Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Plötzlich Blackscreen. Win 8.1

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.05.2015, 07:51   #1
Clegane000
 
Plötzlich Blackscreen. Win 8.1 - Standard

Plötzlich Blackscreen. Win 8.1



Hallo Trojanerboard-Team,

gestern Abend kam plötzlich ein schwarzer Bildschirm. Dabei ist garnicht soviel Zeit für den eigentlich Blackscreen vergangen und auch mit Mausbewegung konnte ich das nicht mehr wegbekommen. Musste daraufhin den Laptop ausschalten.

Ich mache mir jetzt sorgen, dass das jemand von außen war und ich irgendwas auf dem Laptop habe nun. Hatte davor auch schon 3 mal Bluescreen. Hatte dann die Windows-Updates gemacht und alles war ok. Nur der Blackscreen macht mir sorgen. Ist Win 8.1 mit aktuellsten updates.

Vielen Dank fürs lesen :/

Alt 30.05.2015, 08:00   #2
M-K-D-B
/// TB-Ausbilder
 
Plötzlich Blackscreen. Win 8.1 - Standard

Plötzlich Blackscreen. Win 8.1






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 30.05.2015, 08:35   #3
Clegane000
 
Plötzlich Blackscreen. Win 8.1 - Standard

Plötzlich Blackscreen. Win 8.1



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Clegane000 (administrator) on STEFAN on 30-05-2015 09:28:51
Running from C:\Users\Clegane000\Desktop
Loaded Profiles: Clegane000 (Available Profiles: Clegane000)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [66304 2015-05-06] (Acer Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [92928 2015-05-06] ()
HKU\S-1-5-21-2663304337-598474651-3998101334-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2015-01-24] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-01-24]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2663304337-598474651-3998101334-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.de/
HKU\S-1-5-21-2663304337-598474651-3998101334-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2663304337-598474651-3998101334-1001 -> {35BFF0F4-EB25-11E4-8260-F0761C78FC78} URL = 
SearchScopes: HKU\S-1-5-21-2663304337-598474651-3998101334-1001 -> {5837558B-895F-4393-94FF-094F0673F847} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-06] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-04-24] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-04-24] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-05-06] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Clegane000\AppData\Roaming\Mozilla\Firefox\Profiles\cthv2kc3.default
FF Homepage: hxxp://boerse.ard.de/index.html
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-30] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-04-24] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-04-24] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-04-24] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2015-05-09] ()
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-04-24]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-04-24]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-04-24]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-04-24]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-04-24]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-04-24]

