Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8: langsames Internet und Umleitungen auf Werbeseiten

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.10.2014, 21:20   #1
Don_Helios
 
Windows 8: langsames Internet und Umleitungen auf Werbeseiten - Standard

Windows 8: langsames Internet und Umleitungen auf Werbeseiten



Guten Abend!
Ich habe seit neustem das Problem, dass das Streamen von Videos sehr langsam geworden ist. Ausserdem werde ich, wenn ich bestimmte Seiten besuche, auf unseriöse Seiten umgeleitet und daher kommt der Verdacht das ich mir wohl etwas eingefangen habe.
Für Hilfe wäre ich sehr dankbar.

FRST
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Elias (administrator) on ELIAS-PC on 16-10-2014 20:38:03
Running from C:\Users\Elias\Downloads
Loaded Profiles: UpdatusUser & Elias (Available profiles: UpdatusUser & Elias)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\plugin-nm-server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Elias\Downloads\Defogger.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3777642976-2438380877-1723110391-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1939136 2014-08-28] (Valve Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Elias\AppData\Roaming\Mozilla\Firefox\Profiles\cyltjadc.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巎斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盀 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截噚 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-18]

Chrome: 
=======
CHR HomePage: Default -> https://www.google.de/
CHR Profile: C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (Kaspersky Protection) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-03-26]
CHR Extension: (YouTube) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-21]
CHR Extension: (Google-Suche) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-21]
CHR Extension: (AdBlock) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-12]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-02-18]
CHR Extension: (Modul zum Sperren von gefÀhrlichen Webseiten) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-02-18]
CHR Extension: (Virtual Keyboard) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-02-18]
CHR Extension: (Google Wallet) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Google Mail) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-21]
CHR Extension: (Anti-Banner) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-02-18]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa []
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-18] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-02-18] (Kaspersky Lab)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-26] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-26] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-26] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-02-18] (Kaspersky Lab ZAO)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-09-15] (Windows (R) 2003 DDK 3790 provider)
S3 SBIOSIO; \??\C:\windiag\SBIOSIO64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 20:38 - 2014-10-16 20:38 - 00020603 _____ () C:\Users\Elias\Downloads\FRST.txt
2014-10-16 20:37 - 2014-10-16 20:38 - 00000000 ____D () C:\FRST
2014-10-16 20:36 - 2014-10-16 20:36 - 02112000 _____ (Farbar) C:\Users\Elias\Downloads\FRST64.exe
2014-10-16 20:35 - 2014-10-16 20:35 - 00000472 _____ () C:\Users\Elias\Downloads\defogger_disable.log
2014-10-16 20:35 - 2014-10-16 20:35 - 00000000 _____ () C:\Users\Elias\defogger_reenable
2014-10-16 20:33 - 2014-10-16 20:33 - 00050477 _____ () C:\Users\Elias\Downloads\Defogger.exe
2014-10-16 19:28 - 2014-10-16 19:28 - 00000000 ___RD () C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-10-16 19:27 - 2014-10-16 19:27 - 00449032 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-16 17:11 - 2014-09-30 00:49 - 00705480 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-10-16 17:11 - 2014-09-30 00:49 - 00104904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-16 17:01 - 2014-10-16 17:01 - 04714656 _____ (Avira Operations GmbH & Co. KG) C:\Users\Elias\Downloads\avira_de_av___ws.exe
2014-10-16 13:49 - 2014-07-12 06:41 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\KBDRUM.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRUM.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-16 13:49 - 2014-07-12 06:15 - 00006144 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-16 13:49 - 2014-07-12 02:02 - 00478352 _____ () C:\windows\SysWOW64\locale.nls
2014-10-16 13:49 - 2014-07-12 02:00 - 00478352 _____ () C:\windows\system32\locale.nls
2014-10-16 13:49 - 2014-07-09 00:33 - 00181248 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe
2014-10-16 13:49 - 2014-07-09 00:32 - 01539584 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2014-10-16 13:49 - 2014-07-09 00:32 - 00340480 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2014-10-16 13:49 - 2014-07-09 00:30 - 01220608 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2014-10-16 13:49 - 2014-07-07 07:52 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2014-10-16 13:49 - 2014-07-07 07:52 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2014-10-16 13:49 - 2014-07-04 12:52 - 00328000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-10-16 13:49 - 2014-07-03 03:59 - 01824784 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-10-16 13:49 - 2014-07-03 02:30 - 01408952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-10-16 13:49 - 2014-06-28 09:01 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2014-10-16 13:49 - 2014-06-28 08:57 - 00209920 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-10-16 13:49 - 2014-06-28 08:56 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2014-10-16 13:49 - 2014-06-25 09:09 - 00733184 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2014-10-16 13:49 - 2014-06-25 09:07 - 01023488 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-10-16 13:49 - 2014-06-18 01:27 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-10-16 13:49 - 2014-06-18 01:23 - 02238464 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-10-16 13:49 - 2014-06-11 16:47 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-10-16 13:49 - 2014-06-11 06:40 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-10-16 13:49 - 2014-06-11 00:44 - 01403896 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-10-16 13:49 - 2014-05-30 01:31 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-10-16 13:49 - 2014-05-30 01:03 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-10-16 13:49 - 2014-02-04 12:57 - 01271664 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-16 13:48 - 2014-10-10 06:47 - 00693248 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-16 13:48 - 2014-10-10 06:47 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-16 13:48 - 2014-10-08 06:26 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-16 13:48 - 2014-09-13 07:29 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-16 13:48 - 2014-09-13 06:02 - 00068096 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-16 13:48 - 2014-09-03 04:48 - 00510464 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-16 13:48 - 2014-09-03 04:21 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-16 13:48 - 2014-08-02 00:08 - 00388729 _____ () C:\windows\system32\ApnDatabase.xml
2014-10-16 13:48 - 2014-07-24 15:50 - 00447296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-10-16 13:48 - 2014-07-17 01:28 - 00027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2014-10-16 13:48 - 2014-07-17 00:59 - 00305664 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2014-10-16 13:48 - 2014-07-17 00:59 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2014-10-16 13:48 - 2014-07-12 08:45 - 01549824 _____ (Microsoft Corporation) C:\windows\system32\msdtctm.dll
2014-10-16 13:48 - 2014-07-12 06:36 - 00674304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-10-16 13:48 - 2014-07-12 06:36 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-10-16 13:48 - 2014-07-12 06:34 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-10-16 13:48 - 2014-07-12 06:34 - 00250368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-10-16 13:48 - 2014-07-07 07:53 - 01125376 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-16 13:48 - 2014-07-07 07:52 - 03248128 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-16 13:48 - 2014-07-07 07:52 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-16 13:48 - 2014-07-07 07:52 - 00300544 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-16 13:48 - 2014-07-07 07:51 - 05982208 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-16 13:48 - 2014-07-07 06:01 - 01049600 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-16 13:48 - 2014-07-07 06:01 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-16 13:48 - 2014-07-07 06:00 - 05095424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-16 13:48 - 2014-07-07 05:59 - 00269312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-16 13:48 - 2014-06-28 08:57 - 01341952 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2014-10-16 13:48 - 2014-06-28 04:23 - 01126400 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2014-10-16 13:47 - 2014-09-28 06:18 - 04068352 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-16 13:47 - 2014-09-20 07:18 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-16 13:47 - 2014-09-20 07:17 - 02236928 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 01407488 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 19280896 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 15399424 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 02655232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-16 13:47 - 2014-09-20 07:15 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-16 13:47 - 2014-09-20 07:15 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-16 13:47 - 2014-09-20 07:15 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 13757952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 02861568 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 02055168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 01762816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 01180672 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-16 13:47 - 2014-09-20 05:56 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-16 13:47 - 2014-09-20 05:56 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-16 13:47 - 2014-09-20 05:56 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-16 13:47 - 2014-09-20 05:38 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-16 13:47 - 2014-09-20 05:33 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-16 13:47 - 2014-09-20 03:06 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-10-16 13:47 - 2014-09-18 01:24 - 02416128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-16 13:47 - 2014-09-18 00:56 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-16 13:47 - 2014-08-30 07:48 - 10115072 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-10-16 13:47 - 2014-08-30 07:46 - 02306560 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-10-16 13:47 - 2014-08-30 06:05 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-10-16 13:47 - 2014-08-30 06:03 - 02037760 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-10-16 13:47 - 2014-06-13 01:34 - 00754176 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-10-16 13:47 - 2014-06-13 01:29 - 02146304 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-10-15 22:59 - 2014-10-16 16:42 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 22:59 - 2014-10-15 22:59 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-15 22:59 - 2014-10-15 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-15 22:59 - 2014-10-15 22:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-15 22:59 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-15 22:59 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-10-15 22:59 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-10-15 22:45 - 2014-10-15 22:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Elias\Downloads\mbam-setup-2.0.3.1025.exe
2014-09-25 20:35 - 2014-08-21 01:40 - 00732880 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-09-25 20:35 - 2014-08-20 19:05 - 00694784 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-09-25 20:35 - 2014-08-20 19:05 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2014-09-25 20:35 - 2014-08-20 19:05 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 20:35 - 2014-08-20 19:02 - 00567808 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-09-25 20:35 - 2014-08-20 19:02 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 20:35 - 2014-06-24 09:35 - 00010450 _____ () C:\windows\system32\autoconfig.cab
2014-09-25 20:35 - 2014-06-24 08:40 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2014-09-23 14:32 - 2014-08-09 10:30 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2014-09-23 14:32 - 2014-08-09 10:29 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2014-09-20 14:44 - 2014-08-28 13:34 - 00059400 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-09-20 14:44 - 2014-08-28 08:05 - 00630272 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-09-20 14:44 - 2014-08-28 08:05 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-09-20 14:44 - 2014-08-28 08:05 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 03285504 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 01623552 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll
2014-09-20 14:44 - 2014-08-01 01:40 - 01287680 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-09-20 14:44 - 2014-06-05 03:12 - 00678600 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2014-09-20 14:44 - 2014-06-04 01:12 - 00536776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2014-09-20 14:43 - 2014-08-28 08:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-09-20 14:43 - 2014-08-28 08:02 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-09-20 14:42 - 2014-07-24 05:33 - 00875688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2014-09-20 14:42 - 2014-07-24 05:33 - 00869544 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 20:35 - 2012-12-18 20:05 - 00000000 ____D () C:\Users\Elias
2014-10-16 20:09 - 2012-12-21 16:10 - 00001126 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 20:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-10-16 19:54 - 2012-12-18 20:14 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3777642976-2438380877-1723110391-1002
2014-10-16 19:43 - 2014-02-18 21:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-10-16 19:42 - 2012-09-10 13:53 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-10-16 19:33 - 2012-09-10 13:47 - 00000000 ____D () C:\ProgramData\WinClon
2014-10-16 19:31 - 2013-01-06 23:19 - 00000000 ____D () C:\Users\Elias\AppData\Local\CrashDumps
2014-10-16 19:28 - 2012-12-21 16:10 - 00001122 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 19:27 - 2012-08-05 23:07 - 02609624 _____ () C:\windows\PFRO.log
2014-10-16 19:27 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-16 19:25 - 2012-09-10 12:50 - 01596177 _____ () C:\windows\WindowsUpdate.log
2014-10-16 17:08 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-10-16 17:06 - 2014-07-12 00:03 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-16 17:06 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-16 17:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-10-16 15:20 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-10-16 15:17 - 2013-08-02 13:23 - 00000000 ____D () C:\windows\system32\MRT
2014-10-16 15:13 - 2012-12-19 19:14 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-15 15:58 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-10-14 14:33 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-10-14 12:36 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-10-13 22:32 - 2013-01-11 22:17 - 00000000 ____D () C:\Users\Elias\AppData\Roaming\CyberLink
2014-10-13 22:07 - 2012-09-10 16:51 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-10-13 22:07 - 2012-09-10 16:51 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-10-13 22:07 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-23 03:51 - 2013-08-21 12:37 - 00000000 ____D () C:\Program Files\Microsoft Office 15

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


Some content of TEMP:
====================
C:\Users\Elias\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-15 15:02

==================== End Of Log ============================
         
Addition txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2014
Ran by Elias at 2014-10-16 20:38:49
Running from C:\Users\Elias\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Help Desk (HKLM\...\{C85A891D-7AB4-46AE-84F0-B0C3FAC82280}) (Version: 1.0.4 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.6.1 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.0.7 - Samsung Electronics CO., LTD.) Hidden
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Support Center (HKLM\...\{C178F0E8-75AF-4C21-9828-98B9BED82470}) (Version: 2.0.10 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.1 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{ADC15B86-A3F8-4DE3-9E0A-047FF12D6941}) (Version: 2.0.18 - Samsung Electronics CO., LTD.)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
User Guide (HKLM-x32\...\{039EA659-E421-45C6-8913-BED5D69B5536}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Elias\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Elias\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Elias\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Elias\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Elias\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

23-09-2014 13:21:10 Windows Update
04-10-2014 08:29:21 Geplanter PrÌfpunkt
12-10-2014 19:00:25 Geplanter PrÌfpunkt
16-10-2014 13:09:17 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1BF73F2F-DE77-455E-8194-684BDF913FD6} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe
Task: {1DC19FEC-9FEB-4E10-80FA-27E0A2CDF341} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {25C22EA6-5A35-41DF-AC3E-3F6B66C4C743} - System32\Tasks\SWUpdateAgent => C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-09-10] (Samsung Electronics CO., LTD.)
Task: {36AD045A-6280-4E32-AFB7-32522A1ED4D5} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {5DC1B6AC-055F-4242-9A52-030AB06B1CE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {724F273E-2E81-457B-9934-46F45BD79D6F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-23] (Microsoft Corporation)
Task: {790C35F3-75F4-4AD0-8650-25BBF86C866A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {7C71EB44-63F4-4D2A-8D3D-5A63BCF6A7A4} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {8D721332-7930-4B07-929C-520FE7350162} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-09-04] (SEC)
Task: {9F878B0D-1EC3-479C-B771-1D6AB6B1092E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B72E8F64-0F81-4204-B013-E92D755276B2} - System32\Tasks\Microsoft\Windows\Setup\8.1 auto install => C:\windows\system32\NotificationUI.exe [2014-08-21] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CC4D69FE-D437-4F9F-BBEE-1141ABE1AB99} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {CFB835EF-0519-4369-B45D-2C47640A8D45} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-10-16] (Microsoft Corporation)
Task: {E07DDB21-6967-4443-8E38-0A9E1FA98B88} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe
Task: {E8C85F8D-DD83-4D0F-BEA4-E50FC068ECF5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe
Task: {E913AE11-2953-4AA1-B2D9-7825FB9A4CC0} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {EA833489-F06D-4081-8B80-F8FEE934AC03} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-08-17] (Samsung Electronics CO., LTD.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe

==================== Loaded Modules (whitelisted) =============

2014-03-19 07:14 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00085112 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2012-08-10 11:28 - 2012-08-10 11:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-10 11:23 - 2012-08-10 11:23 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-08-16 04:26 - 2012-08-16 04:26 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-09-07 10:57 - 2012-09-07 10:57 - 04238968 _____ () C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
2014-10-16 20:33 - 2014-10-16 20:33 - 00050477 _____ () C:\Users\Elias\Downloads\Defogger.exe
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 01012856 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00103544 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2012-09-10 13:55 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-09-25 02:13 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 02:13 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 02:13 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 02:13 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 02:13 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2012-09-10 13:34 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKCU\...\StartupApproved\Run: => "Steam"

========================= Accounts: ==========================

Administrator (S-1-5-21-3777642976-2438380877-1723110391-500 - Administrator - Disabled)
Elias (S-1-5-21-3777642976-2438380877-1723110391-1002 - Administrator - Enabled) => C:\Users\Elias
Gast (S-1-5-21-3777642976-2438380877-1723110391-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-3777642976-2438380877-1723110391-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/16/2014 07:31:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Name des fehlerhaften Moduls: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Ausnahmecode: 0x40000015
Fehleroffset: 0x001b2fbb
ID des fehlerhaften Prozesses: 0xe10
Startzeit der fehlerhaften Anwendung: 0xSWMAgent.exe0
Pfad der fehlerhaften Anwendung: SWMAgent.exe1
Pfad des fehlerhaften Moduls: SWMAgent.exe2
Berichtskennung: SWMAgent.exe3
VollstÀndiger Name des fehlerhaften Pakets: SWMAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SWMAgent.exe5

Error: (10/16/2014 07:29:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Name des fehlerhaften Moduls: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Ausnahmecode: 0x40000015
Fehleroffset: 0x001b2fbb
ID des fehlerhaften Prozesses: 0xe8c
Startzeit der fehlerhaften Anwendung: 0xSWMAgent.exe0
Pfad der fehlerhaften Anwendung: SWMAgent.exe1
Pfad des fehlerhaften Moduls: SWMAgent.exe2
Berichtskennung: SWMAgent.exe3
VollstÀndiger Name des fehlerhaften Pakets: SWMAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SWMAgent.exe5

Error: (10/16/2014 07:28:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BtvStack.exe, Version: 8.0.0.206, Zeitstempel: 0x5024e144
Name des fehlerhaften Moduls: audio.dll, Version: 8.0.0.206, Zeitstempel: 0x5024e1aa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001ae08
ID des fehlerhaften Prozesses: 0xc84
Startzeit der fehlerhaften Anwendung: 0xBtvStack.exe0
Pfad der fehlerhaften Anwendung: BtvStack.exe1
Pfad des fehlerhaften Moduls: BtvStack.exe2
Berichtskennung: BtvStack.exe3
VollstÀndiger Name des fehlerhaften Pakets: BtvStack.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BtvStack.exe5

Error: (10/16/2014 06:37:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GuaranaMain.exe, Version 2.0.10.0 kann nicht mehr unter Windows ausgefÌhrt werden und wurde beendet. ÜberprÌfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 12fc

Startzeit: 01cfe95caa9b0f17

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\Samsung\Support Center\GuaranaMain.exe

Berichts-ID: b5e83bea-5552-11e4-bf2b-20689d6d0e97

VollstÀndiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/16/2014 06:18:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Name des fehlerhaften Moduls: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Ausnahmecode: 0x40000015
Fehleroffset: 0x001b2fbb
ID des fehlerhaften Prozesses: 0x764
Startzeit der fehlerhaften Anwendung: 0xSWMAgent.exe0
Pfad der fehlerhaften Anwendung: SWMAgent.exe1
Pfad des fehlerhaften Moduls: SWMAgent.exe2
Berichtskennung: SWMAgent.exe3
VollstÀndiger Name des fehlerhaften Pakets: SWMAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SWMAgent.exe5

Error: (10/16/2014 06:17:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x13a8
Startzeit der fehlerhaften Anwendung: 0xCommonAgent.exe0
Pfad der fehlerhaften Anwendung: CommonAgent.exe1
Pfad des fehlerhaften Moduls: CommonAgent.exe2
Berichtskennung: CommonAgent.exe3
VollstÀndiger Name des fehlerhaften Pakets: CommonAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CommonAgent.exe5

Error: (10/16/2014 05:27:56 PM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : HTTPConnectionPool(host='127.0.0.1', port=35600): Max retries exceeded with url: /run_scheduled_task (Caused by <class 'socket.error'>: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte)

Error: (10/16/2014 05:15:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Name des fehlerhaften Moduls: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Ausnahmecode: 0x40000015
Fehleroffset: 0x001b2fbb
ID des fehlerhaften Prozesses: 0x1334
Startzeit der fehlerhaften Anwendung: 0xSWMAgent.exe0
Pfad der fehlerhaften Anwendung: SWMAgent.exe1
Pfad des fehlerhaften Moduls: SWMAgent.exe2
Berichtskennung: SWMAgent.exe3
VollstÀndiger Name des fehlerhaften Pakets: SWMAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SWMAgent.exe5

Error: (10/16/2014 05:15:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.124, Zeitstempel: 0x5420d868
Name des fehlerhaften Moduls: chrome.dll, Version: 37.0.2062.124, Zeitstempel: 0x5420d5a6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00eb51f7
ID des fehlerhaften Prozesses: 0x1004
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
VollstÀndiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (10/16/2014 05:14:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Name des fehlerhaften Moduls: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Ausnahmecode: 0x40000015
Fehleroffset: 0x001b2fbb
ID des fehlerhaften Prozesses: 0xc28
Startzeit der fehlerhaften Anwendung: 0xSWMAgent.exe0
Pfad der fehlerhaften Anwendung: SWMAgent.exe1
Pfad des fehlerhaften Moduls: SWMAgent.exe2
Berichtskennung: SWMAgent.exe3
VollstÀndiger Name des fehlerhaften Pakets: SWMAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SWMAgent.exe5


System errors:
=============
Error: (10/16/2014 07:32:23 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (10/15/2014 01:09:45 AM) (Source: DCOM) (EventID: 10010) (User: Elias-PC)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (10/10/2014 03:19:34 PM) (Source: DCOM) (EventID: 10010) (User: Elias-PC)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (09/25/2014 03:40:12 AM) (Source: DCOM) (EventID: 10010) (User: Elias-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/25/2014 03:40:12 AM) (Source: DCOM) (EventID: 10010) (User: Elias-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (09/25/2014 03:40:06 AM) (Source: DCOM) (EventID: 10010) (User: Elias-PC)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (09/24/2014 03:49:21 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu fÌhren, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden fÌr das TLS-Protokoll definierten Code: 70. Der Windows-SChannel-Fehlerstatus lautet: 105.

Error: (09/22/2014 04:12:15 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine TransaktionsrÌckmeldung von Dienst ClickToRunSvc erreicht.

Error: (09/11/2014 00:57:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (09/11/2014 00:57:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.


Microsoft Office Sessions:
=========================
Error: (10/16/2014 07:31:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SWMAgent.exe2.0.18.47504d70fdSWMAgent.exe2.0.18.47504d70fd40000015001b2fbbe1001cfe966ff80a3fdC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exeC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe4c26524a-555a-11e4-bf2c-20689d6d0e97

Error: (10/16/2014 07:29:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SWMAgent.exe2.0.18.47504d70fdSWMAgent.exe2.0.18.47504d70fd40000015001b2fbbe8c01cfe9668db615e2C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exeC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exef943b12d-5559-11e4-bf2c-20689d6d0e97

Error: (10/16/2014 07:28:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BtvStack.exe8.0.0.2065024e144audio.dll8.0.0.2065024e1aac0000005000000000001ae08c8401cfe966969fdbd0C:\Program Files (x86)\Bluetooth Suite\BtvStack.exeC:\Program Files (x86)\Bluetooth Suite\Modules\Audio\audio.dlldcba32f3-5559-11e4-bf2c-20689d6d0e97

Error: (10/16/2014 06:37:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GuaranaMain.exe2.0.10.012fc01cfe95caa9b0f174294967295C:\Program Files\Samsung\Support Center\GuaranaMain.exeb5e83bea-5552-11e4-bf2b-20689d6d0e97

Error: (10/16/2014 06:18:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SWMAgent.exe2.0.18.47504d70fdSWMAgent.exe2.0.18.47504d70fd40000015001b2fbb76401cfe95cd004e046C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exeC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe0fa6214a-5550-11e4-bf2b-20689d6d0e97

Error: (10/16/2014 06:17:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CommonAgent.exe1.0.7.5502ddd20unknown0.0.0.000000000c0000005000000000000000013a801cfe953ad35b791C:\Program Files\Samsung\S Agent\CommonAgent.exeunknownec8b9fd2-554f-11e4-bf2b-20689d6d0e97

Error: (10/16/2014 05:27:56 PM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : HTTPConnectionPool(host='127.0.0.1', port=35600): Max retries exceeded with url: /run_scheduled_task (Caused by <class 'socket.error'>: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte)

Error: (10/16/2014 05:15:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SWMAgent.exe2.0.18.47504d70fdSWMAgent.exe2.0.18.47504d70fd40000015001b2fbb133401cfe953fbe261ebC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exeC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe39961507-5547-11e4-bf2b-20689d6d0e97

Error: (10/16/2014 05:15:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.1245420d868chrome.dll37.0.2062.1245420d5a6c000000500eb51f7100401cfe953f278f0efC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll34dc8570-5547-11e4-bf2b-20689d6d0e97

Error: (10/16/2014 05:14:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SWMAgent.exe2.0.18.47504d70fdSWMAgent.exe2.0.18.47504d70fd40000015001b2fbbc2801cfe9538f599693C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exeC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe222b9798-5547-11e4-bf2b-20689d6d0e97


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 40%
Total physical RAM: 3797.53 MB
Available physical RAM: 2251.03 MB
Total Pagefile: 6869.53 MB
Available Pagefile: 4289.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:440.49 GB) (Free:367.89 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         
GMER log

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-16 21:00:54
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000003d  rev. 0,00MB
Running: Gmer-19357 (1).exe; Driver: C:\Users\Elias\AppData\Local\Temp\kgloapow.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3760] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                                                                                                       000007f8e5371532 4 bytes [37, E5, F8, 07]
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3760] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                                                                                                       000007f8e537153a 4 bytes [37, E5, F8, 07]
.text    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3760] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                                                                                                     000007f8e537165a 4 bytes [37, E5, F8, 07]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!RtlLeaveCriticalSection + 61                                                                                                          000007f8eb33104d 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!RtlEnterCriticalSection + 39                                                                                                          000007f8eb331087 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!RtlGetCurrentUmsThread + 77                                                                                                           000007f8eb3310dd 40 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!_local_unwind + 36                                                                                                                    000007f8eb331164 32 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!memcmp + 199                                                                                                                          000007f8eb331257 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!strcat + 144                                                                                                                          000007f8eb331300 16 bytes {JMP 0xffffffffffffff8c}
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!strcpy + 183                                                                                                                          000007f8eb3313d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!strlen + 168                                                                                                                          000007f8eb331558 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!strncat + 405                                                                                                                         000007f8eb331705 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!strncmp + 181                                                                                                                         000007f8eb3317d5 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!strncpy + 354                                                                                                                         000007f8eb331952 48 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!RtlGetCurrentProcessorNumberEx + 52                                                                                                   000007f8eb3319e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtdllDialogWndProc_W + 601                                                                                                            000007f8eb331dae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!DbgUserBreakPoint + 99                                                                                                                000007f8eb331e33 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!RtlInterlockedPushListSList + 118                                                                                                     000007f8eb332056 48 bytes {JMP 0xffffffffffffffc0}
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!RtlpUmsExecuteYieldThreadEnd + 403                                                                                                    000007f8eb332574 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!__chkstk + 77                                                                                                                         000007f8eb3325dd 40 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!_setjmp + 160                                                                                                                         000007f8eb3326b0 16 bytes {JMP RAX}
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!longjmp + 236                                                                                                                         000007f8eb33285c 32 bytes {JMP 0xffffffffffffffb9}
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                                                                                000007f8eb332c70 8 bytes {JMP QWORD [RIP-0xc6]}
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                                                                                                              000007f8eb332df0 8 bytes {JMP QWORD [RIP-0x23e]}
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                                                                                    000007f8eb332e20 8 bytes {JMP QWORD [RIP-0x317]}
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                                                                                  000007f8eb332f40 8 bytes {JMP QWORD [RIP-0x39e]}
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                                                                                                      000007f8eb332ff0 8 bytes {JMP QWORD [RIP-0x4df]}
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                                                                                                      000007f8eb3336b1 5 bytes [FF, 25, E5, 0F, 00]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtCreateThreadEx + 6                                                                                                                  000007f8eb3336b7 2 bytes [90, 90]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtGetContextThread                                                                                                                    000007f8eb333991 5 bytes [FF, 25, FD, 0C, 00]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtGetContextThread + 6                                                                                                                000007f8eb333997 2 bytes [90, 90]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtSetContextThread                                                                                                                    000007f8eb334211 8 bytes {JMP QWORD [RIP+0x475]}
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtWaitLowEventPair + 11                                                                                                               000007f8eb33468c 24 bytes [C0, 69, F8, 7F, 00, 00, 00, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuProcessInit + 616                                                                                                               00000000770e15f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuProcessTerm + 3                                                                                                                 00000000770e15fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuResetToConsistentState + 272                                                                                                    00000000770e17d4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuSetContext + 140                                                                                                                00000000770e18c4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuGetStackPointer + 23                                                                                                            00000000770e18e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuSetStackPointer + 23                                                                                                            00000000770e1903 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuSetInstructionPointer + 23                                                                                                      00000000770e1923 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuFlushInstructionCache + 23                                                                                                      00000000770e195f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuProcessDebugEvent + 3                                                                                                           00000000770e196b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 3                                                                                                        00000000770e1977 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]

---- Threads - GMER 2.1 ----

Thread   C:\windows\system32\csrss.exe [748:772]                                                                                                                                                                               fffff960007675e8
---- Processes - GMER 2.1 ----

Library  C:\Program Files\WindowsApps\Microsoft.SkypeApp_1.9.0.2016_x86__kzf8qxf38zg5c\LibWrap.dll (*** suspicious ***) @ C:\windows\syswow64\wwahost.exe [4704] (Microsoft Skype/Microsoft Corporation)(2014-02-02 21:03:11)  000000005dd00000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                                                                                 unknown MBR code
Disk     \Device\Harddisk0\DR0                                                                                                                                                                                                 sector 0: rootkit-like behavior

---- EOF - GMER 2.1 ----
         

Alt 17.10.2014, 00:35   #2
Bootsektor
/// TB-Ausbilder
 
Windows 8: langsames Internet und Umleitungen auf Werbeseiten - Standard

Windows 8: langsames Internet und Umleitungen auf Werbeseiten





Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:
  • Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
  • Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
  • Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Welche Seiten sind das jeweils?

