06-20 20:22 . 2014-06-28 11:32        76152        ----a-w-        c:\windows\system32\PnkBstrA.exe
2015-06-18 06:41 . 2015-06-06 21:35        63704        ----a-w-        c:\windows\system32\drivers\mwac.sys
2015-06-18 06:41 . 2015-06-06 21:35        25816        ----a-w-        c:\windows\system32\drivers\mbam.sys
2015-06-17 09:10 . 2015-05-20 12:16        1567576        ----a-w-        c:\windows\system32\nvhdagenco6420103.dll
2015-06-17 09:10 . 2015-05-20 12:16        12855416        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2015-06-17 09:10 . 2014-03-20 21:03        15224784        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll
2015-06-17 09:10 . 2013-08-18 14:06        112784        ----a-w-        c:\windows\system32\OpenCL.dll
2015-06-17 09:10 . 2013-08-18 14:06        105288        ----a-w-        c:\windows\SysWow64\OpenCL.dll
2015-06-17 09:10 . 2013-08-18 14:05        3395648        ----a-w-        c:\windows\system32\nvapi64.dll
2015-06-17 09:10 . 2013-08-18 14:05        2997544        ----a-w-        c:\windows\SysWow64\nvapi.dll
2015-06-17 06:48 . 2013-08-18 14:06        937616        ----a-w-        c:\windows\system32\nvvsvc.exe
2015-06-17 06:48 . 2013-08-18 14:06        62792        ----a-w-        c:\windows\system32\nvshext.dll
2015-06-17 06:48 . 2013-08-18 14:06        385168        ----a-w-        c:\windows\system32\nvmctray.dll
2015-06-17 06:48 . 2013-08-18 14:06        2558792        ----a-w-        c:\windows\system32\nvsvcr.dll
2015-06-17 06:48 . 2013-08-18 14:06        6873232        ----a-w-        c:\windows\system32\nvcpl.dll
2015-06-17 06:48 . 2013-08-18 14:06        3492168        ----a-w-        c:\windows\system32\nvsvc64.dll
2015-06-16 21:02 . 2014-01-17 00:25        76888        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe
2015-06-10 09:51 . 2013-08-18 14:56        140135120        ----a-w-        c:\windows\system32\MRT.exe
2015-06-02 14:11 . 2013-08-18 14:06        4421614        ----a-w-        c:\windows\system32\nvcoproc.bin
2015-05-25 18:01 . 2015-06-10 08:38        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2015-05-19 03:14 . 2014-11-15 01:23        61616        ----a-w-        c:\windows\system32\nvaudcap64v.dll
2015-05-12 06:27 . 2015-05-20 12:16        1898312        ----a-w-        c:\windows\system32\nvdispco6435286.dll
2015-05-12 06:27 . 2015-05-20 12:16        1557648        ----a-w-        c:\windows\system32\nvdispgenco6435286.dll
2015-05-01 13:17 . 2015-05-14 01:03        124112        ----a-w-        c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-14 01:03        102608        ----a-w-        c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-20 03:17 . 2015-05-13 09:58        1179136        ----a-w-        c:\windows\system32\FntCache.dll
2015-04-20 03:17 . 2015-05-13 09:58        1647104        ----a-w-        c:\windows\system32\DWrite.dll
2015-04-20 02:56 . 2015-05-13 09:58        1250816        ----a-w-        c:\windows\SysWow64\DWrite.dll
2015-04-18 03:10 . 2015-05-13 09:59        460800        ----a-w-        c:\windows\system32\certcli.dll
2015-04-18 02:56 . 2015-05-13 09:59        342016        ----a-w-        c:\windows\SysWow64\certcli.dll
2015-04-14 01:38 . 2015-04-14 01:38        1217192        ----a-w-        c:\windows\SysWow64\FM20.DLL
2015-04-13 03:28 . 2015-05-13 09:59        328704        ----a-w-        c:\windows\system32\services.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"f.lux"="c:\users\Scotty\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"BCSSync"="d:\office 2010\Office14\BCSSync.exe" [2012-11-05 89184]
"AvastUI.exe"="d:\avast antivir\AvastUI.exe" [2015-07-07 5515496]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=d:\sophos\SOPHOS~1\sophos_detoured.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;d:\malwarebytes' anti-malware\mbamservice.exe;d:\malwarebytes' anti-malware\mbamservice.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Origin Client Service;Origin Client Service;g:\origin\OriginClientService.exe;g:\origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 ASGT;ASGT;c:\windows\SysWOW64\ASGT.exe;c:\windows\SysWOW64\ASGT.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DirMngr;DirMngr;d:\gnupg\dirmngr.exe;d:\gnupg\dirmngr.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Realtek11nSU;Realtek11nSU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [x]
S2 SkypeUpdate;Skype Updater;d:\skype\Updater\Updater.exe;d:\skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-08 08:35        991048        ----a-w-        c:\program files (x86)\Google\Chrome\Application\43.0.2357.132\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-18 15:21]
.
2015-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-18 15:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-07-07 20:32        722400        ----a-w-        d:\avast antivir\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-06-24 2754704]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-06-24 1571696]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2000-01-01 7660760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=d:\sophos\SOPHOS~1\sophos_detoured_x64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - d:\office~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - d:\office~1\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\
FF - prefs.js: browser.startup.homepage - facebook.com | http://www.trojaner-board.de/168529-...rt-noetig.html
FF - prefs.js: keyword.URL - hxxps://www.google.com/search
FF - prefs.js: network.proxy.ftp - 131.109.42.105
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.http - 131.109.42.105
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - 131.109.42.105
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 131.109.42.105
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-PeerGuardian_is1 - d:\vuze\PeerGuardian2\unins000.exe
AddRemove-Free FLV Converter - c:\program files (x86)\Free FLV Converter\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4268881813-2952948070-2875398935-1000\Software\SecuROM\License information*]
"datasecu"=hex:83,f7,e2,49,f5,9e,31,c4,38,bf,0b,0a,3e,e2,d0,b7,59,08,bf,cf,38,
  cc,ea,ec,15,f5,35,41,53,3e,fa,cb,ba,6f,b4,94,f8,1a,ba,89,68,01,ca,29,b3,d3,\
"rkeysecu"=hex:d3,97,64,9d,41,db,2e,c1,94,e9,2f,7f,54,fa,49,86
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
d:\avast antivir\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
c:\program files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-09  17:54:26 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-07-09 15:54
.
Vor Suchlauf: 12 Verzeichnis(se), 31.455.490.048 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 31.324.209.152 Bytes frei
.
- - End Of File - - BE462AD1A60267D5E765CFA65F31BA71
A36C5E4F47E84449FF07ED3517B43A31