Chrome: 
=======
CHR StartupUrls: Default -> "https://translate.google.de/?hl=de"
CHR Profile: C:\Users\Clegane000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Clegane000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-25]
CHR Extension: (Google Docs) - C:\Users\Clegane000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-25]
CHR Extension: (Google Drive) - C:\Users\Clegane000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-25]
CHR Extension: (YouTube) - C:\Users\Clegane000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-25]
CHR Extension: (Google Search) - C:\Users\Clegane000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-25]
CHR Extension: (Kaspersky Protection) - C:\Users\Clegane000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-04-25]
CHR Extension: (Google Sheets) - C:\Users\Clegane000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-25]
CHR Extension: (Bookmark Manager) - C:\Users\Clegane000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Clegane000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-25]
CHR Extension: (Google Wallet) - C:\Users\Clegane000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-25]
CHR Extension: (Gmail) - C:\Users\Clegane000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-25]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2839296 2015-05-06] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373824 2015-05-23] (WildTangent)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\siteadvisor\mcsacore.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [142344 2015-04-24] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [771272 2015-04-24] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-29] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [476888 2014-03-21] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-30 09:28 - 2015-05-30 09:29 - 00019651 _____ () C:\Users\Clegane000\Desktop\FRST.txt
2015-05-30 09:28 - 2015-05-30 09:28 - 00000000 ____D () C:\FRST
2015-05-30 09:27 - 2015-05-30 09:27 - 02108928 _____ (Farbar) C:\Users\Clegane000\Desktop\FRST64.exe
2015-05-30 09:25 - 2015-05-30 09:25 - 00000000 ____D () C:\Users\Clegane000\Desktop\rest
2015-05-29 12:52 - 2015-05-29 13:07 - 00000000 ____D () C:\Users\Clegane000\Desktop\Projektdokumentation
2015-05-27 17:28 - 2015-05-27 17:28 - 00000000 ____D () C:\Users\Clegane000\Desktop\annual reports
2015-05-26 22:09 - 2015-04-09 00:07 - 00410336 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-26 22:09 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-05-26 22:09 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-05-26 22:09 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-05-26 22:09 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-05-26 22:09 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-05-26 22:09 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-05-26 22:08 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-05-26 22:08 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-05-26 22:08 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-05-26 22:08 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-05-26 22:08 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-05-26 22:08 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-05-26 22:08 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-05-26 22:08 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2015-05-26 22:08 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-05-26 22:07 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-05-26 22:07 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-05-26 22:07 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-05-26 22:07 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-05-26 22:07 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-05-26 22:07 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-05-26 22:07 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-05-26 22:07 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-05-26 22:07 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-05-26 22:07 - 2014-11-10 20:06 - 02485056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-05-26 22:07 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-05-26 22:07 - 2014-11-10 20:06 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-05-26 22:07 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-05-26 22:07 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-05-26 22:07 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-05-26 22:07 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-05-26 22:07 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-05-26 22:07 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-05-26 22:07 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-05-26 22:07 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-05-26 22:07 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-05-26 22:07 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-05-26 22:07 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-05-26 22:07 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2015-05-26 22:07 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2015-05-26 22:07 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2015-05-26 22:07 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2015-05-26 22:07 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2015-05-26 22:07 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-05-26 22:07 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2015-05-26 22:07 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2015-05-26 22:07 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2015-05-26 22:07 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2015-05-26 22:07 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-05-26 22:07 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-05-26 