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 17.10.2014, 13:23   #3
Don_Helios
 
Windows 8: langsames Internet und Umleitungen auf Werbeseiten - Standard

Windows 8: langsames Internet und Umleitungen auf Werbeseiten



Vielen Dank für die Hilfe!

Hier ist das Ergebnis des Scans...

Code:
ATTFilter
13:14:13.0667 0x0d24  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
13:14:13.0667 0x0d24  UEFI system
13:14:13.0714 0x0d24  ============================================================
13:14:13.0714 0x0d24  Current date / time: 2014/10/17 13:14:13.0714
13:14:13.0714 0x0d24  SystemInfo:
13:14:13.0714 0x0d24  
13:14:13.0714 0x0d24  OS Version: 6.2.9200 ServicePack: 0.0
13:14:13.0714 0x0d24  Product type: Workstation
13:14:13.0714 0x0d24  ComputerName: ELIAS-PC
13:14:13.0714 0x0d24  UserName: Elias
13:14:13.0714 0x0d24  Windows directory: C:\windows
13:14:13.0714 0x0d24  System windows directory: C:\windows
13:14:13.0714 0x0d24  Running under WOW64
13:14:13.0714 0x0d24  Processor architecture: Intel x64
13:14:13.0714 0x0d24  Number of processors: 4
13:14:13.0714 0x0d24  Page size: 0x1000
13:14:13.0714 0x0d24  Boot type: Normal boot
13:14:13.0714 0x0d24  ============================================================
13:14:13.0714 0x0d24  BG loaded
13:14:13.0807 0x0d24  System UUID: {D8B20880-A826-136F-A4B7-110A8B966F26}
13:14:14.0370 0x0d24  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:14:14.0386 0x0d24  ============================================================
13:14:14.0386 0x0d24  \Device\Harddisk0\DR0:
13:14:14.0386 0x0d24  GPT partitions:
13:14:14.0386 0x0d24  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {118EA028-1713-43C0-909C-37C4E9E17B62}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
13:14:14.0386 0x0d24  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {14AC08E6-8D77-4270-80B7-27F9676D7685}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
13:14:14.0386 0x0d24  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {11BD816E-0D91-424D-AC43-6C9107922E53}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
13:14:14.0386 0x0d24  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {15F4A025-5EF9-49D1-8C93-8EE5F0688354}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x370FA801
13:14:14.0386 0x0d24  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3F8CDA94-01D3-48DB-AD67-9852013F4EAC}, Name: Basic data partition, StartLBA 0x372CB001, BlocksNum 0x2EBB000
13:14:14.0386 0x0d24  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F98CC789-F9B9-40F0-4173-636C65706975}, Name: Basic data partition, StartLBA 0x3A186001, BlocksNum 0x200000
13:14:14.0386 0x0d24  MBR partitions:
13:14:14.0386 0x0d24  ============================================================
13:14:14.0495 0x0d24  C: <-> \Device\Harddisk0\DR0\Partition4
13:14:14.0495 0x0d24  ============================================================
13:14:14.0495 0x0d24  Initialize success
13:14:14.0495 0x0d24  ============================================================
13:16:34.0383 0x0b34  ============================================================
13:16:34.0383 0x0b34  Scan started
13:16:34.0383 0x0b34  Mode: Manual; SigCheck; TDLFS; 
13:16:34.0383 0x0b34  ============================================================
13:16:34.0383 0x0b34  KSN ping started
13:16:36.0711 0x0b34  KSN ping finished: true
13:16:38.0977 0x0b34  ================ Scan system memory ========================
13:16:38.0977 0x0b34  System memory - ok
13:16:38.0977 0x0b34  ================ Scan services =============================
13:16:39.0305 0x0b34  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
13:16:39.0399 0x0b34  1394ohci - ok
13:16:39.0430 0x0b34  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\windows\system32\drivers\3ware.sys
13:16:39.0430 0x0b34  3ware - ok
13:16:39.0477 0x0b34  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\windows\system32\drivers\ACPI.sys
13:16:39.0492 0x0b34  ACPI - ok
13:16:39.0524 0x0b34  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\windows\system32\Drivers\acpiex.sys
13:16:39.0524 0x0b34  acpiex - ok
13:16:39.0539 0x0b34  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
13:16:39.0555 0x0b34  acpipagr - ok
13:16:39.0586 0x0b34  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
13:16:39.0633 0x0b34  AcpiPmi - ok
13:16:39.0633 0x0b34  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\windows\System32\drivers\acpitime.sys
13:16:39.0664 0x0b34  acpitime - ok
13:16:39.0696 0x0b34  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
13:16:39.0711 0x0b34  adp94xx - ok
13:16:39.0742 0x0b34  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\windows\system32\drivers\adpahci.sys
13:16:39.0758 0x0b34  adpahci - ok
13:16:39.0789 0x0b34  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\windows\system32\drivers\adpu320.sys
13:16:39.0805 0x0b34  adpu320 - ok
13:16:39.0836 0x0b34  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
13:16:39.0914 0x0b34  AeLookupSvc - ok
13:16:39.0946 0x0b34  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD             C:\windows\system32\drivers\afd.sys
13:16:40.0024 0x0b34  AFD - ok
13:16:40.0055 0x0b34  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\windows\system32\drivers\agp440.sys
13:16:40.0071 0x0b34  agp440 - ok
13:16:40.0086 0x0b34  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\windows\System32\alg.exe
13:16:40.0211 0x0b34  ALG - ok
13:16:40.0242 0x0b34  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
13:16:40.0289 0x0b34  AllUserInstallAgent - ok
13:16:40.0321 0x0b34  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\windows\System32\drivers\amdk8.sys
13:16:40.0414 0x0b34  AmdK8 - ok
13:16:40.0430 0x0b34  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
13:16:40.0461 0x0b34  AmdPPM - ok
13:16:40.0492 0x0b34  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\windows\system32\drivers\amdsata.sys
13:16:40.0492 0x0b34  amdsata - ok
13:16:40.0539 0x0b34  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
13:16:40.0555 0x0b34  amdsbs - ok
13:16:40.0571 0x0b34  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\windows\system32\drivers\amdxata.sys
13:16:40.0586 0x0b34  amdxata - ok
13:16:40.0602 0x0b34  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\windows\system32\drivers\appid.sys
13:16:40.0664 0x0b34  AppID - ok
13:16:40.0696 0x0b34  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\windows\System32\appidsvc.dll
13:16:40.0727 0x0b34  AppIDSvc - ok
13:16:40.0758 0x0b34  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\windows\System32\appinfo.dll
13:16:40.0852 0x0b34  Appinfo - ok
13:16:40.0883 0x0b34  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\windows\system32\drivers\arc.sys
13:16:40.0899 0x0b34  arc - ok
13:16:40.0914 0x0b34  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\windows\system32\drivers\arcsas.sys
13:16:40.0930 0x0b34  arcsas - ok
13:16:40.0930 0x0b34  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
13:16:40.0977 0x0b34  AsyncMac - ok
13:16:40.0993 0x0b34  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\windows\system32\drivers\atapi.sys
13:16:40.0993 0x0b34  atapi - ok
13:16:41.0024 0x0b34  [ 4885C14A6AB6969B5773A42DA0BA3DA4, E317E1E299543FBD9853C71E1CF8019343B6234B9AAF56ABF48C41BB7743490B ] AthBTPort       C:\windows\system32\DRIVERS\btath_flt.sys
13:16:41.0039 0x0b34  AthBTPort - ok
13:16:41.0164 0x0b34  [ 7CA5397A47843B0BD36898F32F2D403B, 40BACD955FDF2E469AA20910203CEB97B7C7D94C04E15723D99ED2C577AD14CF ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
13:16:41.0164 0x0b34  AtherosSvc - ok
13:16:41.0414 0x0b34  [ F17ABC4AA1FE4989E812858261414FE5, 6C24F7F498AB7D02DF35E1FD7621C29E81BD4C774F37AAC04A49B35A930775A2 ] athr            C:\windows\system32\DRIVERS\athw8x.sys
13:16:41.0633 0x0b34  athr - ok
13:16:41.0680 0x0b34  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
13:16:41.0789 0x0b34  AudioEndpointBuilder - ok
13:16:41.0821 0x0b34  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\windows\System32\Audiosrv.dll
13:16:41.0868 0x0b34  Audiosrv - ok
13:16:41.0946 0x0b34  [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
13:16:41.0961 0x0b34  AVP - ok
13:16:41.0993 0x0b34  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\windows\System32\AxInstSV.dll
13:16:42.0102 0x0b34  AxInstSV - ok
13:16:42.0196 0x0b34  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
13:16:42.0211 0x0b34  b06bdrv - ok
13:16:42.0243 0x0b34  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
13:16:42.0305 0x0b34  BasicDisplay - ok
13:16:42.0336 0x0b34  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
13:16:42.0383 0x0b34  BasicRender - ok
13:16:42.0414 0x0b34  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\windows\System32\bdesvc.dll
13:16:42.0493 0x0b34  BDESVC - ok
13:16:42.0508 0x0b34  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\windows\system32\drivers\Beep.sys
13:16:42.0571 0x0b34  Beep - ok
13:16:42.0618 0x0b34  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\windows\System32\bfe.dll
13:16:42.0727 0x0b34  BFE - ok
13:16:42.0774 0x0b34  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\windows\System32\qmgr.dll
13:16:42.0883 0x0b34  BITS - ok
13:16:42.0915 0x0b34  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
13:16:42.0977 0x0b34  bowser - ok
13:16:43.0008 0x0b34  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
13:16:43.0055 0x0b34  BrokerInfrastructure - ok
13:16:43.0086 0x0b34  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\windows\System32\browser.dll
13:16:43.0165 0x0b34  Browser - ok
13:16:43.0196 0x0b34  [ 942F3F6286056D6BBB5B02ED2B7088BD, 9F187C480BD40815ECFFC208BD1B00ACDFAD16899B4C8BE79C803FE48E322EA0 ] BTATH_A2DP      C:\windows\system32\drivers\btath_a2dp.sys
13:16:43.0211 0x0b34  BTATH_A2DP - ok
13:16:43.0227 0x0b34  [ 43C965027229D9FF6E52E4C71C03B09E, AF0E39EAD8B17A65F885272BEF12BF91578289C183FB39BB803183BE0E5547D1 ] btath_avdt      C:\windows\system32\drivers\btath_avdt.sys
13:16:43.0227 0x0b34  btath_avdt - ok
13:16:43.0258 0x0b34  [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9 ] BTATH_BUS       C:\windows\System32\drivers\btath_bus.sys
13:16:43.0258 0x0b34  BTATH_BUS - ok
13:16:43.0290 0x0b34  [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F ] BTATH_HCRP      C:\windows\System32\drivers\btath_hcrp.sys
13:16:43.0321 0x0b34  BTATH_HCRP - ok
13:16:43.0399 0x0b34  [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A ] BTATH_LWFLT     C:\windows\system32\DRIVERS\btath_lwflt.sys
13:16:43.0415 0x0b34  BTATH_LWFLT - ok
13:16:43.0430 0x0b34  [ EC7BB341229E9E6B04349580F55218B2, 4227CE6787DD1432EB054B1EE85C399188A61B23E2E8B0B615DA101C4AABD6C0 ] BTATH_RCP       C:\windows\System32\drivers\btath_rcp.sys
13:16:43.0446 0x0b34  BTATH_RCP - ok
13:16:43.0477 0x0b34  [ CBF4EF7E9FE86CE0CAB0A6472DE34A1C, 7E4B410E1BC0BBC3B7CECF4B7396070E3FFB99D73CF185CBF38E65A79DDBB780 ] BtFilter        C:\windows\system32\DRIVERS\btfilter.sys
13:16:43.0555 0x0b34  BtFilter - ok
13:16:43.0586 0x0b34  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
13:16:43.0649 0x0b34  BthAvrcpTg - ok
13:16:43.0665 0x0b34  [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
13:16:43.0758 0x0b34  BthEnum - ok
13:16:43.0790 0x0b34  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
13:16:43.0868 0x0b34  BthHFEnum - ok
13:16:43.0915 0x0b34  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
13:16:43.0977 0x0b34  bthhfhid - ok
13:16:44.0024 0x0b34  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum       C:\windows\system32\DRIVERS\BthLEEnum.sys
13:16:44.0055 0x0b34  BthLEEnum - ok
13:16:44.0071 0x0b34  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
13:16:44.0102 0x0b34  BTHMODEM - ok
13:16:44.0149 0x0b34  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
13:16:44.0196 0x0b34  BthPan - ok
13:16:44.0243 0x0b34  [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
13:16:44.0305 0x0b34  BTHPORT - ok
13:16:44.0321 0x0b34  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\windows\system32\bthserv.dll
13:16:44.0352 0x0b34  bthserv - ok
13:16:44.0383 0x0b34  [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
13:16:44.0383 0x0b34  BTHUSB - ok
13:16:44.0415 0x0b34  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
13:16:44.0524 0x0b34  cdfs - ok
13:16:44.0540 0x0b34  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\windows\System32\drivers\cdrom.sys
13:16:44.0618 0x0b34  cdrom - ok
13:16:44.0633 0x0b34  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\windows\System32\certprop.dll
13:16:44.0665 0x0b34  CertPropSvc - ok
13:16:44.0680 0x0b34  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\windows\System32\drivers\circlass.sys
13:16:44.0727 0x0b34  circlass - ok
13:16:44.0758 0x0b34  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\windows\system32\drivers\CLFS.sys
13:16:44.0774 0x0b34  CLFS - ok
13:16:45.0118 0x0b34  [ EDAD3D6932E4CB7D92F19FEE0238C29D, 8AE3F923CDBBF08ABB401B53D7E743DBD91C64E28AB7A17D7BAB1EF585A8FE4F ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
13:16:45.0180 0x0b34  ClickToRunSvc - ok
13:16:45.0227 0x0b34  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\windows\system32\DRIVERS\CLVirtualDrive.sys
13:16:45.0290 0x0b34  CLVirtualDrive - ok
13:16:45.0321 0x0b34  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
13:16:45.0368 0x0b34  CmBatt - ok
13:16:45.0415 0x0b34  [ DBF9E5346431557BF56F41E7F8EC0DC1, D5FA34C873DA9BE40301D53198355556506AB5145B78B14D0AA88570A0058589 ] CNG             C:\windows\system32\Drivers\cng.sys
13:16:45.0430 0x0b34  CNG - ok
13:16:45.0477 0x0b34  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
13:16:45.0493 0x0b34  CompositeBus - ok
13:16:45.0508 0x0b34  COMSysApp - ok
13:16:45.0524 0x0b34  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\windows\system32\drivers\condrv.sys
13:16:45.0571 0x0b34  condrv - ok
13:16:45.0743 0x0b34  [ C6D620A69098AB17EBD5C0CAADA1D7DC, 26E52579F2CB12121F927039E9068AA0515803653BEE1101C3FCF4DF696C19C2 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
13:16:45.0758 0x0b34  cphs - ok
13:16:45.0790 0x0b34  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\windows\system32\cryptsvc.dll
13:16:45.0868 0x0b34  CryptSvc - ok
13:16:45.0899 0x0b34  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\windows\system32\drivers\dam.sys
13:16:45.0915 0x0b34  dam - ok
13:16:45.0962 0x0b34  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\windows\system32\rpcss.dll
13:16:46.0071 0x0b34  DcomLaunch - ok
13:16:46.0118 0x0b34  [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc       C:\windows\System32\defragsvc.dll
13:16:46.0258 0x0b34  defragsvc - ok
13:16:46.0290 0x0b34  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\windows\system32\das.dll
13:16:46.0368 0x0b34  DeviceAssociationService - ok
13:16:46.0415 0x0b34  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
13:16:46.0446 0x0b34  DeviceInstall - ok
13:16:46.0477 0x0b34  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
13:16:46.0555 0x0b34  Dfsc - ok
13:16:46.0665 0x0b34  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\windows\system32\dhcpcore.dll
13:16:46.0743 0x0b34  Dhcp - ok
13:16:46.0790 0x0b34  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\windows\system32\drivers\discache.sys
13:16:46.0805 0x0b34  discache - ok
13:16:46.0821 0x0b34  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\windows\system32\drivers\disk.sys
13:16:46.0837 0x0b34  disk - ok
13:16:46.0837 0x0b34  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
13:16:46.0899 0x0b34  dmvsc - ok
13:16:46.0930 0x0b34  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\windows\System32\dnsrslvr.dll
13:16:47.0024 0x0b34  Dnscache - ok
13:16:47.0055 0x0b34  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\windows\System32\dot3svc.dll
13:16:47.0087 0x0b34  dot3svc - ok
13:16:47.0118 0x0b34  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\windows\system32\dps.dll
13:16:47.0133 0x0b34  DPS - ok
13:16:47.0165 0x0b34  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
13:16:47.0259 0x0b34  drmkaud - ok
13:16:47.0290 0x0b34  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
13:16:47.0337 0x0b34  DsmSvc - ok
13:16:47.0399 0x0b34  [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
13:16:47.0477 0x0b34  DXGKrnl - ok
13:16:47.0509 0x0b34  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\windows\System32\eapsvc.dll
13:16:47.0555 0x0b34  Eaphost - ok
13:16:47.0852 0x0b34  [ 843E8B2127D7283845E29E6176C15887, F755EB9B8DEAE9B5E90D7729A3A9B3B74B3D1B6A2775BDC82624F4D80D0DCCD3 ] Easy Launcher   C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
13:16:47.0884 0x0b34  Easy Launcher - ok
13:16:48.0165 0x0b34  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\windows\system32\drivers\evbda.sys
13:16:48.0321 0x0b34  ebdrv - ok
13:16:48.0337 0x0b34  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS             C:\windows\System32\lsass.exe
13:16:48.0446 0x0b34  EFS - ok
13:16:48.0477 0x0b34  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
13:16:48.0493 0x0b34  EhStorClass - ok
13:16:48.0509 0x0b34  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
13:16:48.0524 0x0b34  EhStorTcgDrv - ok
13:16:48.0540 0x0b34  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\windows\System32\drivers\errdev.sys
13:16:48.0555 0x0b34  ErrDev - ok
13:16:48.0587 0x0b34  [ 6073E00157E6D99FC8D0D0CC8EF61DF9, E30A7F1FD5E15F0705CB382CF7D9A879C56AE58947A7AB81AC3F47DCE2678B04 ] ETD             C:\windows\system32\DRIVERS\ETD.sys
13:16:48.0602 0x0b34  ETD - ok
13:16:48.0649 0x0b34  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\windows\system32\es.dll
13:16:48.0712 0x0b34  EventSystem - ok
13:16:48.0759 0x0b34  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\windows\system32\drivers\exfat.sys
13:16:48.0805 0x0b34  exfat - ok
13:16:48.0821 0x0b34  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\windows\system32\drivers\fastfat.sys
13:16:48.0852 0x0b34  fastfat - ok
13:16:48.0899 0x0b34  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\windows\system32\fxssvc.exe
13:16:48.0962 0x0b34  Fax - ok
13:16:48.0993 0x0b34  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\windows\System32\drivers\fdc.sys
13:16:49.0024 0x0b34  fdc - ok
13:16:49.0055 0x0b34  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\windows\system32\fdPHost.dll
13:16:49.0087 0x0b34  fdPHost - ok
13:16:49.0102 0x0b34  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\windows\system32\fdrespub.dll
13:16:49.0134 0x0b34  FDResPub - ok
13:16:49.0165 0x0b34  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\windows\system32\fhsvc.dll
13:16:49.0227 0x0b34  fhsvc - ok
13:16:49.0243 0x0b34  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
13:16:49.0259 0x0b34  FileInfo - ok
13:16:49.0274 0x0b34  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
13:16:49.0305 0x0b34  Filetrace - ok
13:16:49.0321 0x0b34  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
13:16:49.0337 0x0b34  flpydisk - ok
13:16:49.0368 0x0b34  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
13:16:49.0384 0x0b34  FltMgr - ok
13:16:49.0524 0x0b34  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\windows\system32\FntCache.dll
13:16:49.0634 0x0b34  FontCache - ok
13:16:49.0712 0x0b34  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:16:49.0727 0x0b34  FontCache3.0.0.0 - ok
13:16:49.0759 0x0b34  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
13:16:49.0774 0x0b34  FsDepends - ok
13:16:49.0806 0x0b34  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
13:16:49.0806 0x0b34  Fs_Rec - ok
13:16:49.0852 0x0b34  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
13:16:49.0868 0x0b34  fvevol - ok
13:16:49.0899 0x0b34  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
13:16:49.0931 0x0b34  FxPPM - ok
13:16:49.0962 0x0b34  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
13:16:49.0962 0x0b34  gagp30kx - ok
13:16:49.0993 0x0b34  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
13:16:50.0009 0x0b34  gencounter - ok
13:16:50.0024 0x0b34  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
13:16:50.0040 0x0b34  GPIOClx0101 - ok
13:16:50.0102 0x0b34  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\windows\System32\gpsvc.dll
13:16:50.0165 0x0b34  gpsvc - ok
13:16:50.0212 0x0b34  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:16:50.0227 0x0b34  gupdate - ok
13:16:50.0243 0x0b34  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:16:50.0259 0x0b34  gupdatem - ok
13:16:50.0290 0x0b34  [ 4373CB2FFCF35EAAA853DB2FE45A40DC, 3FCF6A53AF63722FAAD6ABC94DA093EBD766B0728CD0E64EAB1BEC369CC998C9 ] Hamachi         C:\windows\system32\DRIVERS\Hamdrv.sys
13:16:50.0306 0x0b34  Hamachi - ok
13:16:50.0368 0x0b34  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
13:16:50.0431 0x0b34  HdAudAddService - ok
13:16:50.0462 0x0b34  [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
13:16:50.0509 0x0b34  HDAudBus - ok
13:16:50.0540 0x0b34  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
13:16:50.0556 0x0b34  HidBatt - ok
13:16:50.0587 0x0b34  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\windows\System32\drivers\hidbth.sys
13:16:50.0649 0x0b34  HidBth - ok
13:16:50.0665 0x0b34  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
13:16:50.0774 0x0b34  hidi2c - ok
13:16:50.0790 0x0b34  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\windows\System32\drivers\hidir.sys
13:16:50.0821 0x0b34  HidIr - ok
13:16:50.0852 0x0b34  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\windows\System32\hidserv.dll
13:16:50.0962 0x0b34  hidserv - ok
13:16:50.0977 0x0b34  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\windows\System32\drivers\hidusb.sys
13:16:51.0118 0x0b34  HidUsb - ok
13:16:51.0134 0x0b34  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\windows\system32\kmsvc.dll
13:16:51.0165 0x0b34  hkmsvc - ok
13:16:51.0212 0x0b34  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:16:51.0259 0x0b34  HomeGroupListener - ok
13:16:51.0290 0x0b34  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:16:51.0368 0x0b34  HomeGroupProvider - ok
13:16:51.0399 0x0b34  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
13:16:51.0415 0x0b34  HpSAMD - ok
13:16:51.0446 0x0b34  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\windows\system32\drivers\HTTP.sys
13:16:51.0524 0x0b34  HTTP - ok
13:16:51.0540 0x0b34  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
13:16:51.0556 0x0b34  hwpolicy - ok
13:16:51.0571 0x0b34  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
13:16:51.0587 0x0b34  hyperkbd - ok
13:16:51.0603 0x0b34  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
13:16:51.0618 0x0b34  HyperVideo - ok
13:16:51.0649 0x0b34  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
13:16:51.0712 0x0b34  i8042prt - ok
13:16:51.0743 0x0b34  [ 050F2539E14F9D5E90A4B61738EC29BD, 0E65468B9F452FA7DB6DF2C1B2B2E9439C79031E27054FBDBDFE28A9F98721D7 ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
13:16:51.0759 0x0b34  iaStorA - ok
13:16:51.0790 0x0b34  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
13:16:51.0821 0x0b34  iaStorV - ok
13:16:51.0915 0x0b34  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:16:51.0931 0x0b34  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
13:16:54.0368 0x0b34  Detect skipped due to KSN trusted
13:16:54.0368 0x0b34  IDriverT - ok
13:16:55.0638 0x0b34  [ 11A31FC2481BFE69B0507ED8C80215F4, 8A1E90611F749E8F04B6D86E835E981CAC16D0841305CADB19E58682DA006698 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
13:16:56.0090 0x0b34  igfx - ok
13:16:56.0147 0x0b34  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
13:16:56.0180 0x0b34  iirsp - ok
13:16:56.0547 0x0b34  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\windows\System32\ikeext.dll
13:16:56.0655 0x0b34  IKEEXT - ok