schrauber 10.07.2015 08:09
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Carso 10.07.2015 08:45
Ich bin bis Sonntag Abend nicht zu Hause. Dann werde ich die Logs aber direkt erstellen. Vielen Dank schon mal, für die bisherige Hilfe

schrauber 10.07.2015 15:31
ok :)

Carso 13.07.2015 11:34
soo, anbei die 3 logs der 3 Scans:

MBAM:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 13.07.2015
Suchlaufzeit: 12:11
Protokolldatei:
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.07.13.01
Rootkit-Datenbank: v2015.07.10.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Scotty

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 378115
Abgelaufene Zeit: 5 Min., 15 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

AdwCleaner:
Code:
# AdwCleaner v4.208 - Bericht erstellt 13/07/2015 um 12:22:17
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-11.1 [Server]
# Betriebssystem : Windows 7 Professional N Service Pack 1 (x64)
# Benutzername : Scotty - SCOTTY-PC
# Gestarted von : C:\Users\Scotty\Desktop\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : swdumon

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Scotty\AppData\Local\slimware utilities inc
Datei Gelöscht : C:\Windows\System32\drivers\swdumon.sys
Datei Gelöscht : C:\Users\Scotty\AppData\Roaming\Mozilla\Firefox\Profiles\85szks6p.default\foxydeal.sqlite

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v39.0 (x86 de)


-\\ Google Chrome v43.0.2357.132


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [2004 Bytes] - [07/06/2015 21:08:37]
AdwCleaner[R1].txt - [1238 Bytes] - [13/07/2015 12:19:57]
AdwCleaner[S0].txt - [2013 Bytes] - [07/06/2015 21:35:03]
AdwCleaner[S1].txt - [1162 Bytes] - [13/07/2015 12:22:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1221  Bytes] ##########

Und der Log vom Junkware Removal TOol:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.4.6 (07.12.2015:2)
OS: Windows 7 Professional N x64
Ran by Scotty on 13.07.2015 at 12:28:02,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\users\public\documents\downloaded installers
Successfully deleted: [Folder] C:\Windows\syswow64\ai_recyclebin



~~~ FireFox

Successfully deleted: [File] C:\Users\Scotty\AppData\Roaming\mozilla\firefox\profiles\85szks6p.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
Emptied folder: C:\Users\Scotty\AppData\Roaming\mozilla\firefox\profiles\85szks6p.default\minidumps [117 files]



~~~ Chrome


[C:\Users\Scotty\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Scotty\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Scotty\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Scotty\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.07.2015 at 12:30:48,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Gruß,
Scotty

schrauber 14.07.2015 07:02

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:11 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131