22:07 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-05-26 22:07 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-05-26 22:07 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-05-26 22:07 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-05-26 22:07 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-05-26 22:07 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2015-05-26 22:07 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2015-05-26 22:07 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-05-26 22:07 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-05-26 22:07 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-05-26 22:07 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-05-26 22:07 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2015-05-26 22:07 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2015-05-26 22:07 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-05-26 22:07 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-05-26 22:07 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-05-26 22:07 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-05-26 22:07 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-05-26 22:07 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-05-26 22:07 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-05-26 22:07 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-05-26 22:07 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-05-26 22:07 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-05-26 22:07 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-05-26 22:07 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-05-26 22:07 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-05-26 22:07 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-05-26 22:07 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-05-26 22:07 - 2014-10-31 02:51 - 18823168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-05-26 22:07 - 2014-10-31 02:10 - 15158784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-05-26 22:07 - 2014-10-29 05:05 - 00551232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-05-26 22:07 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-05-26 22:07 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-05-26 22:07 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2015-05-26 22:07 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2015-05-26 22:07 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-05-26 22:07 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-05-26 22:07 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-05-26 22:07 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-05-26 22:07 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-05-26 22:07 - 2014-10-17 06:56 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-05-26 22:07 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-05-26 22:06 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-05-26 22:06 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-05-26 22:06 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-05-26 22:06 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-05-26 22:06 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-05-26 22:06 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-05-26 22:06 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-05-26 22:06 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-05-26 22:06 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-05-26 22:06 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-05-26 22:06 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-05-26 22:06 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-05-26 22:06 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-05-26 22:06 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-05-26 22:06 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-05-26 22:01 - 2015-05-30 09:18 - 00005128 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for STEFAN-Clegane000 Stefan
2015-05-26 21:51 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-05-26 21:51 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-05-26 21:28 - 2015-05-26 21:28 - 00313912 _____ () C:\Windows\Minidump\052615-20296-01.dmp
2015-05-23 14:41 - 2015-05-23 14:41 - 00322104 _____ () C:\Windows\Minidump\052315-22093-01.dmp
2015-05-19 21:50 - 2015-05-19 21:50 - 00000000 __SHD () C:\Users\Clegane000\AppData\Local\EmieBrowserModeList
2015-05-18 23:22 - 2015-05-29 00:02 - 00000000 ____D () C:\Users\Clegane000\Desktop\wallpapers
2015-05-16 17:55 - 2015-05-16 17:56 - 00297440 _____ () C:\Windows\Minidump\051615-24406-01.dmp
2015-05-16 16:02 - 2015-05-16 16:03 - 11612204 _____ () C:\Users\Clegane000\Downloads\Mabinogi.themepack
2015-05-16 09:42 - 2015-05-16 09:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-13 17:13 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 17:13 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 09:26 - 2015-05-13 09:26 - 00002001 _____ () C:\Users\Public\Desktop\abMedia.lnk
2015-05-13 09:21 - 2015-05-13 09:21 - 00002005 _____ () C:\Users\Public\Desktop\abPhoto.lnk