13:16:57.0590 0x0b34  [ 8524178B895E4BC04776B319DA3A70EC, A635EADF6E8BD985B730F2737E8DA36AC71E8FEB759787ECB24D955176622AD2 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
13:16:57.0754 0x0b34  IntcAzAudAddService - ok
13:16:57.0841 0x0b34  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
13:16:57.0896 0x0b34  IntcDAud - ok
13:16:58.0122 0x0b34  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:16:58.0141 0x0b34  Intel(R) Capability Licensing Service Interface - ok
13:16:58.0303 0x0b34  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:16:58.0310 0x0b34  Intel(R) ME Service - ok
13:16:58.0337 0x0b34  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\windows\system32\drivers\intelide.sys
13:16:58.0369 0x0b34  intelide - ok
13:16:58.0395 0x0b34  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\windows\System32\drivers\intelppm.sys
13:16:58.0483 0x0b34  intelppm - ok
13:16:58.0519 0x0b34  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
13:16:58.0580 0x0b34  IpFilterDriver - ok
13:16:58.0734 0x0b34  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
13:16:58.0787 0x0b34  iphlpsvc - ok
13:16:58.0826 0x0b34  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
13:16:58.0890 0x0b34  IPMIDRV - ok
13:16:58.0927 0x0b34  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
13:16:58.0951 0x0b34  IPNAT - ok
13:16:58.0962 0x0b34  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\windows\system32\drivers\irenum.sys
13:16:59.0009 0x0b34  IRENUM - ok
13:16:59.0026 0x0b34  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\windows\system32\drivers\isapnp.sys
13:16:59.0034 0x0b34  isapnp - ok
13:16:59.0068 0x0b34  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
13:16:59.0083 0x0b34  iScsiPrt - ok
13:16:59.0178 0x0b34  [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
13:16:59.0201 0x0b34  iumsvc - ok
13:16:59.0266 0x0b34  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:16:59.0273 0x0b34  jhi_service - ok
13:16:59.0313 0x0b34  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
13:16:59.0334 0x0b34  kbdclass - ok
13:16:59.0370 0x0b34  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
13:16:59.0397 0x0b34  kbdhid - ok
13:16:59.0414 0x0b34  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
13:16:59.0473 0x0b34  kdnic - ok
13:16:59.0485 0x0b34  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\windows\system32\lsass.exe
13:16:59.0494 0x0b34  KeyIso - ok
13:16:59.0590 0x0b34  [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1             C:\windows\system32\DRIVERS\kl1.sys
13:16:59.0607 0x0b34  kl1 - ok
13:16:59.0653 0x0b34  [ 2248A9F2B7704271C72E306001C7FBE0, FEC8E10F4FAB332E36C1C5801396174B4CE21186431A2A234CE49695C4674ACA ] klelam          C:\windows\system32\DRIVERS\klelam.sys
13:16:59.0682 0x0b34  klelam - ok
13:16:59.0734 0x0b34  [ BC996B5D96CB7463268DE67E2D99F496, F2763242B69B1290FCAF54B6353BC1469C47D774724249D4CB9BFEC100890970 ] klflt           C:\windows\system32\DRIVERS\klflt.sys
13:16:59.0749 0x0b34  klflt - ok
13:16:59.0780 0x0b34  [ E8D6C80D4E11383CEE269F9C27E6464C, 5E9EAD64AE221AE8BF87730A7FDDF8023805184D12A058A147ECD887FA3D3012 ] KLIF            C:\windows\system32\DRIVERS\klif.sys
13:16:59.0796 0x0b34  KLIF - ok
13:16:59.0827 0x0b34  [ B6822DEFE601629F19E0A2D7F0D623F2, FD71A2AA3FC4698B5436D185E2F2A3EB6A111AE8F35606E1658E2D18CE744F13 ] KLIM6           C:\windows\system32\DRIVERS\klim6.sys
13:16:59.0843 0x0b34  KLIM6 - ok
13:16:59.0874 0x0b34  [ B45DEC5BD71885E833DF3D837CE7C606, 8A81802122EE6BD791E36F9F27D921C9BC4D5B6604C0A79F9F1D806AD44B9869 ] klkbdflt        C:\windows\system32\DRIVERS\klkbdflt.sys
13:16:59.0874 0x0b34  klkbdflt - ok
13:16:59.0890 0x0b34  [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt        C:\windows\system32\DRIVERS\klmouflt.sys
13:16:59.0890 0x0b34  klmouflt - ok
13:16:59.0906 0x0b34  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\windows\system32\DRIVERS\klpd.sys
13:16:59.0906 0x0b34  klpd - ok
13:16:59.0952 0x0b34  [ EAAF7E0936CC5474F433B684A2C68CF2, 5E5E5D324000F2209C7E32DC965FBD822850B4E1351887A93B50FB79844BF781 ] klwfp           C:\windows\system32\DRIVERS\klwfp.sys
13:16:59.0952 0x0b34  klwfp - ok
13:16:59.0968 0x0b34  [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps           C:\windows\system32\DRIVERS\kneps.sys
13:16:59.0968 0x0b34  kneps - ok
13:17:00.0015 0x0b34  [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
13:17:00.0015 0x0b34  KSecDD - ok
13:17:00.0031 0x0b34  [ 3DD9C86EA88E8B5A51904AD87E1F2E78, F9EC9A571212117C01934CD29057EB1B3FA095F670294244AF7D9387D3F6E555 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
13:17:00.0077 0x0b34  KSecPkg - ok
13:17:00.0109 0x0b34  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
13:17:00.0140 0x0b34  ksthunk - ok
13:17:00.0218 0x0b34  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\windows\system32\msdtckrm.dll
13:17:00.0406 0x0b34  KtmRm - ok
13:17:00.0531 0x0b34  [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer    C:\windows\System32\srvsvc.dll
13:17:00.0671 0x0b34  LanmanServer - ok
13:17:00.0702 0x0b34  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:17:00.0718 0x0b34  LanmanWorkstation - ok
13:17:00.0765 0x0b34  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
13:17:00.0827 0x0b34  lltdio - ok
13:17:00.0859 0x0b34  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\windows\System32\lltdsvc.dll
13:17:00.0890 0x0b34  lltdsvc - ok
13:17:00.0906 0x0b34  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\windows\System32\lmhsvc.dll
13:17:00.0968 0x0b34  lmhosts - ok
13:17:00.0999 0x0b34  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:17:01.0015 0x0b34  LMS - ok
13:17:01.0046 0x0b34  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
13:17:01.0062 0x0b34  LSI_SAS - ok
13:17:01.0077 0x0b34  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
13:17:01.0093 0x0b34  LSI_SAS2 - ok
13:17:01.0109 0x0b34  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
13:17:01.0109 0x0b34  LSI_SCSI - ok
13:17:01.0140 0x0b34  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
13:17:01.0140 0x0b34  LSI_SSS - ok
13:17:01.0187 0x0b34  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM             C:\windows\System32\lsm.dll
13:17:01.0265 0x0b34  LSM - ok
13:17:01.0296 0x0b34  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\windows\system32\drivers\luafv.sys
13:17:01.0327 0x0b34  luafv - ok
13:17:01.0343 0x0b34  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\windows\system32\drivers\megasas.sys
13:17:01.0359 0x0b34  megasas - ok
13:17:01.0374 0x0b34  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
13:17:01.0390 0x0b34  MegaSR - ok
13:17:01.0421 0x0b34  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\windows\System32\drivers\HECIx64.sys
13:17:01.0421 0x0b34  MEIx64 - ok
13:17:01.0437 0x0b34  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\windows\system32\mmcss.dll
13:17:01.0484 0x0b34  MMCSS - ok
13:17:01.0499 0x0b34  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\windows\system32\drivers\modem.sys
13:17:01.0531 0x0b34  Modem - ok
13:17:01.0562 0x0b34  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\windows\System32\drivers\monitor.sys
13:17:01.0593 0x0b34  monitor - ok
13:17:01.0624 0x0b34  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\windows\System32\drivers\mouclass.sys
13:17:01.0624 0x0b34  mouclass - ok
13:17:01.0656 0x0b34  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\windows\System32\drivers\mouhid.sys
13:17:01.0703 0x0b34  mouhid - ok
13:17:01.0734 0x0b34  [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
13:17:01.0734 0x0b34  mountmgr - ok
13:17:01.0765 0x0b34  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
13:17:01.0827 0x0b34  mpsdrv - ok
13:17:01.0890 0x0b34  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\windows\system32\mpssvc.dll
13:17:01.0906 0x0b34  MpsSvc - ok
13:17:01.0952 0x0b34  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
13:17:02.0046 0x0b34  MRxDAV - ok
13:17:02.0109 0x0b34  [ 14EE56050E1637926F5CFA65B1F4209B, C654280B4BB461898B43DF350B5BB76C2FDEBD6B49A19D08B2F28D92E2FA3D0D ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
13:17:02.0171 0x0b34  mrxsmb - ok
13:17:02.0234 0x0b34  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
13:17:02.0249 0x0b34  mrxsmb10 - ok
13:17:02.0296 0x0b34  [ 0AA400AB21745F1153ECE75E0186509A, E26696A00008BB8D88ABED6F379FFFAE21ACE9AA7108D9E89A7D99CAF2F23FEF ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
13:17:02.0640 0x0b34  mrxsmb20 - ok
13:17:02.0671 0x0b34  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
13:17:02.0718 0x0b34  MsBridge - ok
13:17:02.0734 0x0b34  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\windows\System32\msdtc.exe
13:17:02.0781 0x0b34  MSDTC - ok
13:17:02.0812 0x0b34  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\windows\system32\drivers\Msfs.sys
13:17:02.0828 0x0b34  Msfs - ok
13:17:02.0859 0x0b34  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
13:17:02.0859 0x0b34  msgpiowin32 - ok
13:17:02.0874 0x0b34  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
13:17:02.0890 0x0b34  mshidkmdf - ok
13:17:02.0890 0x0b34  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
13:17:02.0921 0x0b34  mshidumdf - ok
13:17:02.0937 0x0b34  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
13:17:02.0953 0x0b34  msisadrv - ok
13:17:02.0968 0x0b34  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\windows\system32\iscsiexe.dll
13:17:02.0984 0x0b34  MSiSCSI - ok
13:17:02.0984 0x0b34  msiserver - ok
13:17:03.0015 0x0b34  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
13:17:03.0046 0x0b34  MSKSSRV - ok
13:17:03.0046 0x0b34  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
13:17:03.0062 0x0b34  MsLldp - ok
13:17:03.0078 0x0b34  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
13:17:03.0109 0x0b34  MSPCLOCK - ok
13:17:03.0124 0x0b34  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
13:17:03.0156 0x0b34  MSPQM - ok
13:17:03.0203 0x0b34  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
13:17:03.0218 0x0b34  MsRPC - ok
13:17:03.0234 0x0b34  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
13:17:03.0234 0x0b34  mssmbios - ok
13:17:03.0249 0x0b34  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
13:17:03.0296 0x0b34  MSTEE - ok
13:17:03.0312 0x0b34  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
13:17:03.0328 0x0b34  MTConfig - ok
13:17:03.0359 0x0b34  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\windows\system32\Drivers\mup.sys
13:17:03.0359 0x0b34  Mup - ok
13:17:03.0390 0x0b34  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\windows\system32\drivers\mvumis.sys
13:17:03.0390 0x0b34  mvumis - ok
13:17:03.0437 0x0b34  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\windows\system32\qagentRT.dll
13:17:03.0468 0x0b34  napagent - ok
13:17:03.0499 0x0b34  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
13:17:03.0546 0x0b34  NativeWifiP - ok
13:17:03.0562 0x0b34  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\windows\System32\ncasvc.dll
13:17:03.0593 0x0b34  NcaSvc - ok
13:17:03.0609 0x0b34  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
13:17:03.0671 0x0b34  NcdAutoSetup - ok
13:17:03.0718 0x0b34  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\windows\system32\drivers\ndis.sys
13:17:03.0765 0x0b34  NDIS - ok
13:17:03.0796 0x0b34  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
13:17:03.0828 0x0b34  NdisCap - ok
13:17:03.0859 0x0b34  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
13:17:03.0906 0x0b34  NdisImPlatform - ok
13:17:03.0937 0x0b34  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
13:17:04.0015 0x0b34  NdisTapi - ok
13:17:04.0031 0x0b34  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
13:17:04.0062 0x0b34  Ndisuio - ok
13:17:04.0078 0x0b34  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
13:17:04.0109 0x0b34  NdisWan - ok
13:17:04.0140 0x0b34  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
13:17:04.0156 0x0b34  NDISWANLEGACY - ok
13:17:04.0171 0x0b34  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
13:17:04.0203 0x0b34  NDProxy - ok
13:17:04.0218 0x0b34  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\windows\system32\drivers\Ndu.sys
13:17:04.0249 0x0b34  Ndu - ok
13:17:04.0265 0x0b34  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
13:17:04.0296 0x0b34  NetBIOS - ok
13:17:04.0328 0x0b34  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
13:17:04.0359 0x0b34  NetBT - ok
13:17:04.0390 0x0b34  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\windows\system32\lsass.exe
13:17:04.0406 0x0b34  Netlogon - ok
13:17:04.0421 0x0b34  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\windows\System32\netman.dll
13:17:04.0500 0x0b34  Netman - ok
13:17:04.0531 0x0b34  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\windows\System32\netprofmsvc.dll
13:17:04.0625 0x0b34  netprofm - ok
13:17:04.0687 0x0b34  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:17:04.0703 0x0b34  NetTcpPortSharing - ok
13:17:04.0765 0x0b34  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
13:17:04.0796 0x0b34  nfrd960 - ok
13:17:04.0875 0x0b34  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\windows\System32\nlasvc.dll
13:17:04.0968 0x0b34  NlaSvc - ok
13:17:04.0984 0x0b34  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\windows\system32\drivers\Npfs.sys
13:17:05.0000 0x0b34  Npfs - ok
13:17:05.0015 0x0b34  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
13:17:05.0031 0x0b34  npsvctrig - ok
13:17:05.0062 0x0b34  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\windows\system32\nsisvc.dll
13:17:05.0078 0x0b34  nsi - ok
13:17:05.0078 0x0b34  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
13:17:05.0109 0x0b34  nsiproxy - ok
13:17:05.0218 0x0b34  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
13:17:05.0328 0x0b34  Ntfs - ok
13:17:05.0359 0x0b34  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\windows\system32\drivers\Null.sys
13:17:05.0390 0x0b34  Null - ok
13:17:06.0859 0x0b34  [ 5104BAC2DA2A5BDD86AC6B0708B00F06, A02501514F8517CB5A6CFE4352A3D0F864153470015589428A6B14477E791514 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
13:17:07.0328 0x0b34  nvlddmkm - ok
13:17:07.0422 0x0b34  [ 918841B2454F4F2BD94479692079490B, 16667315DE4EB5543E176273362791B157223E775ED1CF285330CC8195E0F1BB ] nvpciflt        C:\windows\system32\DRIVERS\nvpciflt.sys
13:17:07.0422 0x0b34  nvpciflt - ok
13:17:07.0468 0x0b34  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\windows\system32\drivers\nvraid.sys
13:17:07.0484 0x0b34  nvraid - ok
13:17:07.0500 0x0b34  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\windows\system32\drivers\nvstor.sys
13:17:07.0515 0x0b34  nvstor - ok
13:17:07.0704 0x0b34  [ DDFAFCE89A5C93D04712B86F94E9FCBA, 377303D4CAC9E3AD5B58894CF7AECDA4FCD3D721568BE8BACC0A897A0956919A ] nvsvc           C:\windows\system32\nvvsvc.exe
13:17:07.0735 0x0b34  nvsvc - ok
13:17:07.0986 0x0b34  [ 249357999355A998AA94A3673C3367EB, D33A231EB1B09A838446CE7C4A057CF0DE7C1C62639703EB920BA554EB8A4E0B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:17:08.0017 0x0b34  nvUpdatusService - ok
13:17:08.0033 0x0b34  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
13:17:08.0049 0x0b34  nv_agp - ok
13:17:08.0127 0x0b34  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:17:08.0127 0x0b34  ose - ok
13:17:08.0221 0x0b34  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
13:17:08.0314 0x0b34  p2pimsvc - ok
13:17:08.0330 0x0b34  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\windows\system32\p2psvc.dll
13:17:08.0361 0x0b34  p2psvc - ok
13:17:08.0392 0x0b34  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\windows\System32\drivers\parport.sys
13:17:08.0408 0x0b34  Parport - ok
13:17:08.0439 0x0b34  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\windows\system32\drivers\partmgr.sys
13:17:08.0439 0x0b34  partmgr - ok
13:17:08.0471 0x0b34  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\windows\System32\pcasvc.dll
13:17:08.0549 0x0b34  PcaSvc - ok
13:17:08.0580 0x0b34  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\windows\system32\drivers\pci.sys
13:17:08.0596 0x0b34  pci - ok
13:17:08.0611 0x0b34  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\windows\system32\drivers\pciide.sys
13:17:08.0627 0x0b34  pciide - ok
13:17:08.0642 0x0b34  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
13:17:08.0658 0x0b34  pcmcia - ok
13:17:08.0674 0x0b34  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\windows\system32\drivers\pcw.sys
13:17:08.0674 0x0b34  pcw - ok
13:17:08.0705 0x0b34  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\windows\system32\drivers\pdc.sys
13:17:08.0721 0x0b34  pdc - ok
13:17:08.0767 0x0b34  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
13:17:08.0846 0x0b34  PEAUTH - ok
13:17:09.0552 0x0b34  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\windows\SysWow64\perfhost.exe
13:17:09.0568 0x0b34  PerfHost - ok
13:17:09.0786 0x0b34  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\windows\system32\pla.dll
13:17:09.0864 0x0b34  pla - ok
13:17:09.0896 0x0b34  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
13:17:09.0911 0x0b34  PlugPlay - ok
13:17:09.0943 0x0b34  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
13:17:09.0974 0x0b34  PNRPAutoReg - ok
13:17:10.0005 0x0b34  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
13:17:10.0021 0x0b34  PNRPsvc - ok
13:17:10.0052 0x0b34  [ 6F5DDC52A9103CC8E1ED5892C1D15613, 9B0DEB0DF5004BB67AE25C8381607C0B75CA356048296F25C0150E3ED4D0F1EF ] Point64         C:\windows\System32\drivers\point64.sys
13:17:10.0068 0x0b34  Point64 - ok
13:17:10.0099 0x0b34  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
13:17:10.0130 0x0b34  PolicyAgent - ok
13:17:10.0161 0x0b34  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\windows\system32\umpo.dll
13:17:10.0208 0x0b34  Power - ok
13:17:10.0239 0x0b34  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
13:17:10.0271 0x0b34  PptpMiniport - ok
13:17:10.0946 0x0b34  [ EE553F62E81D7F7F3718DB960A1EF2C0, 84A8C79B4F51D606F567A038280007F278D57BE06AB0F060E4D43AC1347AB459 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
13:17:11.0227 0x0b34  PrintNotify - ok
13:17:11.0243 0x0b34  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\windows\System32\drivers\processr.sys
13:17:11.0274 0x0b34  Processor - ok
13:17:11.0305 0x0b34  [ 7319B31138CF508E0C4502946657A4B4, 03C57F90F673012B983720D1477822AABA6D6D54F700AB2248CAED6451B37CA3 ] ProfSvc         C:\windows\system32\profsvc.dll
13:17:11.0383 0x0b34  ProfSvc - ok
13:17:11.0399 0x0b34  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
13:17:11.0415 0x0b34  Psched - ok
13:17:11.0446 0x0b34  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\windows\system32\qwave.dll
13:17:11.0461 0x0b34  QWAVE - ok
13:17:11.0493 0x0b34  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
13:17:11.0508 0x0b34  QWAVEdrv - ok
13:17:11.0540 0x0b34  [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini    C:\windows\System32\drivers\RadioHIDMini.sys
13:17:11.0586 0x0b34  RadioHIDMini - ok
13:17:11.0602 0x0b34  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
13:17:11.0618 0x0b34  RasAcd - ok
13:17:11.0649 0x0b34  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
13:17:11.0665 0x0b34  RasAgileVpn - ok
13:17:11.0696 0x0b34  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\windows\System32\rasauto.dll
13:17:11.0727 0x0b34  RasAuto - ok
13:17:11.0743 0x0b34  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
13:17:11.0790 0x0b34  Rasl2tp - ok
13:17:11.0821 0x0b34  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\windows\System32\rasmans.dll
13:17:11.0852 0x0b34  RasMan - ok
13:17:11.0868 0x0b34  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
13:17:11.0883 0x0b34  RasPppoe - ok
13:17:11.0883 0x0b34  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
13:17:11.0915 0x0b34  RasSstp - ok
13:17:11.0961 0x0b34  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
13:17:12.0104 0x0b34  rdbss - ok
13:17:12.0166 0x0b34  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
13:17:12.0244 0x0b34  rdpbus - ok
13:17:12.0260 0x0b34  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
13:17:12.0323 0x0b34  RDPDR - ok
13:17:12.0354 0x0b34  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
13:17:12.0354 0x0b34  RdpVideoMiniport - ok
13:17:12.0385 0x0b34  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
13:17:12.0401 0x0b34  RDPWD - ok
13:17:12.0432 0x0b34  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
13:17:12.0448 0x0b34  rdyboost - ok
13:17:12.0479 0x0b34  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\windows\System32\mprdim.dll
13:17:12.0494 0x0b34  RemoteAccess - ok
13:17:12.0526 0x0b34  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\windows\system32\regsvc.dll
13:17:12.0557 0x0b34  RemoteRegistry - ok
13:17:12.0588 0x0b34  [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
13:17:12.0619 0x0b34  RFCOMM - ok
13:17:12.0635 0x0b34  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
13:17:12.0729 0x0b34  RpcEptMapper - ok
13:17:12.0744 0x0b34  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\windows\system32\locator.exe
13:17:12.0744 0x0b34  RpcLocator - ok
13:17:12.0791 0x0b34  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\windows\system32\rpcss.dll
13:17:12.0823 0x0b34  RpcSs - ok
13:17:12.0854 0x0b34  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
13:17:12.0885 0x0b34  rspndr - ok
13:17:12.0916 0x0b34  [ 7D9DA8EC6784A9EE213C676709D46BE6, 9861D1EF107F7D1590B89098EAEA7F509C1EF46999C37703F3766BAD733D8AD2 ] RTL8168         C:\windows\system32\DRIVERS\Rt630x64.sys
13:17:12.0932 0x0b34  RTL8168 - ok
13:17:12.0995 0x0b34  [ 4CA0DBA9E224473D664C25E411F5A3BD, 71423A66165782EFB4DB7BE6CE48DDB463D9F65FD0F266D333A6558791D158E5 ] rtport          C:\windows\SysWOW64\drivers\rtport.sys
13:17:12.0995 0x0b34  rtport - ok
13:17:13.0026 0x0b34  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
13:17:13.0057 0x0b34  s3cap - ok
13:17:13.0073 0x0b34  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs           C:\windows\system32\lsass.exe
13:17:13.0088 0x0b34  SamSs - ok
13:17:13.0088 0x0b34  SBIOSIO - ok
13:17:13.0120 0x0b34  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
13:17:13.0135 0x0b34  sbp2port - ok
13:17:13.0166 0x0b34  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\windows\System32\SCardSvr.dll
13:17:13.0198 0x0b34  SCardSvr - ok
13:17:13.0229 0x0b34  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
13:17:13.0260 0x0b34  scfilter - ok
13:17:13.0307 0x0b34  [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule        C:\windows\system32\schedsvc.dll
13:17:13.0401 0x0b34  Schedule - ok
13:17:13.0432 0x0b34  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\windows\System32\certprop.dll
13:17:13.0432 0x0b34  SCPolicySvc - ok
13:17:13.0495 0x0b34  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\windows\System32\drivers\sdbus.sys
13:17:13.0526 0x0b34  sdbus - ok
13:17:13.0541 0x0b34  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\windows\System32\SDRSVC.dll
13:17:13.0604 0x0b34  SDRSVC - ok
13:17:13.0620 0x0b34  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\windows\System32\drivers\sdstor.sys
13:17:13.0620 0x0b34  sdstor - ok
13:17:13.0651 0x0b34  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
13:17:13.0651 0x0b34  secdrv - ok
13:17:13.0682 0x0b34  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\windows\system32\seclogon.dll
13:17:13.0776 0x0b34  seclogon - ok
13:17:13.0807 0x0b34  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\windows\system32\sens.dll
13:17:13.0823 0x0b34  SENS - ok
13:17:13.0870 0x0b34  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\windows\system32\sensrsvc.dll