2015-05-12 22:40 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 22:40 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:33 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 20:33 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 20:33 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 20:33 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 20:33 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 20:33 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 20:33 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 20:33 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 20:33 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-12 20:33 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 20:33 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 20:33 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 20:33 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-12 20:33 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 20:33 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 20:33 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-12 20:33 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 20:33 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-12 20:33 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 20:33 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 20:33 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 20:33 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 20:33 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 20:33 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 20:33 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-12 20:33 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 20:33 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-12 20:33 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 20:33 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-12 20:33 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 20:33 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 20:33 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 20:33 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 20:33 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 20:33 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 20:33 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 20:33 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 20:33 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 20:33 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 20:31 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 20:31 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 20:31 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 20:31 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 20:31 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 20:31 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-12 20:31 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 20:31 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-12 20:31 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 20:31 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-12 20:31 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 20:31 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-12 20:31 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-12 20:31 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-12 20:31 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-12 20:31 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-12 20:31 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 20:31 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 20:31 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 20:31 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-12 20:31 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-12 20:31 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-12 20:31 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-12 20:31 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-12 20:31 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-12 20:31 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-12 20:31 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 20:31 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 20:31 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-12 20:31 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 20:31 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-12 20:31 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 20:31 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-12 20:31 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 20:31 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-12 20:31 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-12 20:31 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-12 15:31 - 2015-05-12 15:31 - 00003334 _____ () C:\Windows\System32\Tasks\AcerCloud
2015-05-12 15:31 - 2015-05-12 15:31 - 00002030 _____ () C:\Users\Public\Desktop\Acer Portal.lnk
2015-05-12 15:27 - 2015-05-12 15:27 - 00001969 _____ () C:\Users\Public\Desktop\abDocs.lnk
2015-05-12 06:20 - 2015-05-12 06:20 - 02204160 _____ () C:\Users\Clegane000\Desktop\adwcleaner_4.203.exe
2015-05-11 09:55 - 2015-05-29 01:04 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-11 09:55 - 2015-05-23 16:27 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-11 09:55 - 2015-05-23 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-11 09:55 - 2015-05-23 16:27 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-05-11 09:55 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-11 09:55 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-11 09:55 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-10 08:55 - 2015-05-10 13:11 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1CC57F18.sys
2015-05-10 08:53 - 2015-05-10 08:53 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\5E1E7DDE.sys
2015-05-09 16:42 - 2015-05-09 16:42 - 09928241 _____ () C:\Users\Clegane000\Downloads\AustralianLandscapes IanJohnson.themepack
2015-05-09 12:25 - 2015-05-09 12:25 - 00000000 ____D () C:\Users\Clegane000\AppData\Roaming\WildTangent
2015-05-08 22:19 - 2015-05-08 22:19 - 11691920 _____ () C:\Users\Clegane000\Downloads\IsleofManMarkWallace.themepack
2015-05-08 22:18 - 2015-05-08 22:18 - 07035835 _____ () C:\Users\Clegane000\Downloads\AutumnColorJapan.themepack
2015-05-08 22:14 - 2015-05-08 22:14 - 09660040 _____ (Microsoft Corporation) C:\Users\Clegane000\Downloads\DefaultPack.EXE
2015-05-08 22:12 - 2015-05-08 22:12 - 14194305 _____ () C:\Users\Clegane000\Downloads\Halo4Heroes.themepack
2015-05-06 18:21 - 2015-05-07 08:15 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\155D77D3.sys
2015-05-06 10:02 - 2015-05-06 10:02 - 00000000 ____D () C:\Users\Clegane000\AppData\Local\Microsoft Help
2015-05-06 09:34 - 2015-05-23 14:18 - 00000000 ____D () C:\Users\Clegane000\Desktop\projekt
2015-05-06 08:55 - 2015-05-06 13:29 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\3818469D.sys
2015-05-05 16:04 - 2015-05-06 08:54 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\0DD240A2.sys
2015-05-04 15:34 - 2015-05-04 15:34 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\74285B55.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-30 09:30 - 2015-04-25 15:20 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-30 09:20 - 2015-04-25 11:07 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-30 09:20 - 2015-04-25 11:07 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-30 09:20 - 2015-04-25 11:06 - 00000000 ____D () C:\Users\Clegane000\AppData\Local\Adobe
2015-05-30 09:20 - 2015-01-24 08:06 - 02056215 _____ () C:\Windows\WindowsUpdate.log
2015-05-30 09:17 - 2015-04-25 15:20 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-30 09:17 - 2015-04-24 12:00 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-30 09:17 - 2015-04-24 11:14 - 00000000 ___RD () C:\Users\Clegane000\OneDrive
2015-05-30 09:16 - 2015-04-24 11:04 - 00000000 ____D () C:\Users\Clegane000
2015-05-30 09:16 - 2013-08-22 16:46 - 00024032 _____ () C:\Windows\setupact.log
2015-05-30 09:16 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-29 23:01 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-29 12:59 - 2015-04-24 13:45 - 00000000 ____D () C:\Users\Clegane000\Documents\Citavi 5
2015-05-29 12:20 - 2015-04-24 18:22 - 00611840 ___SH () C:\Users\Clegane000\Desktop\Thumbs.db
2015-05-29 01:02 - 2015-04-28 13:22 - 00000000 ____D () C:\AdwCleaner
2015-05-29 01:02 - 2015-01-24 07:16 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-05-29 01:02 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-27 18:44 - 2015-04-24 11:12 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2663304337-598474651-3998101334-1001
2015-05-27 16:58 - 2015-04-24 11:06 - 00000000 ____D () C:\Users\Clegane000\AppData\Local\Packages
2015-05-27 16:58 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-27 15:24 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-05-27 11:00 - 2015-04-24 12:16 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2663304337-598474651-3998101334-1001
2015-05-27 11:00 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-26 22:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2015-05-26 22:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-05-26 22:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup
2015-05-26 21:56 - 2015-04-24 12:16 - 00005122 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Clegane000-Clegane000 Clegane000
2015-05-26 21:28 - 2015-04-29 14:06 - 565385589 _____ () C:\Windows\MEMORY.DMP
2015-05-26 21:28 - 2015-04-29 14:06 - 00000000 ____D () C:\Windows\Minidump
2015-05-26 21:12 - 2015-04-24 12:11 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{762552F7-D4B4-458E-82B4-4805729CE82D}
2015-05-23 19:06 - 2014-07-25 23:23 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-05-23 14:18 - 2015-04-24 19:18 - 00000000 ____D () C:\Users\Clegane000\Desktop\sdfsdf
2015-05-22 00:10 - 2014-03-18 11:54 - 00014240 _____ () C:\Windows\PFRO.log
2015-05-20 15:41 - 2015-04-27 00:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-20 15:41 - 2015-04-27 00:00 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-19 12:42 - 2015-01-24 15:26 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-05-19 12:42 - 2015-01-24 15:26 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-05-19 12:42 - 2014-03-18 12:03 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-19 00:29 - 2015-04-24 12:12 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-16 15:03 - 2015-04-24 13:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-15 22:25 - 2015-04-25 15:20 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 22:25 - 2015-04-25 15:20 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-13 10:22 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-13 09:26 - 2014-07-25 23:21 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-05-13 09:25 - 2014-07-25 23:20 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-05-13 09:22 - 2015-04-24 11:08 - 00000000 ____D () C:\Users\Clegane000\AppData\Local\clear.fi
2015-05-12 22:43 - 2013-08-22 16:44 - 00491720 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-12 22:38 - 2015-04-26 23:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-12 22:33 - 2015-04-26 23:41 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-12 22:22 - 2014-03-18 11:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 18:33 - 2015-04-24 11:08 - 00000000 ____D () C:\Users\Clegane000\AppData\Local\AOP SDK
2015-05-12 15:26 - 2014-07-25 23:57 - 00000000 ___HD () C:\OEM
2015-05-11 20:30 - 2015-04-24 11:39 - 00000000 ____D () C:\Users\Clegane000\AppData\Local\CrashDumps
2015-05-10 14:49 - 2015-04-27 08:39 - 00000000 ____D () C:\Users\Clegane000\AppData\Roaming\Foxit Software
2015-05-09 12:25 - 2014-07-25 23:24 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-09 12:25 - 2014-07-25 23:23 - 00000000 ____D () C:\ProgramData\WildTangent
2015-05-05 19:59 - 2014-07-25 23:19 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2014-07-25 23:19 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-01-24 07:22 - 2015-01-24 07:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Clegane000\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\Clegane000\AppData\Local\Temp\oct4836.tmp.exe
C:\Users\Clegane000\AppData\Local\Temp\Quarantine.exe
C:\Users\Clegane000\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-26 23:16