13:17:13.0932 0x0b34  SensrSvc - ok
13:17:13.0948 0x0b34  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\windows\system32\drivers\SerCx.sys
13:17:13.0963 0x0b34  SerCx - ok
13:17:13.0995 0x0b34  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\windows\System32\drivers\serenum.sys
13:17:13.0995 0x0b34  Serenum - ok
13:17:14.0010 0x0b34  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\windows\System32\drivers\serial.sys
13:17:14.0041 0x0b34  Serial - ok
13:17:14.0057 0x0b34  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\windows\System32\drivers\sermouse.sys
13:17:14.0073 0x0b34  sermouse - ok
13:17:14.0120 0x0b34  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\windows\system32\sessenv.dll
13:17:14.0135 0x0b34  SessionEnv - ok
13:17:14.0151 0x0b34  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
13:17:14.0182 0x0b34  sfloppy - ok
13:17:14.0213 0x0b34  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\windows\System32\ipnathlp.dll
13:17:14.0260 0x0b34  SharedAccess - ok
13:17:14.0307 0x0b34  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:17:14.0416 0x0b34  ShellHWDetection - ok
13:17:14.0432 0x0b34  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
13:17:14.0448 0x0b34  SiSRaid2 - ok
13:17:14.0463 0x0b34  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
13:17:14.0479 0x0b34  SiSRaid4 - ok
13:17:14.0541 0x0b34  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:17:14.0557 0x0b34  SkypeUpdate - ok
13:17:14.0588 0x0b34  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
13:17:14.0620 0x0b34  SNMPTRAP - ok
13:17:14.0651 0x0b34  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\windows\system32\drivers\spaceport.sys
13:17:14.0666 0x0b34  spaceport - ok
13:17:14.0698 0x0b34  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
13:17:14.0729 0x0b34  SpbCx - ok
13:17:14.0760 0x0b34  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\windows\System32\spoolsv.exe
13:17:14.0807 0x0b34  Spooler - ok
13:17:15.0088 0x0b34  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\windows\system32\sppsvc.exe
13:17:15.0245 0x0b34  sppsvc - ok
13:17:15.0276 0x0b34  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\windows\system32\DRIVERS\srv.sys
13:17:15.0323 0x0b34  srv - ok
13:17:15.0370 0x0b34  [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
13:17:15.0448 0x0b34  srv2 - ok
13:17:15.0479 0x0b34  [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
13:17:15.0526 0x0b34  srvnet - ok
13:17:15.0557 0x0b34  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
13:17:15.0573 0x0b34  SSDPSRV - ok
13:17:15.0588 0x0b34  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\windows\system32\sstpsvc.dll
13:17:15.0604 0x0b34  SstpSvc - ok
13:17:15.0776 0x0b34  [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:17:15.0885 0x0b34  Steam Client Service - ok
13:17:15.0920 0x0b34  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\windows\system32\drivers\stexstor.sys
13:17:15.0935 0x0b34  stexstor - ok
13:17:16.0013 0x0b34  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\windows\System32\wiaservc.dll
13:17:16.0185 0x0b34  stisvc - ok
13:17:16.0217 0x0b34  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\windows\system32\drivers\storahci.sys
13:17:16.0232 0x0b34  storahci - ok
13:17:16.0248 0x0b34  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
13:17:16.0263 0x0b34  storflt - ok
13:17:16.0295 0x0b34  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\windows\system32\storsvc.dll
13:17:16.0373 0x0b34  StorSvc - ok
13:17:16.0451 0x0b34  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\windows\system32\drivers\storvsc.sys
13:17:16.0482 0x0b34  storvsc - ok
13:17:16.0498 0x0b34  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\windows\system32\svsvc.dll
13:17:16.0545 0x0b34  svsvc - ok
13:17:16.0560 0x0b34  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\windows\System32\drivers\swenum.sys
13:17:16.0560 0x0b34  swenum - ok
13:17:16.0592 0x0b34  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\windows\System32\swprv.dll
13:17:16.0638 0x0b34  swprv - ok
13:17:16.0857 0x0b34  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\windows\system32\sysmain.dll
13:17:16.0888 0x0b34  SysMain - ok
13:17:16.0970 0x0b34  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
13:17:17.0032 0x0b34  SystemEventsBroker - ok
13:17:17.0063 0x0b34  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\windows\System32\TabSvc.dll
13:17:17.0110 0x0b34  TabletInputService - ok
13:17:17.0126 0x0b34  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\windows\System32\tapisrv.dll
13:17:17.0142 0x0b34  TapiSrv - ok
13:17:17.0534 0x0b34  [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
13:17:17.0644 0x0b34  Tcpip - ok
13:17:17.0997 0x0b34  [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
13:17:18.0059 0x0b34  TCPIP6 - ok
13:17:18.0106 0x0b34  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
13:17:18.0123 0x0b34  tcpipreg - ok
13:17:18.0154 0x0b34  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
13:17:18.0169 0x0b34  tdx - ok
13:17:18.0185 0x0b34  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\windows\System32\drivers\terminpt.sys
13:17:18.0201 0x0b34  terminpt - ok
13:17:18.0232 0x0b34  [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService     C:\windows\System32\termsrv.dll
13:17:18.0294 0x0b34  TermService - ok
13:17:18.0326 0x0b34  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\windows\system32\themeservice.dll
13:17:18.0373 0x0b34  Themes - ok
13:17:18.0388 0x0b34  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\windows\system32\mmcss.dll
13:17:18.0404 0x0b34  THREADORDER - ok
13:17:18.0466 0x0b34  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
13:17:18.0498 0x0b34  TimeBroker - ok
13:17:18.0529 0x0b34  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\windows\system32\drivers\tpm.sys
13:17:18.0544 0x0b34  TPM - ok
13:17:18.0576 0x0b34  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\windows\System32\trkwks.dll
13:17:18.0591 0x0b34  TrkWks - ok
13:17:18.0669 0x0b34  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:17:18.0779 0x0b34  TrustedInstaller - ok
13:17:18.0795 0x0b34  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
13:17:18.0826 0x0b34  TsUsbFlt - ok
13:17:18.0841 0x0b34  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
13:17:18.0857 0x0b34  TsUsbGD - ok
13:17:18.0873 0x0b34  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
13:17:18.0904 0x0b34  tunnel - ok
13:17:18.0920 0x0b34  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\windows\system32\drivers\uagp35.sys
13:17:18.0920 0x0b34  uagp35 - ok
13:17:18.0935 0x0b34  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
13:17:19.0091 0x0b34  UASPStor - ok
13:17:19.0171 0x0b34  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
13:17:19.0187 0x0b34  UCX01000 - ok
13:17:19.0251 0x0b34  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
13:17:19.0297 0x0b34  udfs - ok
13:17:19.0360 0x0b34  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\windows\system32\UI0Detect.exe
13:17:19.0391 0x0b34  UI0Detect - ok
13:17:19.0501 0x0b34  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
13:17:19.0516 0x0b34  uliagpkx - ok
13:17:19.0516 0x0b34  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\windows\System32\drivers\umbus.sys
13:17:19.0548 0x0b34  umbus - ok
13:17:19.0563 0x0b34  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\windows\System32\drivers\umpass.sys
13:17:19.0579 0x0b34  UmPass - ok
13:17:19.0594 0x0b34  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\windows\System32\umrdp.dll
13:17:19.0626 0x0b34  UmRdpService - ok
13:17:19.0704 0x0b34  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:17:19.0719 0x0b34  UNS - ok
13:17:19.0751 0x0b34  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\windows\System32\upnphost.dll
13:17:19.0782 0x0b34  upnphost - ok
13:17:19.0816 0x0b34  [ 9E9F21FF91D7ECC0BCCB94D3FE52A959, 85461393D62ED939F6741C2D0A90C8AB34F4415173223BB4CFC119715D10E7A7 ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
13:17:19.0847 0x0b34  usbaudio - ok
13:17:19.0878 0x0b34  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
13:17:19.0925 0x0b34  usbccgp - ok
13:17:19.0956 0x0b34  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\windows\System32\drivers\usbcir.sys
13:17:19.0988 0x0b34  usbcir - ok
13:17:20.0003 0x0b34  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\windows\System32\drivers\usbehci.sys
13:17:20.0019 0x0b34  usbehci - ok
13:17:20.0050 0x0b34  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\windows\System32\drivers\usbhub.sys
13:17:20.0081 0x0b34  usbhub - ok
13:17:20.0222 0x0b34  [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
13:17:20.0332 0x0b34  USBHUB3 - ok
13:17:20.0347 0x0b34  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\windows\System32\drivers\usbohci.sys
13:17:20.0410 0x0b34  usbohci - ok
13:17:20.0441 0x0b34  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\windows\System32\drivers\usbprint.sys
13:17:20.0488 0x0b34  usbprint - ok
13:17:20.0519 0x0b34  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
13:17:20.0535 0x0b34  USBSTOR - ok
13:17:20.0566 0x0b34  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
13:17:20.0582 0x0b34  usbuhci - ok
13:17:20.0628 0x0b34  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
13:17:20.0644 0x0b34  usbvideo - ok
13:17:20.0691 0x0b34  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
13:17:20.0707 0x0b34  USBXHCI - ok
13:17:20.0722 0x0b34  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\windows\system32\lsass.exe
13:17:20.0738 0x0b34  VaultSvc - ok
13:17:20.0756 0x0b34  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
13:17:20.0772 0x0b34  vdrvroot - ok
13:17:20.0803 0x0b34  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\windows\System32\vds.exe
13:17:20.0881 0x0b34  vds - ok
13:17:20.0897 0x0b34  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
13:17:20.0913 0x0b34  VerifierExt - ok
13:17:20.0944 0x0b34  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
13:17:20.0960 0x0b34  vhdmp - ok
13:17:20.0975 0x0b34  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\windows\system32\drivers\viaide.sys
13:17:20.0991 0x0b34  viaide - ok
13:17:21.0006 0x0b34  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\windows\system32\drivers\vmbus.sys
13:17:21.0022 0x0b34  vmbus - ok
13:17:21.0038 0x0b34  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
13:17:21.0053 0x0b34  VMBusHID - ok
13:17:21.0069 0x0b34  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\windows\System32\ICSvc.dll
13:17:21.0100 0x0b34  vmicheartbeat - ok
13:17:21.0100 0x0b34  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\windows\System32\ICSvc.dll
13:17:21.0116 0x0b34  vmickvpexchange - ok
13:17:21.0131 0x0b34  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\windows\System32\ICSvc.dll
13:17:21.0147 0x0b34  vmicrdv - ok
13:17:21.0147 0x0b34  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\windows\System32\ICSvc.dll
13:17:21.0163 0x0b34  vmicshutdown - ok
13:17:21.0178 0x0b34  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\windows\System32\ICSvc.dll
13:17:21.0194 0x0b34  vmictimesync - ok
13:17:21.0194 0x0b34  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\windows\System32\ICSvc.dll
13:17:21.0210 0x0b34  vmicvss - ok
13:17:21.0241 0x0b34  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\windows\system32\drivers\volmgr.sys
13:17:21.0241 0x0b34  volmgr - ok
13:17:21.0256 0x0b34  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
13:17:21.0288 0x0b34  volmgrx - ok
13:17:21.0319 0x0b34  [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap         C:\windows\system32\drivers\volsnap.sys
13:17:21.0366 0x0b34  volsnap - ok
13:17:21.0397 0x0b34  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\windows\System32\drivers\vpci.sys
13:17:21.0413 0x0b34  vpci - ok
13:17:21.0428 0x0b34  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
13:17:21.0444 0x0b34  vsmraid - ok
13:17:21.0506 0x0b34  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\windows\system32\vssvc.exe
13:17:21.0585 0x0b34  VSS - ok
13:17:21.0600 0x0b34  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
13:17:21.0616 0x0b34  VSTXRAID - ok
13:17:21.0632 0x0b34  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
13:17:21.0663 0x0b34  vwifibus - ok
13:17:21.0694 0x0b34  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
13:17:21.0694 0x0b34  vwififlt - ok
13:17:21.0710 0x0b34  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
13:17:21.0725 0x0b34  vwifimp - ok
13:17:21.0772 0x0b34  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\windows\system32\w32time.dll
13:17:21.0803 0x0b34  W32Time - ok
13:17:21.0819 0x0b34  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\windows\System32\drivers\wacompen.sys
13:17:21.0850 0x0b34  WacomPen - ok
13:17:21.0866 0x0b34  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
13:17:21.0882 0x0b34  Wanarp - ok
13:17:21.0882 0x0b34  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
13:17:21.0897 0x0b34  Wanarpv6 - ok
13:17:21.0975 0x0b34  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\windows\system32\wbengine.exe
13:17:22.0086 0x0b34  wbengine - ok
13:17:22.0117 0x0b34  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
13:17:22.0148 0x0b34  WbioSrvc - ok
13:17:22.0179 0x0b34  [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc          C:\windows\System32\wcmsvc.dll
13:17:22.0336 0x0b34  Wcmsvc - ok
13:17:22.0382 0x0b34  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\windows\System32\wcncsvc.dll
13:17:22.0429 0x0b34  wcncsvc - ok
13:17:22.0445 0x0b34  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
13:17:22.0539 0x0b34  WcsPlugInService - ok
13:17:22.0554 0x0b34  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\windows\system32\drivers\wd.sys
13:17:22.0570 0x0b34  Wd - ok
13:17:22.0586 0x0b34  [ 3772FF85F0098686B0DCD77076AE0786, 8B0221F6003C53856676FFD9CDCFF43DF29B410AB2F340C10BB858F0E6EC14CE ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
13:17:22.0601 0x0b34  WdBoot - ok
13:17:22.0632 0x0b34  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
13:17:22.0664 0x0b34  Wdf01000 - ok
13:17:22.0679 0x0b34  [ AB6F7DE8BFBF61A42F8764D9A621BD8B, DEFDC9FDC0B234403EE1339105B8D12B486D77B3BA01A703339B5DB8B95FA4D8 ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
13:17:22.0695 0x0b34  WdFilter - ok
13:17:22.0726 0x0b34  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\windows\system32\wdi.dll
13:17:22.0742 0x0b34  WdiServiceHost - ok
13:17:22.0742 0x0b34  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\windows\system32\wdi.dll
13:17:22.0757 0x0b34  WdiSystemHost - ok
13:17:22.0820 0x0b34  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\windows\System32\webclnt.dll
13:17:22.0851 0x0b34  WebClient - ok
13:17:22.0882 0x0b34  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\windows\system32\wecsvc.dll
13:17:22.0914 0x0b34  Wecsvc - ok
13:17:22.0929 0x0b34  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\windows\System32\wercplsupport.dll
13:17:23.0023 0x0b34  wercplsupport - ok
13:17:23.0054 0x0b34  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\windows\System32\WerSvc.dll
13:17:23.0132 0x0b34  WerSvc - ok
13:17:23.0148 0x0b34  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
13:17:23.0164 0x0b34  WFPLWFS - ok
13:17:23.0195 0x0b34  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\windows\System32\wiarpc.dll
13:17:23.0211 0x0b34  WiaRpc - ok
13:17:23.0242 0x0b34  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
13:17:23.0257 0x0b34  WIMMount - ok
13:17:23.0289 0x0b34  WinDefend - ok
13:17:23.0351 0x0b34  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
13:17:23.0414 0x0b34  WinHttpAutoProxySvc - ok
13:17:23.0476 0x0b34  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
13:17:23.0507 0x0b34  Winmgmt - ok
13:17:23.0601 0x0b34  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\windows\system32\WsmSvc.dll
13:17:23.0679 0x0b34  WinRM - ok
13:17:23.0726 0x0b34  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
13:17:23.0742 0x0b34  WinUsb - ok
13:17:23.0804 0x0b34  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\windows\System32\wlansvc.dll
13:17:23.0851 0x0b34  WlanSvc - ok
13:17:23.0929 0x0b34  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\windows\system32\wlidsvc.dll
13:17:24.0023 0x0b34  wlidsvc - ok
13:17:24.0039 0x0b34  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
13:17:24.0054 0x0b34  WmiAcpi - ok
13:17:24.0086 0x0b34  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
13:17:24.0101 0x0b34  wmiApSrv - ok
13:17:24.0133 0x0b34  WMPNetworkSvc - ok
13:17:24.0148 0x0b34  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
13:17:24.0195 0x0b34  wpcfltr - ok
13:17:24.0211 0x0b34  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\windows\System32\wpcsvc.dll
13:17:24.0226 0x0b34  WPCSvc - ok
13:17:24.0243 0x0b34  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
13:17:24.0305 0x0b34  WPDBusEnum - ok
13:17:24.0321 0x0b34  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
13:17:24.0352 0x0b34  WpdUpFltr - ok
13:17:24.0399 0x0b34  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
13:17:24.0414 0x0b34  ws2ifsl - ok
13:17:24.0446 0x0b34  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\windows\system32\wscsvc.dll
13:17:24.0508 0x0b34  wscsvc - ok
13:17:24.0508 0x0b34  WSearch - ok
13:17:24.0696 0x0b34  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\windows\System32\WSService.dll
13:17:24.0805 0x0b34  WSService - ok
13:17:24.0915 0x0b34  [ 10EA2DBD2820A504D98D19F5EDAAFC04, 5B84D7C169CBAEBCE4A03BB89426E74DBF5AFCA1F8FDE2A5BC1006A8464D7E24 ] wuauserv        C:\windows\system32\wuaueng.dll
13:17:25.0086 0x0b34  wuauserv - ok
13:17:25.0102 0x0b34  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
13:17:25.0133 0x0b34  WudfPf - ok
13:17:25.0149 0x0b34  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP    C:\windows\system32\DRIVERS\WUDFRd.sys
13:17:25.0180 0x0b34  WUDFSensorLP - ok
13:17:25.0227 0x0b34  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
13:17:25.0227 0x0b34  wudfsvc - ok
13:17:25.0258 0x0b34  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
13:17:25.0274 0x0b34  WUDFWpdFs - ok
13:17:25.0274 0x0b34  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
13:17:25.0290 0x0b34  WUDFWpdMtp - ok
13:17:25.0336 0x0b34  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\windows\System32\wwansvc.dll
13:17:25.0368 0x0b34  WwanSvc - ok
13:17:25.0415 0x0b34  [ 918C73F0275D7813E6F01E100B39DBD9, 06D08C9B0894A307A4D215B445A5EA08CD53DEA19526FECBB4ADDB833D1070D1 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
13:17:25.0446 0x0b34  ZAtheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
13:17:27.0871 0x0b34  Detect skipped due to KSN trusted
13:17:27.0871 0x0b34  ZAtheros Bt&Wlan Coex Agent - ok
13:17:27.0887 0x0b34  ================ Scan global ===============================
13:17:27.0996 0x0b34  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\windows\system32\basesrv.dll
13:17:28.0027 0x0b34  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\windows\system32\winsrv.dll
13:17:28.0043 0x0b34  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\windows\system32\sxssrv.dll
13:17:28.0074 0x0b34  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\windows\system32\services.exe
13:17:28.0090 0x0b34  [ Global ] - ok
13:17:28.0090 0x0b34  ================ Scan MBR ==================================
13:17:28.0090 0x0b34  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:17:28.0246 0x0b34  \Device\Harddisk0\DR0 - ok
13:17:28.0246 0x0b34  ================ Scan VBR ==================================
13:17:28.0246 0x0b34  [ 1FC715F2428BA6E96A6F124B92E56B6A ] \Device\Harddisk0\DR0\Partition1
13:17:28.0278 0x0b34  \Device\Harddisk0\DR0\Partition1 - ok
13:17:28.0293 0x0b34  [ 5DDE506F3FC7D38EA5A21189EB0B01D3 ] \Device\Harddisk0\DR0\Partition2
13:17:28.0293 0x0b34  \Device\Harddisk0\DR0\Partition2 - ok
13:17:28.0309 0x0b34  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
13:17:28.0309 0x0b34  \Device\Harddisk0\DR0\Partition3 - ok
13:17:28.0309 0x0b34  [ BB8589C567F65DF46E5BFA6D7423EA1E ] \Device\Harddisk0\DR0\Partition4
13:17:28.0324 0x0b34  \Device\Harddisk0\DR0\Partition4 - ok
13:17:28.0356 0x0b34  [ E532332B129E69B1D410A7B867757292 ] \Device\Harddisk0\DR0\Partition5
13:17:28.0371 0x0b34  \Device\Harddisk0\DR0\Partition5 - ok
13:17:28.0371 0x0b34  [ EF6FF3C44BF364AA3EA34DF71733DFAE ] \Device\Harddisk0\DR0\Partition6
13:17:28.0371 0x0b34  \Device\Harddisk0\DR0\Partition6 - ok
13:17:28.0371 0x0b34  ================ Scan generic autorun ======================
13:17:28.0793 0x0b34  [ C2A0B14B6E6555CF9D53ECB142465697, 9611506ED174E82516CB1614BFE5730B0BDDE76D58574D0406C1FED873F6308D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:17:29.0012 0x0b34  RtHDVCpl - ok
13:17:29.0059 0x0b34  [ BED2FC346920A8B9F5B6CA9417A50E8F, 8F4B3E6987CA3BDB9D7C6DC59CB6578C26E95760E1D72FF78E89D76787FFECFA ] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
13:17:29.0074 0x0b34  BtTray - ok
13:17:29.0090 0x0b34  [ 4518F9E8966D584FF52B2D3A65E2320D, 9F3225B91B478C8A0B836F2F3E28014F144109C10A445FA162FA2AF6C3B716E9 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
13:17:29.0106 0x0b34  BtvStack - ok
13:17:29.0106 0x0b34  ETDCtrl - ok
13:17:29.0137 0x0b34  [ 895CD1F7D684E8677F2C50A8D2E86DC1, 6B3D2C1BA6D43363F3CD992F1AB5CF0AC9AD846CFD2A8CAE5CEA662DC315F411 ] C:\windows\system32\igfxtray.exe
13:17:29.0137 0x0b34  IgfxTray - ok
13:17:29.0153 0x0b34  [ DB2325FF9DF15B943E9A7E678E2CEF57, C22D257DB000FFB1B90E094CE8358D04A5885E6C789CA2A4125AEFE948C5ECD5 ] C:\windows\system32\hkcmd.exe
13:17:29.0168 0x0b34  HotKeysCmds - ok
13:17:29.0199 0x0b34  [ 1F17B098A2F9F7B7E7B00F4B679F5709, BD80A42D328A0D0C21E10A272E5144ACDEA1311FFD252D4664EE4F5D35B71826 ] C:\windows\system32\igfxpers.exe
13:17:29.0199 0x0b34  Persistence - ok
13:17:29.0246 0x0b34  [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
13:17:29.0262 0x0b34  Intel AppUp(SM) center - ok
13:17:29.0324 0x0b34  [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
13:17:29.0340 0x0b34  CLMLServer_For_P2G8 - ok
13:17:29.0356 0x0b34  [ 44C5C8A5DF192FDC4D530F57612FA49C, DD8D69698361CBD042AEB69BC040DAD92BB642429B68A9169247E1A8A96D391D ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
13:17:29.0371 0x0b34  CLVirtualDrive - ok
13:17:29.0418 0x0b34  [ AE29724E282EDBE7D0F49E9982642EFD, E7637C08A35F1D7AF810500804FAC45557C5598FA887BE26484B50D305213658 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
13:17:29.0434 0x0b34  RemoteControl10 - ok
13:17:29.0465 0x0b34  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:17:29.0465 0x0b34  SunJavaUpdateSched - ok
13:17:29.0574 0x0b34  [ 776F1F9447FDA3F568EC6D1FB74DDD27, A53409B29ACDDB901D395EC4217F5BF366B3F8AFF2817B007AC7558505D18863 ] C:\Program Files (x86)\Steam\Steam.exe
13:17:29.0621 0x0b34  Steam - ok
13:17:29.0621 0x0b34  Waiting for KSN requests completion. In queue: 14
13:17:30.0646 0x0b34  Waiting for KSN requests completion. In queue: 12
13:17:31.0650 0x0b34  Waiting for KSN requests completion. In queue: 12
13:17:32.0652 0x0b34  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
13:17:32.0699 0x0b34  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
13:17:32.0699 0x0b34  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x41010 ( enabled )
13:17:35.0044 0x0b34  ============================================================
13:17:35.0044 0x0b34  Scan finished
13:17:35.0044 0x0b34  ============================================================
13:17:35.0044 0x0930  Detected object count: 0
13:17:35.0044 0x0930  Actual detected object count: 0
         
__________________

Alt 17.10.2014, 13:45   #4
Don_Helios
 
Windows 8: langsames Internet und Umleitungen auf Werbeseiten - Standard

Windows 8: langsames Internet und Umleitungen auf Werbeseiten



Ich habe das Programm noch einmal laufen lassen und es sind 2 Bedrohungen gefunden worden.

Code:
ATTFilter
13:27:33.0332 0x132c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
13:27:33.0332 0x132c  UEFI system
13:27:35.0535 0x132c  ============================================================
13:27:35.0535 0x132c  Current date / time: 2014/10/17 13:27:35.0535
13:27:35.0535 0x132c  SystemInfo:
13:27:35.0535 0x132c  
13:27:35.0535 0x132c  OS Version: 6.2.9200 ServicePack: 0.0
13:27:35.0535 0x132c  Product type: Workstation
13:27:35.0535 0x132c  ComputerName: ELIAS-PC
13:27:35.0535 0x132c  UserName: Elias
13:27:35.0535 0x132c  Windows directory: C:\windows
13:27:35.0535 0x132c  System windows directory: C:\windows
13:27:35.0535 0x132c  Running under WOW64
13:27:35.0535 0x132c  Processor architecture: Intel x64
13:27:35.0535 0x132c  Number of processors: 4
13:27:35.0535 0x132c  Page size: 0x1000
13:27:35.0535 0x132c  Boot type: Normal boot
13:27:35.0535 0x132c  ============================================================
13:27:37.0020 0x132c  KLMD registered as C:\windows\system32\drivers\94036558.sys
13:27:37.0567 0x132c  System UUID: {D8B20880-A826-136F-A4B7-110A8B966F26}
13:27:38.0348 0x132c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:27:38.0364 0x132c  ============================================================
13:27:38.0364 0x132c  \Device\Harddisk0\DR0:
13:27:38.0364 0x132c  GPT partitions:
13:27:38.0364 0x132c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {118EA028-1713-43C0-909C-37C4E9E17B62}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
13:27:38.0364 0x132c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {14AC08E6-8D77-4270-80B7-27F9676D7685}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
13:27:38.0364 0x132c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {11BD816E-0D91-424D-AC43-6C9107922E53}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
13:27:38.0364 0x132c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {15F4A025-5EF9-49D1-8C93-8EE5F0688354}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x370FA801
13:27:38.0364 0x132c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3F8CDA94-01D3-48DB-AD67-9852013F4EAC}, Name: Basic data partition, StartLBA 0x372CB001, BlocksNum 0x2EBB000
13:27:38.0364 0x132c  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F98CC789-F9B9-40F0-4173-636C65706975}, Name: Basic data partition, StartLBA 0x3A186001, BlocksNum 0x200000
13:27:38.0364 0x132c  MBR partitions:
13:27:38.0364 0x132c  ============================================================
13:27:38.0379 0x132c  C: <-> \Device\Harddisk0\DR0\Partition4
13:27:38.0379 0x132c  ============================================================
13:27:38.0379 0x132c  Initialize success
13:27:38.0379 0x132c  ============================================================
13:28:10.0275 0x111c  ============================================================
13:28:10.0275 0x111c  Scan started
13:28:10.0275 0x111c  Mode: Manual; SigCheck; TDLFS; 
13:28:10.0275 0x111c  ============================================================
13:28:10.0275 0x111c  KSN ping started
13:28:10.0290 0x111c  KSN ping finished: false
13:28:12.0072 0x111c  ================ Scan system memory ========================
13:28:12.0072 0x111c  System memory - ok
13:28:12.0072 0x111c  ================ Scan services =============================
13:28:12.0541 0x111c  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
13:28:12.0681 0x111c  1394ohci - ok
13:28:12.0728 0x111c  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\windows\system32\drivers\3ware.sys
13:28:12.0744 0x111c  3ware - ok
13:28:12.0791 0x111c  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\windows\system32\drivers\ACPI.sys
13:28:12.0806 0x111c  ACPI - ok
13:28:12.0822 0x111c  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\windows\system32\Drivers\acpiex.sys
13:28:12.0838 0x111c  acpiex - ok
13:28:12.0853 0x111c  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
13:28:12.0869 0x111c  acpipagr - ok
13:28:12.0900 0x111c  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
13:28:12.0963 0x111c  AcpiPmi - ok
13:28:12.0978 0x111c  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\windows\System32\drivers\acpitime.sys
13:28:13.0009 0x111c  acpitime - ok
13:28:13.0056 0x111c  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
13:28:13.0072 0x111c  adp94xx - ok
13:28:13.0088 0x111c  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\windows\system32\drivers\adpahci.sys
13:28:13.0103 0x111c  adpahci - ok
13:28:13.0197 0x111c  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\windows\system32\drivers\adpu320.sys
13:28:13.0244 0x111c  adpu320 - ok
13:28:13.0291 0x111c  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
13:28:13.0431 0x111c  AeLookupSvc - ok
13:28:13.0650 0x111c  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD             C:\windows\system32\drivers\afd.sys
13:28:13.0869 0x111c  AFD - ok
13:28:13.0916 0x111c  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\windows\system32\drivers\agp440.sys
13:28:13.0931 0x111c  agp440 - ok
13:28:13.0963 0x111c  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\windows\System32\alg.exe
13:28:14.0134 0x111c  ALG - ok
13:28:14.0181 0x111c  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
13:28:14.0306 0x111c  AllUserInstallAgent - ok
13:28:14.0384 0x111c  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\windows\System32\drivers\amdk8.sys
13:28:14.0525 0x111c  AmdK8 - ok
13:28:14.0572 0x111c  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
13:28:14.0634 0x111c  AmdPPM - ok
13:28:14.0728 0x111c  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\windows\system32\drivers\amdsata.sys
13:28:14.0760 0x111c  amdsata - ok
13:28:14.0838 0x111c  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
13:28:14.0853 0x111c  amdsbs - ok
13:28:14.0931 0x111c  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\windows\system32\drivers\amdxata.sys
13:28:14.0963 0x111c  amdxata - ok
13:28:14.0994 0x111c  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\windows\system32\drivers\appid.sys
13:28:15.0197 0x111c  AppID - ok
13:28:15.0228 0x111c  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\windows\System32\appidsvc.dll
13:28:15.0306 0x111c  AppIDSvc - ok
13:28:15.0338 0x111c  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\windows\System32\appinfo.dll
13:28:15.0541 0x111c  Appinfo - ok
13:28:15.0588 0x111c  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\windows\system32\drivers\arc.sys
13:28:15.0588 0x111c  arc - ok
13:28:15.0603 0x111c  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\windows\system32\drivers\arcsas.sys
13:28:15.0635 0x111c  arcsas - ok
13:28:15.0650 0x111c  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
13:28:15.0697 0x111c  AsyncMac - ok
13:28:15.0728 0x111c  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\windows\system32\drivers\atapi.sys
13:28:15.0728 0x111c  atapi - ok
13:28:15.0760 0x111c  [ 4885C14A6AB6969B5773A42DA0BA3DA4, E317E1E299543FBD9853C71E1CF8019343B6234B9AAF56ABF48C41BB7743490B ] AthBTPort       C:\windows\system32\DRIVERS\btath_flt.sys
13:28:15.0775 0x111c  AthBTPort - ok
13:28:15.0931 0x111c  [ 7CA5397A47843B0BD36898F32F2D403B, 40BACD955FDF2E469AA20910203CEB97B7C7D94C04E15723D99ED2C577AD14CF ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
13:28:15.0947 0x111c  AtherosSvc - ok
13:28:16.0400 0x111c  [ F17ABC4AA1FE4989E812858261414FE5, 6C24F7F498AB7D02DF35E1FD7621C29E81BD4C774F37AAC04A49B35A930775A2 ] athr            C:\windows\system32\DRIVERS\athw8x.sys
13:28:16.0681 0x111c  athr - ok
13:28:16.0713 0x111c  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
13:28:16.0822 0x111c  AudioEndpointBuilder - ok
13:28:16.0853 0x111c  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\windows\System32\Audiosrv.dll
13:28:16.0900 0x111c  Audiosrv - ok
13:28:16.0994 0x111c  [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
13:28:16.0994 0x111c  AVP - ok
13:28:17.0041 0x111c  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\windows\System32\AxInstSV.dll
13:28:17.0103 0x111c  AxInstSV - ok
13:28:17.0135 0x111c  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
13:28:17.0166 0x111c  b06bdrv - ok
13:28:17.0182 0x111c  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
13:28:17.0275 0x111c  BasicDisplay - ok
13:28:17.0291 0x111c  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
13:28:17.0307 0x111c  BasicRender - ok
13:28:17.0338 0x111c  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\windows\System32\bdesvc.dll
13:28:17.0400 0x111c  BDESVC - ok
13:28:17.0416 0x111c  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\windows\system32\drivers\Beep.sys
13:28:17.0478 0x111c  Beep - ok
13:28:17.0525 0x111c  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\windows\System32\bfe.dll
13:28:17.0603 0x111c  BFE - ok
13:28:17.0635 0x111c  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\windows\System32\qmgr.dll
13:28:17.0791 0x111c  BITS - ok
13:28:17.0807 0x111c  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
13:28:17.0885 0x111c  bowser - ok
13:28:17.0900 0x111c  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
13:28:17.0963 0x111c  BrokerInfrastructure - ok
13:28:17.0978 0x111c  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\windows\System32\browser.dll
13:28:18.0072 0x111c  Browser - ok
13:28:18.0150 0x111c  [ 942F3F6286056D6BBB5B02ED2B7088BD, 9F187C480BD40815ECFFC208BD1B00ACDFAD16899B4C8BE79C803FE48E322EA0 ] BTATH_A2DP      C:\windows\system32\drivers\btath_a2dp.sys
13:28:18.0182 0x111c  BTATH_A2DP - ok
13:28:18.0182 0x111c  [ 43C965027229D9FF6E52E4C71C03B09E, AF0E39EAD8B17A65F885272BEF12BF91578289C183FB39BB803183BE0E5547D1 ] btath_avdt      C:\windows\system32\drivers\btath_avdt.sys
13:28:18.0213 0x111c  btath_avdt - ok
13:28:18.0228 0x111c  [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9 ] BTATH_BUS       C:\windows\System32\drivers\btath_bus.sys
13:28:18.0228 0x111c  BTATH_BUS - ok
13:28:18.0244 0x111c  [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F ] BTATH_HCRP      C:\windows\System32\drivers\btath_hcrp.sys
13:28:18.0260 0x111c  BTATH_HCRP - ok
13:28:18.0275 0x111c  [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A ] BTATH_LWFLT     C:\windows\system32\DRIVERS\btath_lwflt.sys
13:28:18.0291 0x111c  BTATH_LWFLT - ok
13:28:18.0307 0x111c  [ EC7BB341229E9E6B04349580F55218B2, 4227CE6787DD1432EB054B1EE85C399188A61B23E2E8B0B615DA101C4AABD6C0 ] BTATH_RCP       C:\windows\System32\drivers\btath_rcp.sys
13:28:18.0307 0x111c  BTATH_RCP - ok
13:28:18.0338 0x111c  [ CBF4EF7E9FE86CE0CAB0A6472DE34A1C, 7E4B410E1BC0BBC3B7CECF4B7396070E3FFB99D73CF185CBF38E65A79DDBB780 ] BtFilter        C:\windows\system32\DRIVERS\btfilter.sys
13:28:18.0416 0x111c  BtFilter - ok
13:28:18.0432 0x111c  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
13:28:18.0478 0x111c  BthAvrcpTg - ok
13:28:18.0510 0x111c  [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
13:28:18.0603 0x111c  BthEnum - ok
13:28:18.0619 0x111c  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
13:28:18.0713 0x111c  BthHFEnum - ok
13:28:18.0744 0x111c  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
13:28:18.0822 0x111c  bthhfhid - ok
13:28:18.0853 0x111c  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum       C:\windows\system32\DRIVERS\BthLEEnum.sys
13:28:18.0885 0x111c  BthLEEnum - ok
13:28:18.0916 0x111c  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
13:28:18.0932 0x111c  BTHMODEM - ok
13:28:18.0978 0x111c  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
13:28:19.0025 0x111c  BthPan - ok
13:28:19.0072 0x111c  [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
13:28:19.0119 0x111c  BTHPORT - ok
13:28:19.0150 0x111c  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\windows\system32\bthserv.dll
13:28:19.0166 0x111c  bthserv - ok
13:28:19.0197 0x111c  [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
13:28:19.0213 0x111c  BTHUSB - ok
13:28:19.0244 0x111c  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
13:28:19.0291 0x111c  cdfs - ok
13:28:19.0307 0x111c  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\windows\System32\drivers\cdrom.sys
13:28:19.0369 0x111c  cdrom - ok
13:28:19.0400 0x111c  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\windows\System32\certprop.dll
13:28:19.0432 0x111c  CertPropSvc - ok
13:28:19.0447 0x111c  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\windows\System32\drivers\circlass.sys
13:28:19.0478 0x111c  circlass - ok
13:28:19.0510 0x111c  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\windows\system32\drivers\CLFS.sys
13:28:19.0525 0x111c  CLFS - ok
13:28:19.0978 0x111c  [ EDAD3D6932E4CB7D92F19FEE0238C29D, 8AE3F923CDBBF08ABB401B53D7E743DBD91C64E28AB7A17D7BAB1EF585A8FE4F ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
13:28:20.0104 0x111c  ClickToRunSvc - ok
13:28:20.0135 0x111c  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\windows\system32\DRIVERS\CLVirtualDrive.sys
13:28:20.0135 0x111c  CLVirtualDrive - ok
13:28:20.0150 0x111c  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
13:28:20.0197 0x111c  CmBatt - ok
13:28:20.0307 0x111c  [ DBF9E5346431557BF56F41E7F8EC0DC1, D5FA34C873DA9BE40301D53198355556506AB5145B78B14D0AA88570A0058589 ] CNG             C:\windows\system32\Drivers\cng.sys
13:28:20.0338 0x111c  CNG - ok
13:28:20.0369 0x111c  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
13:28:20.0400 0x111c  CompositeBus - ok
13:28:20.0400 0x111c  COMSysApp - ok
13:28:20.0432 0x111c  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\windows\system32\drivers\condrv.sys
13:28:20.0479 0x111c  condrv - ok
13:28:20.0713 0x111c  [ C6D620A69098AB17EBD5C0CAADA1D7DC, 26E52579F2CB12121F927039E9068AA0515803653BEE1101C3FCF4DF696C19C2 ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe
13:28:20.0744 0x111c  cphs - ok
13:28:20.0775 0x111c  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\windows\system32\cryptsvc.dll
13:28:20.0838 0x111c  CryptSvc - ok
13:28:20.0869 0x111c  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\windows\system32\drivers\dam.sys
13:28:20.0885 0x111c  dam - ok
13:28:20.0932 0x111c  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\windows\system32\rpcss.dll
13:28:21.0025 0x111c  DcomLaunch - ok
13:28:21.0072 0x111c  [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc       C:\windows\System32\defragsvc.dll
13:28:21.0150 0x111c  defragsvc - ok
13:28:21.0166 0x111c  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\windows\system32\das.dll
13:28:21.0275 0x111c  DeviceAssociationService - ok
13:28:21.0307 0x111c  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
13:28:21.0338 0x111c  DeviceInstall - ok
13:28:21.0369 0x111c  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
13:28:21.0447 0x111c  Dfsc - ok
13:28:21.0494 0x111c  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\windows\system32\dhcpcore.dll
13:28:21.0572 0x111c  Dhcp - ok
13:28:21.0604 0x111c  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\windows\system32\drivers\discache.sys
13:28:21.0619 0x111c  discache - ok
13:28:21.0635 0x111c  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\windows\system32\drivers\disk.sys
13:28:21.0650 0x111c  disk - ok
13:28:21.0650 0x111c  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
13:28:21.0729 0x111c  dmvsc - ok
13:28:21.0760 0x111c  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\windows\System32\dnsrslvr.dll
13:28:21.0838 0x111c  Dnscache - ok
13:28:21.0869 0x111c  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\windows\System32\dot3svc.dll
13:28:21.0916 0x111c  dot3svc - ok
13:28:21.0932 0x111c  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\windows\system32\dps.dll
13:28:21.0947 0x111c  DPS - ok
13:28:21.0979 0x111c  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
13:28:22.0072 0x111c  drmkaud - ok
13:28:22.0104 0x111c  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
13:28:22.0135 0x111c  DsmSvc - ok
13:28:22.0260 0x111c  [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
13:28:22.0322 0x111c  DXGKrnl - ok
13:28:22.0354 0x111c  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\windows\System32\eapsvc.dll
13:28:22.0400 0x111c  Eaphost - ok
13:28:22.0635 0x111c  [ 843E8B2127D7283845E29E6176C15887, F755EB9B8DEAE9B5E90D7729A3A9B3B74B3D1B6A2775BDC82624F4D80D0DCCD3 ] Easy Launcher   C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
13:28:22.0682 0x111c  Easy Launcher - ok
13:28:23.0182 0x111c  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\windows\system32\drivers\evbda.sys
13:28:23.0354 0x111c  ebdrv - ok
13:28:23.0385 0x111c  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS             C:\windows\System32\lsass.exe
13:28:23.0447 0x111c  EFS - ok
13:28:23.0463 0x111c  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
13:28:23.0479 0x111c  EhStorClass - ok
13:28:23.0494 0x111c  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
13:28:23.0510 0x111c  EhStorTcgDrv - ok
13:28:23.0541 0x111c  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\windows\System32\drivers\errdev.sys
13:28:23.0541 0x111c  ErrDev - ok
13:28:23.0572 0x111c  [ 6073E00157E6D99FC8D0D0CC8EF61DF9, E30A7F1FD5E15F0705CB382CF7D9A879C56AE58947A7AB81AC3F47DCE2678B04 ] ETD             C:\windows\system32\DRIVERS\ETD.sys
13:28:23.0588 0x111c  ETD - ok
13:28:23.0635 0x111c  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\windows\system32\es.dll
13:28:23.0697 0x111c  EventSystem - ok
13:28:23.0729 0x111c  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\windows\system32\drivers\exfat.sys
13:28:23.0744 0x111c  exfat - ok
13:28:23.0776 0x111c  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\windows\system32\drivers\fastfat.sys
13:28:23.0776 0x111c  fastfat - ok
13:28:23.0822 0x111c  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\windows\system32\fxssvc.exe
13:28:23.0885 0x111c  Fax - ok
13:28:23.0916 0x111c  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\windows\System32\drivers\fdc.sys
13:28:23.0947 0x111c  fdc - ok
13:28:23.0979 0x111c  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\windows\system32\fdPHost.dll
13:28:24.0010 0x111c  fdPHost - ok
13:28:24.0026 0x111c  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\windows\system32\fdrespub.dll
13:28:24.0088 0x111c  FDResPub - ok
13:28:24.0119 0x111c  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\windows\system32\fhsvc.dll
13:28:24.0182 0x111c  fhsvc - ok
13:28:24.0197 0x111c  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
13:28:24.0213 0x111c  FileInfo - ok
13:28:24.0229 0x111c  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
13:28:24.0260 0x111c  Filetrace - ok
13:28:24.0276 0x111c  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
13:28:24.0291 0x111c  flpydisk - ok
13:28:24.0322 0x111c  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
13:28:24.0338 0x111c  FltMgr - ok
13:28:24.0557 0x111c  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\windows\system32\FntCache.dll
13:28:24.0651 0x111c  FontCache - ok
13:28:24.0776 0x111c  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:28:24.0791 0x111c  FontCache3.0.0.0 - ok
13:28:24.0823 0x111c  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
13:28:24.0838 0x111c  FsDepends - ok
13:28:24.0869 0x111c  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
13:28:24.0869 0x111c  Fs_Rec - ok
13:28:24.0916 0x111c  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
13:28:24.0932 0x111c  fvevol - ok
13:28:24.0963 0x111c  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
13:28:25.0010 0x111c  FxPPM - ok
13:28:25.0041 0x111c  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
13:28:25.0041 0x111c  gagp30kx - ok
13:28:25.0073 0x111c  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
13:28:25.0088 0x111c  gencounter - ok
13:28:25.0119 0x111c  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
13:28:25.0135 0x111c  GPIOClx0101 - ok
13:28:25.0182 0x111c  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\windows\System32\gpsvc.dll
13:28:25.0276 0x111c  gpsvc - ok
13:28:25.0323 0x111c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:28:25.0354 0x111c  gupdate - ok
13:28:25.0354 0x111c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:28:25.0354 0x111c  gupdatem - ok
13:28:25.0385 0x111c  [ 4373CB2FFCF35EAAA853DB2FE45A40DC, 3FCF6A53AF63722FAAD6ABC94DA093EBD766B0728CD0E64EAB1BEC369CC998C9 ] Hamachi         C:\windows\system32\DRIVERS\Hamdrv.sys
13:28:25.0385 0x111c  Hamachi - ok
13:28:25.0432 0x111c  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
13:28:25.0479 0x111c  HdAudAddService - ok
13:28:25.0526 0x111c  [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
13:28:25.0573 0x111c  HDAudBus - ok
13:28:25.0588 0x111c  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
13:28:25.0604 0x111c  HidBatt - ok
13:28:25.0635 0x111c  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\windows\System32\drivers\hidbth.sys
13:28:25.0682 0x111c  HidBth - ok
13:28:25.0713 0x111c  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
13:28:25.0823 0x111c  hidi2c - ok
13:28:25.0854 0x111c  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\windows\System32\drivers\hidir.sys
13:28:25.0885 0x111c  HidIr - ok
13:28:25.0916 0x111c  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\windows\System32\hidserv.dll
13:28:25.0932 0x111c  hidserv - ok
13:28:25.0963 0x111c  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\windows\System32\drivers\hidusb.sys
13:28:26.0088 0x111c  HidUsb - ok
13:28:26.0119 0x111c  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\windows\system32\kmsvc.dll
13:28:26.0166 0x111c  hkmsvc - ok
13:28:26.0198 0x111c  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:28:26.0244 0x111c  HomeGroupListener - ok
13:28:26.0291 0x111c  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:28:26.0354 0x111c  HomeGroupProvider - ok
13:28:26.0369 0x111c  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
13:28:26.0385 0x111c  HpSAMD - ok
13:28:26.0416 0x111c  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\windows\system32\drivers\HTTP.sys
13:28:26.0479 0x111c  HTTP - ok
13:28:26.0510 0x111c  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
13:28:26.0510 0x111c  hwpolicy - ok
13:28:26.0541 0x111c  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
13:28:26.0573 0x111c  hyperkbd - ok
13:28:26.0588 0x111c  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
13:28:26.0604 0x111c  HyperVideo - ok
13:28:26.0635 0x111c  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
13:28:26.0698 0x111c  i8042prt - ok
13:28:26.0729 0x111c  [ 050F2539E14F9D5E90A4B61738EC29BD, 0E65468B9F452FA7DB6DF2C1B2B2E9439C79031E27054FBDBDFE28A9F98721D7 ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
13:28:26.0744 0x111c  iaStorA - ok
13:28:26.0838 0x111c  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
13:28:26.0885 0x111c  iaStorV - ok
13:28:27.0026 0x111c  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:28:27.0057 0x111c  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
13:28:27.0104 0x111c  IDriverT ( UnsignedFile.Multi.Generic ) - warning
13:28:27.0870 0x111c  [ 11A31FC2481BFE69B0507ED8C80215F4, 8A1E90611F749E8F04B6D86E835E981CAC16D0841305CADB19E58682DA006698 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
13:28:28.0323 0x111c  igfx - ok
13:28:28.0354 0x111c  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
13:28:28.0354 0x111c  iirsp - ok
13:28:28.0416 0x111c  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\windows\System32\ikeext.dll
13:28:28.0479 0x111c  IKEEXT - ok
13:28:28.0791 0x111c  [ 8524178B895E4BC04776B319DA3A70EC, A635EADF6E8BD985B730F2737E8DA36AC71E8FEB759787ECB24D955176622AD2 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
13:28:28.0932 0x111c  IntcAzAudAddService - ok
13:28:29.0026 0x111c  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys
13:28:29.0135 0x111c  IntcDAud - ok
13:28:29.0354 0x111c  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:28:29.0401 0x111c  Intel(R) Capability Licensing Service Interface - ok
13:28:29.0463 0x111c  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:28:29.0495 0x111c  Intel(R) ME Service - ok
13:28:29.0510 0x111c  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\windows\system32\drivers\intelide.sys
13:28:29.0526 0x111c  intelide - ok
13:28:29.0573 0x111c  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\windows\System32\drivers\intelppm.sys
13:28:29.0588 0x111c  intelppm - ok
13:28:29.0620 0x111c  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
13:28:29.0651 0x111c  IpFilterDriver - ok
13:28:29.0776 0x111c  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
13:28:29.0854 0x111c  iphlpsvc - ok
13:28:29.0901 0x111c  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
13:28:30.0042 0x111c  IPMIDRV - ok
13:28:30.0073 0x111c  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
13:28:30.0120 0x111c  IPNAT - ok
13:28:30.0135 0x111c  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\windows\system32\drivers\irenum.sys
13:28:30.0276 0x111c  IRENUM - ok
13:28:30.0292 0x111c  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\windows\system32\drivers\isapnp.sys
13:28:30.0307 0x111c  isapnp - ok
13:28:30.0401 0x111c  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
13:28:30.0448 0x111c  iScsiPrt - ok
13:28:30.0542 0x111c  [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
13:28:30.0557 0x111c  iumsvc - ok
13:28:30.0588 0x111c  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:28:30.0604 0x111c  jhi_service - ok
13:28:30.0620 0x111c  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
13:28:30.0635 0x111c  kbdclass - ok
13:28:30.0667 0x111c  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
13:28:30.0698 0x111c  kbdhid - ok
13:28:30.0713 0x111c  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
13:28:30.0823 0x111c  kdnic - ok
13:28:30.0838 0x111c  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\windows\system32\lsass.exe
13:28:30.0854 0x111c  KeyIso - ok
13:28:30.0901 0x111c  [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1             C:\windows\system32\DRIVERS\kl1.sys
13:28:30.0932 0x111c  kl1 - ok
13:28:30.0979 0x111c  [ 2248A9F2B7704271C72E306001C7FBE0, FEC8E10F4FAB332E36C1C5801396174B4CE21186431A2A234CE49695C4674ACA ] klelam          C:\windows\system32\DRIVERS\klelam.sys
13:28:30.0979 0x111c  klelam - ok
13:28:31.0010 0x111c  [ BC996B5D96CB7463268DE67E2D99F496, F2763242B69B1290FCAF54B6353BC1469C47D774724249D4CB9BFEC100890970 ] klflt           C:\windows\system32\DRIVERS\klflt.sys
13:28:31.0026 0x111c  klflt - ok
13:28:31.0120 0x111c  [ E8D6C80D4E11383CEE269F9C27E6464C, 5E9EAD64AE221AE8BF87730A7FDDF8023805184D12A058A147ECD887FA3D3012 ] KLIF            C:\windows\system32\DRIVERS\klif.sys
13:28:31.0151 0x111c  KLIF - ok
13:28:31.0229 0x111c  [ B6822DEFE601629F19E0A2D7F0D623F2, FD71A2AA3FC4698B5436D185E2F2A3EB6A111AE8F35606E1658E2D18CE744F13 ] KLIM6           C:\windows\system32\DRIVERS\klim6.sys
13:28:31.0245 0x111c  KLIM6 - ok
13:28:31.0276 0x111c  [ B45DEC5BD71885E833DF3D837CE7C606, 8A81802122EE6BD791E36F9F27D921C9BC4D5B6604C0A79F9F1D806AD44B9869 ] klkbdflt        C:\windows\system32\DRIVERS\klkbdflt.sys
13:28:31.0307 0x111c  klkbdflt - ok
13:28:31.0323 0x111c  [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt        C:\windows\system32\DRIVERS\klmouflt.sys
13:28:31.0338 0x111c  klmouflt - ok
13:28:31.0354 0x111c  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\windows\system32\DRIVERS\klpd.sys
13:28:31.0370 0x111c  klpd - ok
13:28:31.0385 0x111c  [ EAAF7E0936CC5474F433B684A2C68CF2, 5E5E5D324000F2209C7E32DC965FBD822850B4E1351887A93B50FB79844BF781 ] klwfp           C:\windows\system32\DRIVERS\klwfp.sys
13:28:31.0401 0x111c  klwfp - ok
13:28:31.0479 0x111c  [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps           C:\windows\system32\DRIVERS\kneps.sys
13:28:31.0495 0x111c  kneps - ok
13:28:31.0557 0x111c  [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
13:28:31.0573 0x111c  KSecDD - ok
13:28:31.0635 0x111c  [ 3DD9C86EA88E8B5A51904AD87E1F2E78, F9EC9A571212117C01934CD29057EB1B3FA095F670294244AF7D9387D3F6E555 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
13:28:31.0651 0x111c  KSecPkg - ok
13:28:31.0698 0x111c  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
13:28:31.0729 0x111c  ksthunk - ok
13:28:31.0776 0x111c  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\windows\system32\msdtckrm.dll
13:28:31.0807 0x111c  KtmRm - ok
13:28:31.0839 0x111c  [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer    C:\windows\System32\srvsvc.dll
13:28:31.0917 0x111c  LanmanServer - ok
13:28:31.0932 0x111c  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:28:31.0948 0x111c  LanmanWorkstation - ok
13:28:31.0964 0x111c  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
13:28:31.0995 0x111c  lltdio - ok
13:28:32.0026 0x111c  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\windows\System32\lltdsvc.dll
13:28:32.0057 0x111c  lltdsvc - ok
13:28:32.0073 0x111c  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\windows\System32\lmhsvc.dll
13:28:32.0135 0x111c  lmhosts - ok
13:28:32.0167 0x111c  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:28:32.0182 0x111c  LMS - ok
13:28:32.0214 0x111c  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
13:28:32.0245 0x111c  LSI_SAS - ok
13:28:32.0276 0x111c  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
13:28:32.0292 0x111c  LSI_SAS2 - ok
13:28:32.0354 0x111c  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
13:28:32.0370 0x111c  LSI_SCSI - ok
13:28:32.0401 0x111c  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
13:28:32.0417 0x111c  LSI_SSS - ok
13:28:32.0510 0x111c  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM             C:\windows\System32\lsm.dll
13:28:32.0573 0x111c  LSM - ok
13:28:32.0604 0x111c  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\windows\system32\drivers\luafv.sys
13:28:32.0698 0x111c  luafv - ok
13:28:32.0714 0x111c  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\windows\system32\drivers\megasas.sys
13:28:32.0729 0x111c  megasas - ok
13:28:32.0823 0x111c  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
13:28:32.0901 0x111c  MegaSR - ok
13:28:32.0964 0x111c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\windows\System32\drivers\HECIx64.sys
13:28:32.0979 0x111c  MEIx64 - ok
13:28:33.0026 0x111c  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\windows\system32\mmcss.dll
13:28:33.0151 0x111c  MMCSS - ok
13:28:33.0182 0x111c  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\windows\system32\drivers\modem.sys
13:28:33.0229 0x111c  Modem - ok
13:28:33.0276 0x111c  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\windows\System32\drivers\monitor.sys
13:28:33.0339 0x111c  monitor - ok
13:28:33.0370 0x111c  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\windows\System32\drivers\mouclass.sys
13:28:33.0385 0x111c  mouclass - ok
13:28:33.0432 0x111c  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\windows\System32\drivers\mouhid.sys
13:28:33.0557 0x111c  mouhid - ok
13:28:33.0589 0x111c  [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
13:28:33.0620 0x111c  mountmgr - ok
13:28:33.0651 0x111c  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
13:28:33.0839 0x111c  mpsdrv - ok
13:28:34.0057 0x111c  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\windows\system32\mpssvc.dll
13:28:34.0167 0x111c  MpsSvc - ok
13:28:34.0198 0x111c  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
13:28:34.0339 0x111c  MRxDAV - ok
13:28:34.0495 0x111c  [ 14EE56050E1637926F5CFA65B1F4209B, C654280B4BB461898B43DF350B5BB76C2FDEBD6B49A19D08B2F28D92E2FA3D0D ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
13:28:34.0557 0x111c  mrxsmb - ok
13:28:34.0682 0x111c  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
13:28:34.0714 0x111c  mrxsmb10 - ok
13:28:34.0823 0x111c  [ 0AA400AB21745F1153ECE75E0186509A, E26696A00008BB8D88ABED6F379FFFAE21ACE9AA7108D9E89A7D99CAF2F23FEF ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
13:28:35.0229 0x111c  mrxsmb20 - ok
13:28:35.0276 0x111c  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
13:28:35.0370 0x111c  MsBridge - ok
13:28:35.0401 0x111c  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\windows\System32\msdtc.exe
13:28:35.0620 0x111c  MSDTC - ok
13:28:35.0682 0x111c  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\windows\system32\drivers\Msfs.sys
13:28:35.0698 0x111c  Msfs - ok
13:28:35.0932 0x111c  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
13:28:36.0089 0x111c  msgpiowin32 - ok
13:28:36.0401 0x111c  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
13:28:36.0479 0x111c  mshidkmdf - ok
13:28:36.0558 0x111c  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
13:28:36.0776 0x111c  mshidumdf - ok
13:28:36.0995 0x111c  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
13:28:37.0011 0x111c  msisadrv - ok
13:28:37.0308 0x111c  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\windows\system32\iscsiexe.dll
13:28:37.0542 0x111c  MSiSCSI - ok
13:28:37.0542 0x111c  msiserver - ok
13:28:37.0792 0x111c  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
13:28:38.0104 0x111c  MSKSSRV - ok
13:28:38.0198 0x111c  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
13:28:38.0245 0x111c  MsLldp - ok
13:28:38.0511 0x111c  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
13:28:38.0901 0x111c  MSPCLOCK - ok
13:28:39.0042 0x111c  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
13:28:39.0370 0x111c  MSPQM - ok
13:28:39.0651 0x111c  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
13:28:39.0683 0x111c  MsRPC - ok
13:28:39.0901 0x111c  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
13:28:40.0589 0x111c  mssmbios - ok
13:28:40.0745 0x111c  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
13:28:41.0542 0x111c  MSTEE - ok
13:28:41.0667 0x111c  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
13:28:42.0120 0x111c  MTConfig - ok
13:28:42.0292 0x111c  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\windows\system32\Drivers\mup.sys
13:28:42.0355 0x111c  Mup - ok
13:28:42.0480 0x111c  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\windows\system32\drivers\mvumis.sys
13:28:42.0886 0x111c  mvumis - ok
13:28:43.0152 0x111c  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\windows\system32\qagentRT.dll
13:28:43.0277 0x111c  napagent - ok
13:28:43.0605 0x111c  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
13:28:43.0902 0x111c  NativeWifiP - ok
13:28:43.0933 0x111c  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\windows\System32\ncasvc.dll
13:28:43.0980 0x111c  NcaSvc - ok
13:28:44.0011 0x111c  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
13:28:44.0074 0x111c  NcdAutoSetup - ok
13:28:44.0120 0x111c  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\windows\system32\drivers\ndis.sys
13:28:44.0152 0x111c  NDIS - ok
13:28:44.0183 0x111c  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
13:28:44.0199 0x111c  NdisCap - ok
13:28:44.0214 0x111c  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
13:28:44.0308 0x111c  NdisImPlatform - ok
13:28:44.0339 0x111c  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
13:28:44.0433 0x111c  NdisTapi - ok
13:28:44.0464 0x111c  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
13:28:44.0495 0x111c  Ndisuio - ok
13:28:44.0511 0x111c  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
13:28:44.0542 0x111c  NdisWan - ok
13:28:44.0574 0x111c  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
13:28:44.0574 0x111c  NDISWANLEGACY - ok
13:28:44.0605 0x111c  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
13:28:44.0636 0x111c  NDProxy - ok
13:28:44.0652 0x111c  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\windows\system32\drivers\Ndu.sys
13:28:44.0683 0x111c  Ndu - ok
13:28:44.0699 0x111c  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
13:28:44.0714 0x111c  NetBIOS - ok
13:28:44.0730 0x111c  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
13:28:44.0777 0x111c  NetBT - ok
13:28:44.0792 0x111c  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\windows\system32\lsass.exe
13:28:44.0808 0x111c  Netlogon - ok
13:28:44.0824 0x111c  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\windows\System32\netman.dll
13:28:44.0855 0x111c  Netman - ok
13:28:44.0902 0x111c  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\windows\System32\netprofmsvc.dll
13:28:44.0964 0x111c  netprofm - ok
13:28:45.0074 0x111c  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:28:45.0089 0x111c  NetTcpPortSharing - ok
13:28:45.0120 0x111c  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
13:28:45.0136 0x111c  nfrd960 - ok
13:28:45.0183 0x111c  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\windows\System32\nlasvc.dll
13:28:45.0308 0x111c  NlaSvc - ok
13:28:45.0370 0x111c  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\windows\system32\drivers\Npfs.sys
13:28:45.0386 0x111c  Npfs - ok
13:28:45.0402 0x111c  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
13:28:45.0449 0x111c  npsvctrig - ok
13:28:45.0495 0x111c  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\windows\system32\nsisvc.dll
13:28:45.0511 0x111c  nsi - ok
13:28:45.0574 0x111c  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
13:28:45.0652 0x111c  nsiproxy - ok
13:28:45.0902 0x111c  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
13:28:45.0995 0x111c  Ntfs - ok
13:28:46.0042 0x111c  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\windows\system32\drivers\Null.sys
13:28:46.0074 0x111c  Null - ok
13:28:47.0386 0x111c  [ 5104BAC2DA2A5BDD86AC6B0708B00F06, A02501514F8517CB5A6CFE4352A3D0F864153470015589428A6B14477E791514 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
13:28:47.0824 0x111c  nvlddmkm - ok
13:28:47.0855 0x111c  [ 918841B2454F4F2BD94479692079490B, 16667315DE4EB5543E176273362791B157223E775ED1CF285330CC8195E0F1BB ] nvpciflt        C:\windows\system32\DRIVERS\nvpciflt.sys
13:28:47.0871 0x111c  nvpciflt - ok
13:28:47.0933 0x111c  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\windows\system32\drivers\nvraid.sys
13:28:47.0933 0x111c  nvraid - ok
13:28:48.0011 0x111c  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\windows\system32\drivers\nvstor.sys
13:28:48.0027 0x111c  nvstor - ok
13:28:48.0089 0x111c  [ DDFAFCE89A5C93D04712B86F94E9FCBA, 377303D4CAC9E3AD5B58894CF7AECDA4FCD3D721568BE8BACC0A897A0956919A ] nvsvc           C:\windows\system32\nvvsvc.exe
13:28:48.0105 0x111c  nvsvc - ok
13:28:48.0199 0x111c  [ 249357999355A998AA94A3673C3367EB, D33A231EB1B09A838446CE7C4A057CF0DE7C1C62639703EB920BA554EB8A4E0B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:28:48.0261 0x111c  nvUpdatusService - ok
13:28:48.0277 0x111c  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
13:28:48.0292 0x111c  nv_agp - ok
13:28:48.0355 0x111c  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:28:48.0386 0x111c  ose - ok
13:28:48.0433 0x111c  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
13:28:48.0496 0x111c  p2pimsvc - ok
13:28:48.0527 0x111c  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\windows\system32\p2psvc.dll
13:28:48.0558 0x111c  p2psvc - ok
13:28:48.0589 0x111c  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\windows\System32\drivers\parport.sys
13:28:48.0605 0x111c  Parport - ok
13:28:48.0636 0x111c  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\windows\system32\drivers\partmgr.sys
13:28:48.0636 0x111c  partmgr - ok
13:28:48.0668 0x111c  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\windows\System32\pcasvc.dll
13:28:48.0746 0x111c  PcaSvc - ok
13:28:48.0777 0x111c  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\windows\system32\drivers\pci.sys
13:28:48.0793 0x111c  pci - ok
13:28:48.0793 0x111c  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\windows\system32\drivers\pciide.sys
13:28:48.0808 0x111c  pciide - ok
13:28:48.0824 0x111c  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
13:28:48.0839 0x111c  pcmcia - ok
13:28:48.0855 0x111c  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\windows\system32\drivers\pcw.sys
13:28:48.0855 0x111c  pcw - ok
13:28:48.0902 0x111c  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\windows\system32\drivers\pdc.sys
13:28:48.0902 0x111c  pdc - ok
13:28:48.0949 0x111c  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
13:28:49.0043 0x111c  PEAUTH - ok
13:28:49.0449 0x111c  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\windows\SysWow64\perfhost.exe
13:28:49.0496 0x111c  PerfHost - ok
13:28:49.0746 0x111c  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\windows\system32\pla.dll
13:28:49.0839 0x111c  pla - ok
13:28:49.0871 0x111c  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
13:28:49.0886 0x111c  PlugPlay - ok
13:28:49.0933 0x111c  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
13:28:49.0980 0x111c  PNRPAutoReg - ok
13:28:50.0011 0x111c  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
13:28:50.0027 0x111c  PNRPsvc - ok
13:28:50.0043 0x111c  [ 6F5DDC52A9103CC8E1ED5892C1D15613, 9B0DEB0DF5004BB67AE25C8381607C0B75CA356048296F25C0150E3ED4D0F1EF ] Point64         C:\windows\System32\drivers\point64.sys
13:28:50.0074 0x111c  Point64 - ok
13:28:50.0105 0x111c  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
13:28:50.0136 0x111c  PolicyAgent - ok
13:28:50.0168 0x111c  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\windows\system32\umpo.dll
13:28:50.0230 0x111c  Power - ok
13:28:50.0261 0x111c  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
13:28:50.0277 0x111c  PptpMiniport - ok
13:28:50.0933 0x111c  [ EE553F62E81D7F7F3718DB960A1EF2C0, 84A8C79B4F51D606F567A038280007F278D57BE06AB0F060E4D43AC1347AB459 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
13:28:51.0277 0x111c  PrintNotify - ok
13:28:51.0308 0x111c  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\windows\System32\drivers\processr.sys
13:28:51.0340 0x111c  Processor - ok
13:28:51.0355 0x111c  [ 7319B31138CF508E0C4502946657A4B4, 03C57F90F673012B983720D1477822AABA6D6D54F700AB2248CAED6451B37CA3 ] ProfSvc         C:\windows\system32\profsvc.dll
13:28:51.0418 0x111c  ProfSvc - ok
13:28:51.0433 0x111c  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
13:28:51.0449 0x111c  Psched - ok
13:28:51.0480 0x111c  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\windows\system32\qwave.dll
13:28:51.0527 0x111c  QWAVE - ok
13:28:51.0543 0x111c  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
13:28:51.0574 0x111c  QWAVEdrv - ok
13:28:51.0605 0x111c  [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini    C:\windows\System32\drivers\RadioHIDMini.sys
13:28:51.0636 0x111c  RadioHIDMini - ok
13:28:51.0652 0x111c  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
13:28:51.0668 0x111c  RasAcd - ok
13:28:51.0668 0x111c  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
13:28:51.0683 0x111c  RasAgileVpn - ok
13:28:51.0715 0x111c  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\windows\System32\rasauto.dll
13:28:51.0746 0x111c  RasAuto - ok
13:28:51.0777 0x111c  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
13:28:51.0793 0x111c  Rasl2tp - ok
13:28:51.0808 0x111c  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\windows\System32\rasmans.dll
13:28:51.0840 0x111c  RasMan - ok
13:28:51.0855 0x111c  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
13:28:51.0871 0x111c  RasPppoe - ok
13:28:51.0886 0x111c  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
13:28:51.0902 0x111c  RasSstp - ok
13:28:51.0949 0x111c  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
13:28:52.0027 0x111c  rdbss - ok
13:28:52.0043 0x111c  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
13:28:52.0090 0x111c  rdpbus - ok
13:28:52.0105 0x111c  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
13:28:52.0152 0x111c  RDPDR - ok
13:28:52.0183 0x111c  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
13:28:52.0199 0x111c  RdpVideoMiniport - ok
13:28:52.0230 0x111c  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
13:28:52.0246 0x111c  RDPWD - ok
13:28:52.0277 0x111c  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
13:28:52.0293 0x111c  rdyboost - ok
13:28:52.0308 0x111c  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\windows\System32\mprdim.dll
13:28:52.0340 0x111c  RemoteAccess - ok
13:28:52.0371 0x111c  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\windows\system32\regsvc.dll
13:28:52.0402 0x111c  RemoteRegistry - ok
13:28:52.0433 0x111c  [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
13:28:52.0465 0x111c  RFCOMM - ok
13:28:52.0480 0x111c  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
13:28:52.0558 0x111c  RpcEptMapper - ok
13:28:52.0574 0x111c  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\windows\system32\locator.exe
13:28:52.0590 0x111c  RpcLocator - ok
13:28:52.0636 0x111c  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\windows\system32\rpcss.dll
13:28:52.0652 0x111c  RpcSs - ok
13:28:52.0699 0x111c  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
13:28:52.0746 0x111c  rspndr - ok
13:28:52.0793 0x111c  [ 7D9DA8EC6784A9EE213C676709D46BE6, 9861D1EF107F7D1590B89098EAEA7F509C1EF46999C37703F3766BAD733D8AD2 ] RTL8168         C:\windows\system32\DRIVERS\Rt630x64.sys
13:28:52.0808 0x111c  RTL8168 - ok
13:28:52.0871 0x111c  [ 4CA0DBA9E224473D664C25E411F5A3BD, 71423A66165782EFB4DB7BE6CE48DDB463D9F65FD0F266D333A6558791D158E5 ] rtport          C:\windows\SysWOW64\drivers\rtport.sys
13:28:52.0886 0x111c  rtport - ok
13:28:52.0902 0x111c  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
13:28:52.0918 0x111c  s3cap - ok
13:28:52.0949 0x111c  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs           C:\windows\system32\lsass.exe
13:28:52.0949 0x111c  SamSs - ok
13:28:52.0949 0x111c  SBIOSIO - ok
13:28:52.0965 0x111c  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
13:28:52.0980 0x111c  sbp2port - ok
13:28:53.0011 0x111c  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\windows\System32\SCardSvr.dll
13:28:53.0043 0x111c  SCardSvr - ok
13:28:53.0074 0x111c  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
13:28:53.0090 0x111c  scfilter - ok
13:28:53.0152 0x111c  [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule        C:\windows\system32\schedsvc.dll
13:28:53.0277 0x111c  Schedule - ok
13:28:53.0293 0x111c  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\windows\System32\certprop.dll
13:28:53.0308 0x111c  SCPolicySvc - ok
13:28:53.0355 0x111c  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\windows\System32\drivers\sdbus.sys
13:28:53.0387 0x111c  sdbus - ok
13:28:53.0418 0x111c  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\windows\System32\SDRSVC.dll
13:28:53.0480 0x111c  SDRSVC - ok
13:28:53.0496 0x111c  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\windows\System32\drivers\sdstor.sys
13:28:53.0511 0x111c  sdstor - ok
13:28:53.0543 0x111c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
13:28:53.0558 0x111c  secdrv - ok
13:28:53.0590 0x111c  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\windows\system32\seclogon.dll
13:28:53.0637 0x111c  seclogon - ok
13:28:53.0668 0x111c  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\windows\system32\sens.dll
13:28:53.0683 0x111c  SENS - ok
13:28:53.0715 0x111c  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\windows\system32\sensrsvc.dll
13:28:53.0777 0x111c  SensrSvc - ok
13:28:53.0808 0x111c  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\windows\system32\drivers\SerCx.sys
13:28:53.0824 0x111c  SerCx - ok
13:28:53.0840 0x111c  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\windows\System32\drivers\serenum.sys
13:28:53.0855 0x111c  Serenum - ok
13:28:53.0871 0x111c  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\windows\System32\drivers\serial.sys
13:28:53.0902 0x111c  Serial - ok
13:28:53.0918 0x111c  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\windows\System32\drivers\sermouse.sys
13:28:53.0918 0x111c  sermouse - ok
13:28:53.0965 0x111c  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\windows\system32\sessenv.dll
13:28:53.0980 0x111c  SessionEnv - ok
13:28:53.0996 0x111c  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
13:28:54.0012 0x111c  sfloppy - ok
13:28:54.0058 0x111c  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\windows\System32\ipnathlp.dll
13:28:54.0090 0x111c  SharedAccess - ok
13:28:54.0152 0x111c  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:28:54.0262 0x111c  ShellHWDetection - ok
13:28:54.0277 0x111c  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
13:28:54.0277 0x111c  SiSRaid2 - ok
13:28:54.0308 0x111c  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
13:28:54.0324 0x111c  SiSRaid4 - ok
13:28:54.0387 0x111c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:28:54.0387 0x111c  SkypeUpdate - ok
13:28:54.0433 0x111c  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
13:28:54.0465 0x111c  SNMPTRAP - ok
13:28:54.0496 0x111c  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\windows\system32\drivers\spaceport.sys
13:28:54.0512 0x111c  spaceport - ok
13:28:54.0527 0x111c  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
13:28:54.0558 0x111c  SpbCx - ok
13:28:54.0605 0x111c  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\windows\System32\spoolsv.exe
13:28:54.0637 0x111c  Spooler - ok
13:28:55.0090 0x111c  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\windows\system32\sppsvc.exe
13:28:55.0371 0x111c  sppsvc - ok
13:28:55.0402 0x111c  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\windows\system32\DRIVERS\srv.sys
13:28:55.0433 0x111c  srv - ok
13:28:55.0480 0x111c  [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
13:28:55.0559 0x111c  srv2 - ok
13:28:55.0590 0x111c  [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
13:28:55.0605 0x111c  srvnet - ok
13:28:55.0637 0x111c  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
13:28:55.0652 0x111c  SSDPSRV - ok
13:28:55.0668 0x111c  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\windows\system32\sstpsvc.dll
13:28:55.0683 0x111c  SstpSvc - ok
13:28:55.0730 0x111c  [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:28:55.0793 0x111c  Steam Client Service - ok
13:28:55.0840 0x111c  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\windows\system32\drivers\stexstor.sys
13:28:55.0855 0x111c  stexstor - ok
13:28:55.0949 0x111c  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\windows\System32\wiaservc.dll
13:28:56.0012 0x111c  stisvc - ok
13:28:56.0043 0x111c  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\windows\system32\drivers\storahci.sys
13:28:56.0059 0x111c  storahci - ok
13:28:56.0074 0x111c  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
13:28:56.0074 0x111c  storflt - ok
13:28:56.0105 0x111c  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\windows\system32\storsvc.dll
13:28:56.0184 0x111c  StorSvc - ok
13:28:56.0215 0x111c  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\windows\system32\drivers\storvsc.sys
13:28:56.0215 0x111c  storvsc - ok
13:28:56.0230 0x111c  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\windows\system32\svsvc.dll
13:28:56.0246 0x111c  svsvc - ok
13:28:56.0262 0x111c  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\windows\System32\drivers\swenum.sys
13:28:56.0277 0x111c  swenum - ok
13:28:56.0293 0x111c  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\windows\System32\swprv.dll
13:28:56.0340 0x111c  swprv - ok
13:28:56.0527 0x111c  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\windows\system32\sysmain.dll
13:28:56.0637 0x111c  SysMain - ok
13:28:56.0652 0x111c  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
13:28:56.0715 0x111c  SystemEventsBroker - ok
13:28:56.0746 0x111c  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\windows\System32\TabSvc.dll
13:28:56.0777 0x111c  TabletInputService - ok
13:28:56.0793 0x111c  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\windows\System32\tapisrv.dll
13:28:56.0824 0x111c  TapiSrv - ok
13:28:56.0965 0x111c  [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
13:28:57.0059 0x111c  Tcpip - ok
13:28:57.0371 0x111c  [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
13:28:57.0434 0x111c  TCPIP6 - ok
13:28:57.0496 0x111c  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
13:28:57.0527 0x111c  tcpipreg - ok
13:28:57.0559 0x111c  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
13:28:57.0574 0x111c  tdx - ok
13:28:57.0590 0x111c  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\windows\System32\drivers\terminpt.sys
13:28:57.0605 0x111c  terminpt - ok
13:28:57.0762 0x111c  [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService     C:\windows\System32\termsrv.dll
13:28:57.0855 0x111c  TermService - ok
13:28:57.0887 0x111c  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\windows\system32\themeservice.dll
13:28:57.0918 0x111c  Themes - ok
13:28:57.0949 0x111c  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\windows\system32\mmcss.dll
13:28:57.0949 0x111c  THREADORDER - ok
13:28:58.0012 0x111c  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
13:28:58.0043 0x111c  TimeBroker - ok
13:28:58.0074 0x111c  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\windows\system32\drivers\tpm.sys
13:28:58.0090 0x111c  TPM - ok
13:28:58.0106 0x111c  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\windows\System32\trkwks.dll
13:28:58.0137 0x111c  TrkWks - ok
13:28:58.0199 0x111c  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:28:58.0309 0x111c  TrustedInstaller - ok
13:28:58.0324 0x111c  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
13:28:58.0371 0x111c  TsUsbFlt - ok
13:28:58.0387 0x111c  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
13:28:58.0402 0x111c  TsUsbGD - ok
13:28:58.0418 0x111c  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
13:28:58.0434 0x111c  tunnel - ok
13:28:58.0465 0x111c  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\windows\system32\drivers\uagp35.sys
13:28:58.0481 0x111c  uagp35 - ok
13:28:58.0496 0x111c  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
13:28:58.0512 0x111c  UASPStor - ok
13:28:58.0559 0x111c  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
13:28:58.0574 0x111c  UCX01000 - ok
13:28:58.0621 0x111c  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
13:28:58.0652 0x111c  udfs - ok
13:28:58.0684 0x111c  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\windows\system32\UI0Detect.exe
13:28:58.0715 0x111c  UI0Detect - ok
13:28:58.0746 0x111c  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
13:28:58.0746 0x111c  uliagpkx - ok
13:28:58.0762 0x111c  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\windows\System32\drivers\umbus.sys
13:28:58.0793 0x111c  umbus - ok
13:28:58.0809 0x111c  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\windows\System32\drivers\umpass.sys
13:28:58.0809 0x111c  UmPass - ok
13:28:58.0871 0x111c  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\windows\System32\umrdp.dll
13:28:58.0934 0x111c  UmRdpService - ok
13:28:59.0121 0x111c  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:28:59.0137 0x111c  UNS - ok
13:28:59.0184 0x111c  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\windows\System32\upnphost.dll
13:28:59.0199 0x111c  upnphost - ok
13:28:59.0231 0x111c  [ 9E9F21FF91D7ECC0BCCB94D3FE52A959, 85461393D62ED939F6741C2D0A90C8AB34F4415173223BB4CFC119715D10E7A7 ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
13:28:59.0262 0x111c  usbaudio - ok
13:28:59.0293 0x111c  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
13:28:59.0340 0x111c  usbccgp - ok
13:28:59.0371 0x111c  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\windows\System32\drivers\usbcir.sys
13:28:59.0387 0x111c  usbcir - ok
13:28:59.0418 0x111c  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\windows\System32\drivers\usbehci.sys
13:28:59.0434 0x111c  usbehci - ok
13:28:59.0465 0x111c  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\windows\System32\drivers\usbhub.sys
13:28:59.0481 0x111c  usbhub - ok
13:28:59.0527 0x111c  [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
13:28:59.0543 0x111c  USBHUB3 - ok
13:28:59.0590 0x111c  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\windows\System32\drivers\usbohci.sys
13:28:59.0652 0x111c  usbohci - ok
13:28:59.0684 0x111c  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\windows\System32\drivers\usbprint.sys
13:28:59.0731 0x111c  usbprint - ok
13:28:59.0762 0x111c  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
13:28:59.0777 0x111c  USBSTOR - ok
13:28:59.0809 0x111c  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
13:28:59.0824 0x111c  usbuhci - ok
13:28:59.0871 0x111c  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
13:28:59.0887 0x111c  usbvideo - ok
13:28:59.0934 0x111c  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
13:28:59.0949 0x111c  USBXHCI - ok
13:28:59.0965 0x111c  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\windows\system32\lsass.exe
13:28:59.0981 0x111c  VaultSvc - ok
13:29:00.0027 0x111c  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
13:29:00.0043 0x111c  vdrvroot - ok
13:29:00.0090 0x111c  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\windows\System32\vds.exe
13:29:00.0168 0x111c  vds - ok
13:29:00.0199 0x111c  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
13:29:00.0231 0x111c  VerifierExt - ok
13:29:00.0262 0x111c  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
13:29:00.0277 0x111c  vhdmp - ok
13:29:00.0309 0x111c  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\windows\system32\drivers\viaide.sys
13:29:00.0309 0x111c  viaide - ok
13:29:00.0324 0x111c  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\windows\system32\drivers\vmbus.sys
13:29:00.0340 0x111c  vmbus - ok
13:29:00.0356 0x111c  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
13:29:00.0371 0x111c  VMBusHID - ok
13:29:00.0402 0x111c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\windows\System32\ICSvc.dll
13:29:00.0418 0x111c  vmicheartbeat - ok
13:29:00.0418 0x111c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\windows\System32\ICSvc.dll
13:29:00.0434 0x111c  vmickvpexchange - ok
13:29:00.0434 0x111c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\windows\System32\ICSvc.dll
13:29:00.0449 0x111c  vmicrdv - ok
13:29:00.0465 0x111c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\windows\System32\ICSvc.dll
13:29:00.0481 0x111c  vmicshutdown - ok
13:29:00.0543 0x111c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\windows\System32\ICSvc.dll
13:29:00.0543 0x111c  vmictimesync - ok
13:29:00.0574 0x111c  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\windows\System32\ICSvc.dll
13:29:00.0590 0x111c  vmicvss - ok
13:29:00.0606 0x111c  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\windows\system32\drivers\volmgr.sys
13:29:00.0621 0x111c  volmgr - ok
13:29:00.0699 0x111c  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
13:29:00.0715 0x111c  volmgrx - ok
13:29:00.0793 0x111c  [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap         C:\windows\system32\drivers\volsnap.sys
13:29:00.0824 0x111c  volsnap - ok
13:29:00.0856 0x111c  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\windows\System32\drivers\vpci.sys
13:29:00.0871 0x111c  vpci - ok
13:29:00.0903 0x111c  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
13:29:00.0918 0x111c  vsmraid - ok
13:29:01.0121 0x111c  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\windows\system32\vssvc.exe
13:29:01.0246 0x111c  VSS - ok
13:29:01.0293 0x111c  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
13:29:01.0324 0x111c  VSTXRAID - ok
13:29:01.0340 0x111c  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
13:29:01.0403 0x111c  vwifibus - ok
13:29:01.0449 0x111c  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
13:29:01.0465 0x111c  vwififlt - ok
13:29:01.0496 0x111c  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
13:29:01.0528 0x111c  vwifimp - ok
13:29:01.0637 0x111c  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\windows\system32\w32time.dll
13:29:01.0684 0x111c  W32Time - ok
13:29:01.0699 0x111c  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\windows\System32\drivers\wacompen.sys
13:29:01.0746 0x111c  WacomPen - ok
13:29:01.0809 0x111c  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
13:29:01.0840 0x111c  Wanarp - ok
13:29:01.0840 0x111c  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
13:29:01.0840 0x111c  Wanarpv6 - ok
13:29:02.0137 0x111c  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\windows\system32\wbengine.exe
13:29:02.0403 0x111c  wbengine - ok
13:29:02.0512 0x111c  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
13:29:02.0574 0x111c  WbioSrvc - ok
13:29:02.0606 0x111c  [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc          C:\windows\System32\wcmsvc.dll
13:29:02.0668 0x111c  Wcmsvc - ok
13:29:02.0699 0x111c  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\windows\System32\wcncsvc.dll
13:29:02.0746 0x111c  wcncsvc - ok
13:29:02.0778 0x111c  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
13:29:02.0856 0x111c  WcsPlugInService - ok
13:29:02.0871 0x111c  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\windows\system32\drivers\wd.sys
13:29:02.0887 0x111c  Wd - ok
13:29:02.0903 0x111c  [ 3772FF85F0098686B0DCD77076AE0786, 8B0221F6003C53856676FFD9CDCFF43DF29B410AB2F340C10BB858F0E6EC14CE ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
13:29:02.0918 0x111c  WdBoot - ok
13:29:02.0965 0x111c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
13:29:02.0996 0x111c  Wdf01000 - ok
13:29:03.0012 0x111c  [ AB6F7DE8BFBF61A42F8764D9A621BD8B, DEFDC9FDC0B234403EE1339105B8D12B486D77B3BA01A703339B5DB8B95FA4D8 ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
13:29:03.0028 0x111c  WdFilter - ok
13:29:03.0043 0x111c  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\windows\system32\wdi.dll
13:29:03.0074 0x111c  WdiServiceHost - ok
13:29:03.0074 0x111c  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\windows\system32\wdi.dll
13:29:03.0090 0x111c  WdiSystemHost - ok
13:29:03.0184 0x111c  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\windows\System32\webclnt.dll
13:29:03.0309 0x111c  WebClient - ok
13:29:03.0387 0x111c  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\windows\system32\wecsvc.dll
13:29:03.0434 0x111c  Wecsvc - ok
13:29:03.0465 0x111c  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\windows\System32\wercplsupport.dll
13:29:03.0559 0x111c  wercplsupport - ok
13:29:03.0575 0x111c  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\windows\System32\WerSvc.dll
13:29:03.0653 0x111c  WerSvc - ok
13:29:03.0684 0x111c  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
13:29:03.0700 0x111c  WFPLWFS - ok
13:29:03.0731 0x111c  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\windows\System32\wiarpc.dll
13:29:03.0746 0x111c  WiaRpc - ok
13:29:03.0778 0x111c  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
13:29:03.0793 0x111c  WIMMount - ok
13:29:03.0825 0x111c  WinDefend - ok
13:29:03.0950 0x111c  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
13:29:04.0059 0x111c  WinHttpAutoProxySvc - ok
13:29:04.0137 0x111c  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
13:29:04.0184 0x111c  Winmgmt - ok
13:29:04.0637 0x111c  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\windows\system32\WsmSvc.dll
13:29:04.0762 0x111c  WinRM - ok
13:29:04.0825 0x111c  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
13:29:04.0840 0x111c  WinUsb - ok
13:29:05.0075 0x111c  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\windows\System32\wlansvc.dll
13:29:05.0184 0x111c  WlanSvc - ok
13:29:05.0450 0x111c  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\windows\system32\wlidsvc.dll
13:29:05.0575 0x111c  wlidsvc - ok
13:29:05.0606 0x111c  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
13:29:05.0606 0x111c  WmiAcpi - ok
13:29:05.0637 0x111c  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
13:29:05.0653 0x111c  wmiApSrv - ok
13:29:05.0684 0x111c  WMPNetworkSvc - ok
13:29:05.0700 0x111c  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
13:29:05.0778 0x111c  wpcfltr - ok
13:29:05.0809 0x111c  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\windows\System32\wpcsvc.dll
13:29:05.0809 0x111c  WPCSvc - ok
13:29:05.0840 0x111c  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
13:29:05.0887 0x111c  WPDBusEnum - ok
13:29:05.0903 0x111c  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
13:29:05.0950 0x111c  WpdUpFltr - ok
13:29:05.0965 0x111c  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
13:29:05.0981 0x111c  ws2ifsl - ok
13:29:06.0012 0x111c  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\windows\system32\wscsvc.dll
13:29:06.0059 0x111c  wscsvc - ok
13:29:06.0059 0x111c  WSearch - ok
13:29:06.0215 0x111c  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\windows\System32\WSService.dll
13:29:06.0340 0x111c  WSService - ok
13:29:06.0903 0x111c  [ 10EA2DBD2820A504D98D19F5EDAAFC04, 5B84D7C169CBAEBCE4A03BB89426E74DBF5AFCA1F8FDE2A5BC1006A8464D7E24 ] wuauserv        C:\windows\system32\wuaueng.dll
13:29:07.0106 0x111c  wuauserv - ok
13:29:07.0137 0x111c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
13:29:07.0153 0x111c  WudfPf - ok
13:29:07.0184 0x111c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP    C:\windows\system32\DRIVERS\WUDFRd.sys
13:29:07.0215 0x111c  WUDFSensorLP - ok
13:29:07.0247 0x111c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
13:29:07.0262 0x111c  wudfsvc - ok
13:29:07.0262 0x111c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
13:29:07.0278 0x111c  WUDFWpdFs - ok
13:29:07.0293 0x111c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
13:29:07.0293 0x111c  WUDFWpdMtp - ok
13:29:07.0418 0x111c  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\windows\System32\wwansvc.dll
13:29:07.0465 0x111c  WwanSvc - ok
13:29:07.0544 0x111c  [ 918C73F0275D7813E6F01E100B39DBD9, 06D08C9B0894A307A4D215B445A5EA08CD53DEA19526FECBB4ADDB833D1070D1 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
13:29:07.0575 0x111c  ZAtheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
13:29:07.0575 0x111c  ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - warning
13:29:07.0590 0x111c  ================ Scan global ===============================
13:29:07.0637 0x111c  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\windows\system32\basesrv.dll
13:29:07.0668 0x111c  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\windows\system32\winsrv.dll
13:29:07.0700 0x111c  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\windows\system32\sxssrv.dll
13:29:07.0731 0x111c  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\windows\system32\services.exe
13:29:07.0747 0x111c  [ Global ] - ok
13:29:07.0747 0x111c  ================ Scan MBR ==================================
13:29:07.0762 0x111c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:29:08.0528 0x111c  \Device\Harddisk0\DR0 - ok
13:29:08.0528 0x111c  ================ Scan VBR ==================================
13:29:08.0544 0x111c  [ 1FC715F2428BA6E96A6F124B92E56B6A ] \Device\Harddisk0\DR0\Partition1
13:29:08.0606 0x111c  \Device\Harddisk0\DR0\Partition1 - ok
13:29:08.0653 0x111c  [ 5DDE506F3FC7D38EA5A21189EB0B01D3 ] \Device\Harddisk0\DR0\Partition2
13:29:08.0684 0x111c  \Device\Harddisk0\DR0\Partition2 - ok
13:29:08.0715 0x111c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
13:29:08.0715 0x111c  \Device\Harddisk0\DR0\Partition3 - ok
13:29:08.0731 0x111c  [ BB8589C567F65DF46E5BFA6D7423EA1E ] \Device\Harddisk0\DR0\Partition4
13:29:08.0747 0x111c  \Device\Harddisk0\DR0\Partition4 - ok
13:29:08.0778 0x111c  [ E532332B129E69B1D410A7B867757292 ] \Device\Harddisk0\DR0\Partition5
13:29:08.0825 0x111c  \Device\Harddisk0\DR0\Partition5 - ok
13:29:08.0887 0x111c  [ EF6FF3C44BF364AA3EA34DF71733DFAE ] \Device\Harddisk0\DR0\Partition6
13:29:08.0919 0x111c  \Device\Harddisk0\DR0\Partition6 - ok
13:29:08.0919 0x111c  ================ Scan generic autorun ======================
13:29:10.0387 0x111c  [ C2A0B14B6E6555CF9D53ECB142465697, 9611506ED174E82516CB1614BFE5730B0BDDE76D58574D0406C1FED873F6308D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:29:10.0762 0x111c  RtHDVCpl - ok
13:29:10.0934 0x111c  [ BED2FC346920A8B9F5B6CA9417A50E8F, 8F4B3E6987CA3BDB9D7C6DC59CB6578C26E95760E1D72FF78E89D76787FFECFA ] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
13:29:10.0981 0x111c  BtTray - ok
13:29:10.0997 0x111c  [ 4518F9E8966D584FF52B2D3A65E2320D, 9F3225B91B478C8A0B836F2F3E28014F144109C10A445FA162FA2AF6C3B716E9 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
13:29:10.0997 0x111c  BtvStack - ok
13:29:10.0997 0x111c  ETDCtrl - ok
13:29:11.0028 0x111c  [ 895CD1F7D684E8677F2C50A8D2E86DC1, 6B3D2C1BA6D43363F3CD992F1AB5CF0AC9AD846CFD2A8CAE5CEA662DC315F411 ] C:\windows\system32\igfxtray.exe
13:29:11.0044 0x111c  IgfxTray - ok
13:29:11.0059 0x111c  [ DB2325FF9DF15B943E9A7E678E2CEF57, C22D257DB000FFB1B90E094CE8358D04A5885E6C789CA2A4125AEFE948C5ECD5 ] C:\windows\system32\hkcmd.exe
13:29:11.0075 0x111c  HotKeysCmds - ok
13:29:11.0106 0x111c  [ 1F17B098A2F9F7B7E7B00F4B679F5709, BD80A42D328A0D0C21E10A272E5144ACDEA1311FFD252D4664EE4F5D35B71826 ] C:\windows\system32\igfxpers.exe
13:29:11.0122 0x111c  Persistence - ok
13:29:11.0184 0x111c  [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
13:29:11.0184 0x111c  Intel AppUp(SM) center - ok
13:29:11.0262 0x111c  [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
13:29:11.0278 0x111c  CLMLServer_For_P2G8 - ok
13:29:11.0309 0x111c  [ 44C5C8A5DF192FDC4D530F57612FA49C, DD8D69698361CBD042AEB69BC040DAD92BB642429B68A9169247E1A8A96D391D ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
13:29:11.0325 0x111c  CLVirtualDrive - ok
13:29:11.0372 0x111c  [ AE29724E282EDBE7D0F49E9982642EFD, E7637C08A35F1D7AF810500804FAC45557C5598FA887BE26484B50D305213658 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
13:29:11.0403 0x111c  RemoteControl10 - ok
13:29:11.0450 0x111c  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:29:11.0466 0x111c  SunJavaUpdateSched - ok
13:29:11.0700 0x111c  [ 776F1F9447FDA3F568EC6D1FB74DDD27, A53409B29ACDDB901D395EC4217F5BF366B3F8AFF2817B007AC7558505D18863 ] C:\Program Files (x86)\Steam\Steam.exe
13:29:11.0809 0x111c  Steam - ok
13:29:11.0903 0x111c  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
13:29:11.0934 0x111c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
13:29:11.0950 0x111c  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x41010 ( enabled )
13:29:11.0950 0x111c  ============================================================
13:29:11.0950 0x111c  Scan finished
13:29:11.0950 0x111c  ============================================================
13:29:11.0950 0x0e00  Detected object count: 2
13:29:11.0950 0x0e00  Actual detected object count: 2
13:35:24.0603 0x0e00  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
13:35:24.0603 0x0e00  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:35:24.0603 0x0e00  ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - skipped by user
13:35:24.0603 0x0e00  ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 18.10.2014, 23:05   #5
Bootsektor
/// TB-Ausbilder
 
Windows 8: langsames Internet und Umleitungen auf Werbeseiten - Standard

Windows 8: langsames Internet und Umleitungen auf Werbeseiten



Hallo,

nein, das sind legitime Treiber.

Kannst du mir noch beantworten welche Seiten das sind und wohin du umgeleitet wirst?
Passiert das in allen Browsern?

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Klicke im Anschluss auf Suchlauf, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Aktionen anwenden.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Wähle Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3
Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.


Alt 19.10.2014, 10:04   #6
Don_Helios
 
Windows 8: langsames Internet und Umleitungen auf Werbeseiten - Standard

Windows 8: langsames Internet und Umleitungen auf Werbeseiten



Hallo!
Das Umleiten passiert nur über eine Seite für Erwachsene und nur über Chrome.
Umgeleitet wird man dann auf ähnliche Seiten mit Inhalten für Erwachsene.
Das ist hier alles anonym oder?

Fixlog.txt

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-10-2014
Ran by Elias at 2014-10-19 08:54:24 Run:1
Running from C:\Users\Elias\Desktop
Loaded Profiles: UpdatusUser & Elias (Available profiles: UpdatusUser & Elias)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
*****************

"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa" => Key deleted successfully.
"https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa" => File/Directory not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.

==== End of Fixlog ====
         
mbam.txt

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 19.10.2014
Suchlauf-Zeit: 08:59:31
Logdatei: mbam.txt
Administrator: Nein

Version: 2.00.3.1025
Malware Datenbank: v2014.10.19.02
Rootkit Datenbank: v2014.10.17.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Elias

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 430772
Verstrichene Zeit: 26 Min, 30 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
FRST.txt


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Elias (administrator) on ELIAS-PC on 19-10-2014 09:44:44
Running from C:\Users\Elias\Desktop
Loaded Profiles: UpdatusUser & Elias (Available profiles: UpdatusUser & Elias)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
() C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3777642976-2438380877-1723110391-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1939136 2014-08-28] (Valve Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Elias\AppData\Roaming\Mozilla\Firefox\Profiles\cyltjadc.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-18]

Chrome: 
=======
CHR HomePage: Default -> https://www.google.de/
CHR Profile: C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-21]
CHR Extension: (Google-Suche) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-21]
CHR Extension: (AdBlock) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-12]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-02-18]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-02-18]
CHR Extension: (Virtual Keyboard) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-02-18]
CHR Extension: (Google Wallet) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Google Mail) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-21]
CHR Extension: (Anti-Banner) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-02-18]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-18] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-02-18] (Kaspersky Lab)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-26] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-26] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-26] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-02-18] (Kaspersky Lab ZAO)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-09-15] (Windows (R) 2003 DDK 3790 provider)
S3 SBIOSIO; \??\C:\windiag\SBIOSIO64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-19 09:44 - 2014-10-19 09:45 - 00020005 _____ () C:\Users\Elias\Desktop\FRST.txt
2014-10-19 09:41 - 2014-10-19 09:41 - 00001187 _____ () C:\Users\Elias\Desktop\mbam.txt
2014-10-19 05:36 - 2014-10-19 05:36 - 00000000 ___RD () C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-10-18 13:33 - 2014-10-18 13:34 - 00001566 _____ () C:\windows\comsetup.log
2014-10-18 13:24 - 2014-10-18 13:40 - 00032388 _____ () C:\windows\diagwrn.xml
2014-10-18 13:24 - 2014-10-18 13:40 - 00032388 _____ () C:\windows\diagerr.xml
2014-10-17 19:36 - 2014-10-19 08:59 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-17 19:36 - 2014-10-17 19:36 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-17 19:36 - 2014-10-17 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-17 19:36 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-17 19:36 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-10-17 19:36 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-10-17 13:28 - 2014-10-17 13:28 - 00000020 ___SH () C:\Users\TEMP.Elias-PC\ntuser.ini
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Vorlagen
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Startmenü
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Netzwerkumgebung
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Lokale Einstellungen
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Eigene Dateien
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Druckumgebung
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Documents\Eigene Musik
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Documents\Eigene Bilder
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\AppData\Local\Verlauf
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\AppData\Local\Anwendungsdaten
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Anwendungsdaten
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 ____D () C:\Users\TEMP.Elias-PC
2014-10-17 13:28 - 2014-07-12 00:03 - 00000000 ___RD () C:\Users\TEMP.Elias-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-17 13:28 - 2014-06-23 10:17 - 00000000 ___RD () C:\Users\TEMP.Elias-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-17 13:28 - 2013-08-21 12:51 - 00002249 _____ () C:\Users\TEMP.Elias-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-10-17 13:28 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\TEMP.Elias-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-17 13:28 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\TEMP.Elias-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-17 13:16 - 2014-10-17 13:28 - 00000000 ____D () C:\Users\TEMP
2014-10-17 13:11 - 2014-10-17 13:11 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Elias\Downloads\tdsskiller.exe
2014-10-16 20:44 - 2014-10-16 20:44 - 00380416 _____ () C:\Users\Elias\Downloads\Gmer-19357 (1).exe
2014-10-16 20:38 - 2014-10-16 20:39 - 00042810 _____ () C:\Users\Elias\Downloads\FRST.txt
2014-10-16 20:38 - 2014-10-16 20:39 - 00035637 _____ () C:\Users\Elias\Downloads\Addition.txt
2014-10-16 20:37 - 2014-10-19 09:44 - 00000000 ____D () C:\FRST
2014-10-16 20:36 - 2014-10-16 20:36 - 02112000 _____ (Farbar) C:\Users\Elias\Desktop\FRST64.exe
2014-10-16 20:35 - 2014-10-16 20:35 - 00000472 _____ () C:\Users\Elias\Downloads\defogger_disable.log
2014-10-16 20:35 - 2014-10-16 20:35 - 00000000 _____ () C:\Users\Elias\defogger_reenable
2014-10-16 20:33 - 2014-10-16 20:33 - 00050477 _____ () C:\Users\Elias\Downloads\Defogger.exe
2014-10-16 19:27 - 2014-10-16 19:27 - 00449032 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-16 17:11 - 2014-09-30 00:49 - 00705480 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-10-16 17:11 - 2014-09-30 00:49 - 00104904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-16 17:01 - 2014-10-16 17:01 - 04714656 _____ (Avira Operations GmbH & Co. KG) C:\Users\Elias\Downloads\avira_de_av___ws.exe
2014-10-16 13:49 - 2014-07-12 06:41 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\KBDRUM.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRUM.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-16 13:49 - 2014-07-12 06:15 - 00006144 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-16 13:49 - 2014-07-12 02:02 - 00478352 _____ () C:\windows\SysWOW64\locale.nls
2014-10-16 13:49 - 2014-07-12 02:00 - 00478352 _____ () C:\windows\system32\locale.nls
2014-10-16 13:49 - 2014-07-09 00:33 - 00181248 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe
2014-10-16 13:49 - 2014-07-09 00:32 - 01539584 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2014-10-16 13:49 - 2014-07-09 00:32 - 00340480 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2014-10-16 13:49 - 2014-07-09 00:30 - 01220608 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2014-10-16 13:49 - 2014-07-07 07:52 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2014-10-16 13:49 - 2014-07-07 07:52 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2014-10-16 13:49 - 2014-07-04 12:52 - 00328000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-10-16 13:49 - 2014-07-03 03:59 - 01824784 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-10-16 13:49 - 2014-07-03 02:30 - 01408952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-10-16 13:49 - 2014-06-28 09:01 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2014-10-16 13:49 - 2014-06-28 08:57 - 00209920 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-10-16 13:49 - 2014-06-28 08:56 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2014-10-16 13:49 - 2014-06-25 09:09 - 00733184 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2014-10-16 13:49 - 2014-06-25 09:07 - 01023488 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-10-16 13:49 - 2014-06-18 01:27 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-10-16 13:49 - 2014-06-18 01:23 - 02238464 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-10-16 13:49 - 2014-06-11 16:47 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-10-16 13:49 - 2014-06-11 06:40 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-10-16 13:49 - 2014-06-11 00:44 - 01403896 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-10-16 13:49 - 2014-05-30 01:31 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-10-16 13:49 - 2014-05-30 01:03 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-10-16 13:49 - 2014-02-04 12:57 - 01271664 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-16 13:48 - 2014-10-10 06:47 - 00693248 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-16 13:48 - 2014-10-10 06:47 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-16 13:48 - 2014-10-08 06:26 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-16 13:48 - 2014-09-13 07:29 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-16 13:48 - 2014-09-13 06:02 - 00068096 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-16 13:48 - 2014-09-03 04:48 - 00510464 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-16 13:48 - 2014-09-03 04:21 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-16 13:48 - 2014-08-02 00:08 - 00388729 _____ () C:\windows\system32\ApnDatabase.xml
2014-10-16 13:48 - 2014-07-24 15:50 - 00447296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-10-16 13:48 - 2014-07-17 01:28 - 00027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2014-10-16 13:48 - 2014-07-17 00:59 - 00305664 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2014-10-16 13:48 - 2014-07-17 00:59 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2014-10-16 13:48 - 2014-07-12 08:45 - 01549824 _____ (Microsoft Corporation) C:\windows\system32\msdtctm.dll
2014-10-16 13:48 - 2014-07-12 06:36 - 00674304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-10-16 13:48 - 2014-07-12 06:36 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-10-16 13:48 - 2014-07-12 06:34 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-10-16 13:48 - 2014-07-12 06:34 - 00250368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-10-16 13:48 - 2014-07-07 07:53 - 01125376 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-16 13:48 - 2014-07-07 07:52 - 03248128 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-16 13:48 - 2014-07-07 07:52 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-16 13:48 - 2014-07-07 07:52 - 00300544 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-16 13:48 - 2014-07-07 07:51 - 05982208 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-16 13:48 - 2014-07-07 06:01 - 01049600 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-16 13:48 - 2014-07-07 06:01 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-16 13:48 - 2014-07-07 06:00 - 05095424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-16 13:48 - 2014-07-07 05:59 - 00269312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-16 13:48 - 2014-06-28 08:57 - 01341952 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2014-10-16 13:48 - 2014-06-28 04:23 - 01126400 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2014-10-16 13:47 - 2014-09-28 06:18 - 04068352 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-16 13:47 - 2014-09-20 07:18 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-16 13:47 - 2014-09-20 07:17 - 02236928 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 01407488 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 19280896 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 15399424 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 02655232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-16 13:47 - 2014-09-20 07:15 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-16 13:47 - 2014-09-20 07:15 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-16 13:47 - 2014-09-20 07:15 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 13757952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 02861568 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 02055168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 01762816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 01180672 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-16 13:47 - 2014-09-20 05:56 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-16 13:47 - 2014-09-20 05:56 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-16 13:47 - 2014-09-20 05:56 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-16 13:47 - 2014-09-20 05:38 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-16 13:47 - 2014-09-20 05:33 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-16 13:47 - 2014-09-20 03:06 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-10-16 13:47 - 2014-09-18 01:24 - 02416128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-16 13:47 - 2014-09-18 00:56 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-16 13:47 - 2014-08-30 07:48 - 10115072 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-10-16 13:47 - 2014-08-30 07:46 - 02306560 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-10-16 13:47 - 2014-08-30 06:05 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-10-16 13:47 - 2014-08-30 06:03 - 02037760 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-10-16 13:47 - 2014-06-13 01:34 - 00754176 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-10-16 13:47 - 2014-06-13 01:29 - 02146304 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-10-15 22:59 - 2014-10-17 19:36 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-15 22:45 - 2014-10-15 22:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Elias\Downloads\mbam-setup-2.0.3.1025.exe
2014-09-25 20:35 - 2014-08-21 01:40 - 00732880 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-09-25 20:35 - 2014-08-20 19:05 - 00694784 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-09-25 20:35 - 2014-08-20 19:05 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2014-09-25 20:35 - 2014-08-20 19:05 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 20:35 - 2014-08-20 19:02 - 00567808 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-09-25 20:35 - 2014-08-20 19:02 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 20:35 - 2014-06-24 09:35 - 00010450 _____ () C:\windows\system32\autoconfig.cab
2014-09-25 20:35 - 2014-06-24 08:40 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2014-09-24 17:19 - 2014-10-18 13:26 - 00000000 ___HD () C:\$Windows.~BT
2014-09-23 14:32 - 2014-08-09 10:30 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2014-09-23 14:32 - 2014-08-09 10:29 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2014-09-20 14:44 - 2014-08-28 13:34 - 00059400 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-09-20 14:44 - 2014-08-28 08:05 - 00630272 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-09-20 14:44 - 2014-08-28 08:05 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-09-20 14:44 - 2014-08-28 08:05 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 03285504 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 01623552 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll
2014-09-20 14:44 - 2014-08-01 01:40 - 01287680 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-09-20 14:44 - 2014-06-05 03:12 - 00678600 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2014-09-20 14:44 - 2014-06-04 01:12 - 00536776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2014-09-20 14:43 - 2014-08-28 08:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-09-20 14:43 - 2014-08-28 08:02 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-09-20 14:42 - 2014-07-24 05:33 - 00875688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2014-09-20 14:42 - 2014-07-24 05:33 - 00869544 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-19 09:43 - 2014-02-18 21:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-10-19 09:42 - 2012-09-10 13:53 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-10-19 09:09 - 2012-12-21 16:10 - 00001126 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-19 09:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-10-19 08:54 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\Registration
2014-10-19 05:50 - 2012-09-10 12:50 - 01928551 _____ () C:\windows\WindowsUpdate.log
2014-10-19 05:46 - 2012-12-18 20:14 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3777642976-2438380877-1723110391-1002
2014-10-19 05:40 - 2012-09-10 13:47 - 00000000 ____D () C:\ProgramData\WinClon
2014-10-19 05:37 - 2012-12-21 16:10 - 00001122 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-18 13:40 - 2012-07-26 09:21 - 00552778 _____ () C:\windows\setupact.log
2014-10-18 13:40 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-10-18 13:38 - 2012-07-26 10:13 - 00004081 _____ () C:\windows\DtcInstall.log
2014-10-18 13:02 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-10-17 15:01 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-10-17 13:26 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-16 20:49 - 2013-01-06 23:19 - 00000000 ____D () C:\Users\Elias\AppData\Local\CrashDumps
2014-10-16 20:35 - 2012-12-18 20:05 - 00000000 ____D () C:\Users\Elias
2014-10-16 19:27 - 2012-08-05 23:07 - 02609624 _____ () C:\windows\PFRO.log
2014-10-16 17:08 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-10-16 17:06 - 2014-07-12 00:03 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-16 17:06 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-16 17:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-10-16 15:20 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-10-16 15:17 - 2013-08-02 13:23 - 00000000 ____D () C:\windows\system32\MRT
2014-10-16 15:13 - 2012-12-19 19:14 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-14 12:36 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-10-13 22:32 - 2013-01-11 22:17 - 00000000 ____D () C:\Users\Elias\AppData\Roaming\CyberLink
2014-10-13 22:07 - 2012-09-10 16:51 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-10-13 22:07 - 2012-09-10 16:51 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-10-13 22:07 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-23 03:51 - 2013-08-21 12:37 - 00000000 ____D () C:\Program Files\Microsoft Office 15

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-15 15:02

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 20.10.2014, 01:45   #7
Bootsektor
/// TB-Ausbilder
 
Windows 8: langsames Internet und Umleitungen auf Werbeseiten - Standard

Windows 8: langsames Internet und Umleitungen auf Werbeseiten



Hallo,

Zitat:
Das ist hier alles anonym oder?
wie meinst du das? Dein Beitrag ist googlebar. Mit den Logs kann aber keiner was anfangen, es sei denn es taucht irgendwo im Benutzerprofil dein Name auf oder du hast sonst Dateinamen, die auf dich rückschließen lassen.

Schritt 1
Es klingt sehr danach, dass du ein paar Cookies von diesen Webseiten bekommen hast.
Folge bitte dieser Anleitung lösche die Cookies und deaktiviere sie und teste danach ob es besser ist

Schritt 2

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 3
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 4
Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Alt 20.10.2014, 15:54   #8
Don_Helios
 
Windows 8: langsames Internet und Umleitungen auf Werbeseiten - Standard

Windows 8: langsames Internet und Umleitungen auf Werbeseiten



Hallo.
Ich habe die Cookies entfernt und deaktiviert, jedoch hat das nicht geholfen.

Fixlog.txt

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-10-2014
Ran by Elias at 2014-10-20 13:30:24 Run:2
Running from C:\Users\Elias\Desktop
Loaded Profiles: UpdatusUser & Elias (Available profiles: UpdatusUser & Elias)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
emptytemp:
*****************

EmptyTemp: => Removed 170.5 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====
         
ESET

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=7964102df17f9042b44cc96d54d64272
# engine=20685
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-20 01:15:50
# local_time=2014-10-20 03:15:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 6170 45285372 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 10299497 22169670 0 0
# scanned=247541
# found=1
# cleaned=0
# scan_time=5151
sh=88B5EAB437C8875F4A7874455F3D72AAF066AC62 ft=1 fh=c71c0011e8464a4f vn="Variante von Win32/InstallCore.JW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Elias\Downloads\COMPUTER_BILD-Download-Manager_fuer_Norton_Removal_Tool.exe"
         
FRST


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-10-2014
Ran by Elias (administrator) on ELIAS-PC on 20-10-2014 15:29:46
Running from C:\Users\Elias\Desktop
Loaded Profiles: UpdatusUser & Elias (Available profiles: UpdatusUser & Elias)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
() C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\e4e6f6daeab33b577e75eac9fa527eeb\windowsstoresetupbox.exe
(Microsoft Corporation) C:\$Windows.~BT\Sources\SetupHost.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe
(Microsoft Corporation) C:\$Windows.~BT\Scratch\180B55C0-36D3-4503-B60D-5A520D5BE0BA\DismHost.exe
(Microsoft Corporation) C:\$Windows.~BT\Scratch\57643C7A-BCDB-44F7-9F3B-D7738E9AA9BF\DismHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3777642976-2438380877-1723110391-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1939136 2014-08-28] (Valve Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Elias\AppData\Roaming\Mozilla\Firefox\Profiles\cyltjadc.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-18]

Chrome: 
=======
CHR HomePage: Default -> https://www.google.de/
CHR Profile: C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-21]
CHR Extension: (Google-Suche) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-21]
CHR Extension: (AdBlock) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-12]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-02-18]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-02-18]
CHR Extension: (Virtual Keyboard) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-02-18]
CHR Extension: (Google Wallet) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Google Mail) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-21]
CHR Extension: (Anti-Banner) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-02-18]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-18] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-02-18] (Kaspersky Lab)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-26] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-26] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-26] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-02-18] (Kaspersky Lab ZAO)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-09-15] (Windows (R) 2003 DDK 3790 provider)
S3 SBIOSIO; \??\C:\windiag\SBIOSIO64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-20 15:29 - 2014-10-20 15:30 - 00020520 _____ () C:\Users\Elias\Desktop\FRST.txt
2014-10-20 13:44 - 2014-10-20 13:44 - 02347384 _____ (ESET) C:\Users\Elias\Downloads\esetsmartinstaller_deu.exe
2014-10-20 13:33 - 2014-10-20 13:33 - 00000000 ___RD () C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-10-20 13:30 - 2014-10-20 13:30 - 00000000 ____D () C:\Users\Elias\Desktop\FRST-OlderVersion
2014-10-18 13:33 - 2014-10-19 13:56 - 00003131 _____ () C:\windows\comsetup.log
2014-10-18 13:24 - 2014-10-20 15:28 - 00066678 _____ () C:\windows\diagwrn.xml
2014-10-18 13:24 - 2014-10-20 15:28 - 00066678 _____ () C:\windows\diagerr.xml
2014-10-17 19:36 - 2014-10-19 08:59 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-17 19:36 - 2014-10-17 19:36 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-17 19:36 - 2014-10-17 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-17 19:36 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-17 19:36 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-10-17 19:36 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-10-17 13:16 - 2014-10-17 13:28 - 00000000 ____D () C:\Users\TEMP
2014-10-17 13:11 - 2014-10-17 13:11 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Elias\Downloads\tdsskiller.exe
2014-10-16 20:44 - 2014-10-16 20:44 - 00380416 _____ () C:\Users\Elias\Downloads\Gmer-19357 (1).exe
2014-10-16 20:38 - 2014-10-16 20:39 - 00042810 _____ () C:\Users\Elias\Downloads\FRST.txt
2014-10-16 20:38 - 2014-10-16 20:39 - 00035637 _____ () C:\Users\Elias\Downloads\Addition.txt
2014-10-16 20:37 - 2014-10-20 15:29 - 00000000 ____D () C:\FRST
2014-10-16 20:36 - 2014-10-20 13:30 - 02111488 _____ (Farbar) C:\Users\Elias\Desktop\FRST64.exe
2014-10-16 20:35 - 2014-10-16 20:35 - 00000472 _____ () C:\Users\Elias\Downloads\defogger_disable.log
2014-10-16 20:35 - 2014-10-16 20:35 - 00000000 _____ () C:\Users\Elias\defogger_reenable
2014-10-16 20:33 - 2014-10-16 20:33 - 00050477 _____ () C:\Users\Elias\Downloads\Defogger.exe
2014-10-16 19:27 - 2014-10-16 19:27 - 00449032 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-16 17:11 - 2014-09-30 00:49 - 00705480 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-10-16 17:11 - 2014-09-30 00:49 - 00104904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-16 17:01 - 2014-10-16 17:01 - 04714656 _____ (Avira Operations GmbH & Co. KG) C:\Users\Elias\Downloads\avira_de_av___ws.exe
2014-10-16 13:49 - 2014-07-12 06:41 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\KBDRUM.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRUM.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-16 13:49 - 2014-07-12 06:15 - 00006144 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-16 13:49 - 2014-07-12 02:02 - 00478352 _____ () C:\windows\SysWOW64\locale.nls
2014-10-16 13:49 - 2014-07-12 02:00 - 00478352 _____ () C:\windows\system32\locale.nls
2014-10-16 13:49 - 2014-07-09 00:33 - 00181248 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe
2014-10-16 13:49 - 2014-07-09 00:32 - 01539584 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2014-10-16 13:49 - 2014-07-09 00:32 - 00340480 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2014-10-16 13:49 - 2014-07-09 00:30 - 01220608 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2014-10-16 13:49 - 2014-07-07 07:52 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2014-10-16 13:49 - 2014-07-07 07:52 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2014-10-16 13:49 - 2014-07-04 12:52 - 00328000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-10-16 13:49 - 2014-07-03 03:59 - 01824784 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-10-16 13:49 - 2014-07-03 02:30 - 01408952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-10-16 13:49 - 2014-06-28 09:01 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2014-10-16 13:49 - 2014-06-28 08:57 - 00209920 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-10-16 13:49 - 2014-06-28 08:56 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2014-10-16 13:49 - 2014-06-25 09:09 - 00733184 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2014-10-16 13:49 - 2014-06-25 09:07 - 01023488 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-10-16 13:49 - 2014-06-18 01:27 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-10-16 13:49 - 2014-06-18 01:23 - 02238464 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-10-16 13:49 - 2014-06-11 16:47 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-10-16 13:49 - 2014-06-11 06:40 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-10-16 13:49 - 2014-06-11 00:44 - 01403896 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-10-16 13:49 - 2014-05-30 01:31 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-10-16 13:49 - 2014-05-30 01:03 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-10-16 13:49 - 2014-02-04 12:57 - 01271664 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-16 13:48 - 2014-10-10 06:47 - 00693248 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-16 13:48 - 2014-10-10 06:47 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-16 13:48 - 2014-10-08 06:26 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-16 13:48 - 2014-09-13 07:29 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-16 13:48 - 2014-09-13 06:02 - 00068096 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-16 13:48 - 2014-09-03 04:48 - 00510464 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-16 13:48 - 2014-09-03 04:21 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-16 13:48 - 2014-08-02 00:08 - 00388729 _____ () C:\windows\system32\ApnDatabase.xml
2014-10-16 13:48 - 2014-07-24 15:50 - 00447296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-10-16 13:48 - 2014-07-17 01:28 - 00027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2014-10-16 13:48 - 2014-07-17 00:59 - 00305664 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2014-10-16 13:48 - 2014-07-17 00:59 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2014-10-16 13:48 - 2014-07-12 08:45 - 01549824 _____ (Microsoft Corporation) C:\windows\system32\msdtctm.dll
2014-10-16 13:48 - 2014-07-12 06:36 - 00674304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-10-16 13:48 - 2014-07-12 06:36 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-10-16 13:48 - 2014-07-12 06:34 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-10-16 13:48 - 2014-07-12 06:34 - 00250368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-10-16 13:48 - 2014-07-07 07:53 - 01125376 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-16 13:48 - 2014-07-07 07:52 - 03248128 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-16 13:48 - 2014-07-07 07:52 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-16 13:48 - 2014-07-07 07:52 - 00300544 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-16 13:48 - 2014-07-07 07:51 - 05982208 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-16 13:48 - 2014-07-07 06:01 - 01049600 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-16 13:48 - 2014-07-07 06:01 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-16 13:48 - 2014-07-07 06:00 - 05095424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-16 13:48 - 2014-07-07 05:59 - 00269312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-16 13:48 - 2014-06-28 08:57 - 01341952 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2014-10-16 13:48 - 2014-06-28 04:23 - 01126400 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2014-10-16 13:47 - 2014-09-28 06:18 - 04068352 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-16 13:47 - 2014-09-20 07:18 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-16 13:47 - 2014-09-20 07:17 - 02236928 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 01407488 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 19280896 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 15399424 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 02655232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-16 13:47 - 2014-09-20 07:15 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-16 13:47 - 2014-09-20 07:15 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-16 13:47 - 2014-09-20 07:15 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 13757952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 02861568 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 02055168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 01762816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 01180672 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-16 13:47 - 2014-09-20 05:56 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-16 13:47 - 2014-09-20 05:56 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-16 13:47 - 2014-09-20 05:56 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-16 13:47 - 2014-09-20 05:38 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-16 13:47 - 2014-09-20 05:33 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-16 13:47 - 2014-09-20 03:06 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-10-16 13:47 - 2014-09-18 01:24 - 02416128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-16 13:47 - 2014-09-18 00:56 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-16 13:47 - 2014-08-30 07:48 - 10115072 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-10-16 13:47 - 2014-08-30 07:46 - 02306560 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-10-16 13:47 - 2014-08-30 06:05 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-10-16 13:47 - 2014-08-30 06:03 - 02037760 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-10-16 13:47 - 2014-06-13 01:34 - 00754176 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-10-16 13:47 - 2014-06-13 01:29 - 02146304 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-10-15 22:59 - 2014-10-17 19:36 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-15 22:45 - 2014-10-15 22:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Elias\Downloads\mbam-setup-2.0.3.1025.exe
2014-09-25 20:35 - 2014-08-21 01:40 - 00732880 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-09-25 20:35 - 2014-08-20 19:05 - 00694784 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-09-25 20:35 - 2014-08-20 19:05 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2014-09-25 20:35 - 2014-08-20 19:05 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 20:35 - 2014-08-20 19:02 - 00567808 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-09-25 20:35 - 2014-08-20 19:02 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 20:35 - 2014-06-24 09:35 - 00010450 _____ () C:\windows\system32\autoconfig.cab
2014-09-25 20:35 - 2014-06-24 08:40 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2014-09-24 17:19 - 2014-10-20 15:28 - 00000000 ___HD () C:\$Windows.~BT
2014-09-23 14:32 - 2014-08-09 10:30 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2014-09-23 14:32 - 2014-08-09 10:29 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2014-09-20 14:44 - 2014-08-28 13:34 - 00059400 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-09-20 14:44 - 2014-08-28 08:05 - 00630272 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-09-20 14:44 - 2014-08-28 08:05 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-09-20 14:44 - 2014-08-28 08:05 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 03285504 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 01623552 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll
2014-09-20 14:44 - 2014-08-01 01:40 - 01287680 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-09-20 14:44 - 2014-06-05 03:12 - 00678600 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2014-09-20 14:44 - 2014-06-04 01:12 - 00536776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2014-09-20 14:43 - 2014-08-28 08:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-09-20 14:43 - 2014-08-28 08:02 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-09-20 14:42 - 2014-07-24 05:33 - 00875688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2014-09-20 14:42 - 2014-07-24 05:33 - 00869544 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-20 15:28 - 2012-07-26 09:21 - 01075221 _____ () C:\windows\setupact.log
2014-10-20 15:24 - 2012-09-10 12:50 - 01089792 _____ () C:\windows\WindowsUpdate.log
2014-10-20 15:21 - 2014-02-18 21:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-10-20 15:09 - 2012-12-21 16:10 - 00001126 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-20 15:02 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-10-20 14:42 - 2012-09-10 13:53 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-10-20 14:09 - 2012-12-21 16:10 - 00001122 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-20 13:38 - 2012-12-18 20:14 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3777642976-2438380877-1723110391-1002
2014-10-20 13:37 - 2012-09-10 13:47 - 00000000 ____D () C:\ProgramData\WinClon
2014-10-20 13:32 - 2012-08-05 23:07 - 02612758 _____ () C:\windows\PFRO.log
2014-10-20 13:32 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-20 13:30 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\Registration
2014-10-19 14:00 - 2012-07-26 10:13 - 00004793 _____ () C:\windows\DtcInstall.log
2014-10-18 13:40 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-10-18 13:02 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-10-17 15:01 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-10-16 20:49 - 2013-01-06 23:19 - 00000000 ____D () C:\Users\Elias\AppData\Local\CrashDumps
2014-10-16 20:35 - 2012-12-18 20:05 - 00000000 ____D () C:\Users\Elias
2014-10-16 17:08 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-10-16 17:06 - 2014-07-12 00:03 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-16 17:06 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-16 17:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-10-16 15:20 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-10-16 15:17 - 2013-08-02 13:23 - 00000000 ____D () C:\windows\system32\MRT
2014-10-16 15:13 - 2012-12-19 19:14 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-14 12:36 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-10-13 22:32 - 2013-01-11 22:17 - 00000000 ____D () C:\Users\Elias\AppData\Roaming\CyberLink
2014-10-13 22:07 - 2012-09-10 16:51 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-10-13 22:07 - 2012-09-10 16:51 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-10-13 22:07 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-23 03:51 - 2013-08-21 12:37 - 00000000 ____D () C:\Program Files\Microsoft Office 15

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-15 15:02

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 20.10.2014, 23:15   #9
Bootsektor
/// TB-Ausbilder
 
Windows 8: langsames Internet und Umleitungen auf Werbeseiten - Standard

Windows 8: langsames Internet und Umleitungen auf Werbeseiten



Hallo,

da seh ich so nichts Malwaremässiges.

ESET hat nur einen Installer von Chip gefunden, lad dir Programme lieber direkt beim Hersteller herunter und nicht bei Chip oder gar Softonic.

Probiere mal, ob es mit einem adblocker besser ist. Ich empfehle Adblockplus, auch kannst du NoScript ausprobieren. Wir räumen hier eben schnell auf.

Schritt 1

Falls Du Malwarebytes-Antimalware und den ESET-Onlinescan nicht mehr benötigst, kannst Du beide Programme einfach über die Programmdeinstallation deinstallieren.
Ich empfehle Dir aber zumindest Malwarebytes zu behalten, und damit einmal die Woche einen Kontrollscan zu machen.

Schritt 2
Downloade dir bitte delfix auf deinen Desktop.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
  • DelFix entfernt u. a. alle verwendeten Programme und löscht sich abschließend selbst.
Falls nach Delfix noch Programme aus unserer Bereinigung vorhanden sein sollten, kannst du diese nun bedenkenlos löschen.

Updates / Programme aktualisieren
  • Internetexplorer
    Dein InternetExplorer ist nicht mehr aktuell. Besuche diese Microsoftseite und lade dir von dort den neuesten Internetexplorer für dein Betriebssystem herunter
  • Java
Dein Java ist nicht mehr aktuell.
Java ist eine große Sicherheitslücke auf deinem System, es werden immer wieder neue Schwachstellen entdeckt, die ausgenutzt werden um Rechner zu infizieren.
Sofern du Java nicht zwingend benötigst, solltest du es komplett deinstallieren.

Windows XP
Gehe auf:
Start --> Systemsteuerung --> Software --> Javaversionen auswählen --> entfernen
Windows Vista
Gehe auf:
Start --> Systemsteuerung -- > Programme --> Programme deinstallieren --> Javaversionen suchen --> entfernen
Windows 7
Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Javaversionen auswählen --> entfernen
Windows 8
Dazu drücke auf:
Windowstaste und X
dann:
Programme und Funktionen -->Javaversionen auswählen --> entfernen

Falls du Java doch unbedingt benötigst, dann
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die jxpiinstall.exe
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 8 Update 25 ) herunter laden.
  • Entferne den Haken bei "Installieren Sie die Ask-Toolbar ..." während der Installation.
  • Wenn die Installation beendet wurde
    Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
  • Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.
Nach dem Neustart
  • Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
  • Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
  • Klicke auf Dateien löschen....
  • Gehe sicher das überall ein Haken gesetzt ist und klicke OK.
  • Klicke erneut OK.

und sorge dafür, dass Java automatisch updated.
Dazu:
  • öffne Java
  • klicke auf den Reiter Update
  • klicke auf: Benachrichtung ausgeben: Vor dem Download setze den Haken bei Automatisch nach Updates suchen
  • klicke auf Erweitert
  • ändere das Intervall mindestens auf wöchentlich
und schalte das Browser-Plugin aus.
Hier findest du eine Anleitung dazu.

Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems.

Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür
  • verwende für jede Anwendung und jeden Account ein anderes Passwort
  • ändere regelmäßig dein Passwort, vor allem bei Onlinebanking oder deinem Emailpostfach ist dieses sehr wichtig
  • speichere keine Passwörter auf deinem PC, gib diese nicht an dritte weiter
  • ein sicheres Passwort besteht aus mindestens 8 Zeichen und beinhaltet Groß- und Kleinbuchstaben, Zahlen, und Sonderzeichen
  • benutze keine Zahlen- oder Buchstabenkombinationen, ( zB 12345678, qwertzui) auch keine Zahlen oder Buchstabenmuster
  • verwende keine Passwörter die einen Bezug zu dir, deinem Wohnort, Familienmitglied oder Haustier (Geburtsdatum, Postleitzahl, Adresse, Name) haben


Aktualität des Systems
Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.
  • Bitte überprüfe, ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.

Antivirensoftware
  • Gehe sicher immer eine Antiviren Software installiert zu haben und halte diese unbedingt aktuell.

Zusätzlicher Schutz
  • MalwareBytes Anti-Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On-Demand Scantool welches viele aktuelle Malware erkennt und auch entfernt.
    Aktualisiere das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf einen Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.


Systemleistung
Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu die Datenträgerbereinigung von Windows.
Windows Vista
  • Klicke unten links auf das Vistasymbol
  • Gehe auf Programme -> Zubehör -> Systemprogramme -> Datenträgerbereinigung
  • Wähle nun Dateien von allen Benutzern des Computers aus und bestätige mit OK
  • Setze den Haken bei den zu löschenden Dateien zusätzlich bei Temporäre Dateien
  • Bestätige mit OK
  • Bestätige dass du die Dateien unwiderruflich löschen möchtest

Windows 7
  • Gehe auf das Windowsstartsymbol
  • Gebe im Suchfeld Datenträgerrereinigung ein
  • Setze den Haken zusätzlich bei Temporäre Dateien
  • Bestätige mit OK

Windows 8
  • Rechtsklicke in die untere linke Ecke deines Bildschirms
  • Klicke auf Suchen
  • Klicke auf Einstellungen
  • Gebe im Suchfeld Datenträgerbereinigung ein
  • Klicke in den Einstellungen auf der linken Seite nun auf Speicherplatz durch Löschen nicht erforderlicher Dateien freigeben
  • Setze den Haken zusätzlich bei Temporäre Dateien
  • Bestätige mit OK
  • Bestätige dass du die Dateien unwiderruflich löschen möchtest

Halte dich fern von jeglichen Registry Cleanern.
Diese schaden deinem System mehr als dass sie es schneller machen.

Verhaltensregeln zum sichereren Surfen
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
  • Achte besonders bei der Installation von Programmen darauf, ob sich weitere Software mitinstallieren möchte, wähle wo immer es geht die benutzerdefinierte Installation und wähle alles ab, was nichts mit dem Programm zu tun hat, welches du dir installieren möchtest.

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind.

Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun.

Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun.

Alt 21.10.2014, 14:52   #10
Don_Helios
 
Windows 8: langsames Internet und Umleitungen auf Werbeseiten - Standard

Windows 8: langsames Internet und Umleitungen auf Werbeseiten



Hallo!
Schön zu hören dass mein PC doch nicht infiziert ist.
Ich habe deine Schritte befolgt und will mich zum Ende recht herzlich
für deine Hilfe bedanken!!!

Helios

Alt 22.10.2014, 00:10   #11
Bootsektor
/// TB-Ausbilder
 
Windows 8: langsames Internet und Umleitungen auf Werbeseiten - Standard

Windows 8: langsames Internet und Umleitungen auf Werbeseiten



Hallo,

gern geschehen.

Somit ist dieses Thema erledigt, falls du noch Fragen haben solltest oder es Probleme gibt, so schicke mir bitte eine PN

Jeder andere bitte hier klicken und einen eigenen Thread erstellen

Antwort

Themen zu Windows 8: langsames Internet und Umleitungen auf Werbeseiten
adware, bestimmte seiten, cpu, ebanking, fehlercode 0x40000015, fehlercode 0xc0000005, fehlercode 70, iexplore.exe, installation, internet langsam, kaspersky, mozilla, problem, programm, realtek, registry, security, software, svchost.exe, system, umleitung auf andere seiten, warnung, win32/installcore.jw, windows



Ähnliche Themen: Windows 8: langsames Internet und Umleitungen auf Werbeseiten


  1. Redirect auf Werbeseiten im Internet explorer mit Windows 8.1
    Log-Analyse und Auswertung - 17.02.2015 (3)
  2. Windows 8: sehr langsames Internet und viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 29.12.2014 (15)
  3. Windows 7/ Hoher Ping - Sehr langsames Internet
    Plagegeister aller Art und deren Bekämpfung - 12.11.2014 (11)
  4. Windows 7, Firofox & Internet Explorer: Datenübertragung unterbrochen, Werbeseiten poppen auf
    Plagegeister aller Art und deren Bekämpfung - 01.10.2014 (1)
  5. Windows 7, Firofox & Internet Explorer: Datenübertragung unterbrochen, Gesicherte Verbindung fehlgeschlagen, Werbeseiten poppen auf
    Log-Analyse und Auswertung - 20.07.2014 (9)
  6. Win 8.1: langsames Internet
    Log-Analyse und Auswertung - 27.04.2014 (9)
  7. Unerwünschte Umleitungen zu Werbeseiten
    Plagegeister aller Art und deren Bekämpfung - 15.03.2014 (13)
  8. Windows 8: Konnektivitätsprobleme und langsames Internet
    Log-Analyse und Auswertung - 12.02.2014 (9)
  9. Windows 8.1: langsames Internet - teilweise gar nicht
    Log-Analyse und Auswertung - 28.01.2014 (19)
  10. Windows 7: Langsames Internet?
    Log-Analyse und Auswertung - 16.09.2013 (3)
  11. Windows XP: langsames Internet und viel Spam-Werbung
    Plagegeister aller Art und deren Bekämpfung - 03.09.2013 (15)
  12. langsames internet
    Plagegeister aller Art und deren Bekämpfung - 08.10.2012 (98)
  13. Langsames Internet
    Alles rund um Windows - 08.05.2011 (2)
  14. Windows Internet-Explorer öffnet automaitsch Werbeseiten
    Log-Analyse und Auswertung - 29.04.2010 (1)
  15. Langsames Internet
    Log-Analyse und Auswertung - 02.07.2009 (0)
  16. Langsames Internet
    Log-Analyse und Auswertung - 22.05.2009 (5)
  17. Langsames Internet
    Log-Analyse und Auswertung - 17.10.2008 (0)

Zum Thema Windows 8: langsames Internet und Umleitungen auf Werbeseiten - Guten Abend! Ich habe seit neustem das Problem, dass das Streamen von Videos sehr langsam geworden ist. Ausserdem werde ich, wenn ich bestimmte Seiten besuche, auf unseriöse Seiten umgeleitet und - Windows 8: langsames Internet und Umleitungen auf Werbeseiten...
Archiv
Du betrachtest: Windows 8: langsames Internet und Umleitungen auf Werbeseiten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.