==================== End of log ============================
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Clegane000 at 2015-05-30 09:30:21
Running from C:\Users\Clegane000\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2663304337-598474651-3998101334-500 - Administrator - Disabled)
Clegane000 (S-1-5-21-2663304337-598474651-3998101334-1001 - Administrator - Enabled) => C:\Users\Clegane000
Gast (S-1-5-21-2663304337-598474651-3998101334-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2663304337-598474651-3998101334-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.07.2004 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.08.2003.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.03.2004.4 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.06.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{9D98D3EC-9BB8-47EF-66B6-B652B9846634}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.10.0.0 - AppEx Networks)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.07.2004.0 - Acer Incorporated)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.234 - Broadcom Corporation)
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.0.0.11 - Swiss Academic Software)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2663304337-598474651-3998101334-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
OEM Application Profile (HKLM-x32\...\{276FD4A2-030F-8A24-7DFE-9B1384131BCD}) (Version: 1.00.0000 - Ihr Firmenname)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21250 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7218 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9350 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2663304337-598474651-3998101334-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Clegane000\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

20-05-2015 15:39:51 Windows Update
26-05-2015 21:50:20 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02E2B5A8-BDD3-4775-B449-E92FE2112229} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {1E5985D2-B093-4EBB-B2AF-8127A3B86B07} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {2923779E-6EEB-48BE-A74D-8C074541E151} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {2FB302A2-99B5-42CB-87A4-DB5D3235CFC3} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {4621F24C-2B09-4415-A9B5-59E80B23B1ED} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {46DC5939-012C-4E76-966E-0BE101F891AE} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Clegane000-Clegane000 Clegane000 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-05-06] (Microsoft Corporation)
Task: {6533BB98-7CBE-48EF-8A5B-404DDC0C9792} - System32\Tasks\Microsoft Office 15 Sync Maintenance for STEFAN-Clegane000 Stefan => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-05-06] (Microsoft Corporation)
Task: {6D885BC5-E80C-4361-956A-02803224304B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-18] (Microsoft Corporation)
Task: {6DDA4F3E-1620-452B-A4AA-9D914F756E8E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {77855731-FC91-4DB7-8323-8A0D70D5C003} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {7A7A76FE-6940-469B-A91B-9785709C202C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {7CC3A020-2B4B-420B-B12D-B45BF4A1101B} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {81C12ABB-71A8-4575-A0CB-31202485DB0D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-12] (Microsoft Corporation)
Task: {870F0CDA-E8F8-428C-9557-113EB8F9955F} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2663304337-598474651-3998101334-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {93EE8107-3FA1-4E5B-AD85-E195F6DC4F00} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {AA9F1F0F-147D-4013-A93A-B1C5D81C0680} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {B7EF284E-855F-4EBF-888C-611BEC79FADA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {BED488EC-2950-4691-BE6C-C50245EB310D} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-05-06] (Acer)
Task: {DD42357F-AFF0-4FF2-B015-6FBBE7418AAA} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {EBE74A0F-79D4-425D-B787-4ACAA0811769} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {F2DBD99B-940D-414D-8DA8-46F508D653CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-30] (Adobe Systems Incorporated)
Task: {F69239AC-BF10-463C-8CAE-7FD508923AE7} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {FB2A6455-C8F0-4AAF-91AD-65BB6BA0C659} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-02-18 21:02 - 2014-02-18 21:02 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2015-04-24 12:12 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-07-25 23:23 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-07-25 23:27 - 2014-07-01 23:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-05-06 16:14 - 2015-05-06 16:14 - 00092928 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2015-05-06 16:14 - 2015-05-06 16:14 - 00090368 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2015-05-12 15:27 - 2015-05-12 15:27 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-05-06 10:08 - 2015-05-06 10:08 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-07-01 10:57 - 2014-07-01 10:57 - 00279296 _____ () C:\Program Files (x86)\Acer\AcerCloud Docs\libcurl.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00641792 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-05-08 10:41 - 2015-05-08 10:41 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-05-06 16:15 - 2015-05-06 16:15 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2015-05-06 08:53 - 2015-05-06 08:53 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Clegane000\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2663304337-598474651-3998101334-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Clegane000\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0A20BDB2-3A22-4C8B-A174-0307ED73048D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{6B04AB04-A2A8-4C44-AD62-DFBE5F7C8CCA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{2EA69E2E-4249-4721-9591-66DB1CB31741}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{05FB242C-6370-4FB6-8BA6-BD7354BF5106}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{3F14814A-6654-4502-BAE3-2DB1FEF910BF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{2589C329-AB2F-46F6-8E8D-9248B56CE344}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D6EF0449-6107-48A0-95A8-EF40668E33BC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F464C4BB-0BDC-43B9-BFC5-5E6583599744}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A887D22E-D816-4E22-9ED0-B28FE8F6AE12}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{80386162-F41D-4031-83F2-073C9E49FD26}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{1624C36E-444C-42D3-832D-31A4D3F3FB78}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{88418EEC-48A6-4AE8-834B-9855D3F88224}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{6C9EC133-3B5D-46A2-81D9-BC1FCD507066}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{8CD2E465-D0EB-446B-98FB-391E6A750802}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C83FED97-85BB-4F4E-B698-A14C90665877}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{5E001BCB-DB78-4FFD-A141-F737B440E175}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{F9928647-2E58-4663-8F20-0E3D51438EEE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{A365E2D3-750A-4165-99D7-9CE0246F2636}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{A4DA4023-4D60-4C5C-AEC3-996B3BE3D328}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{9662B6AE-F35A-4DA8-B798-CA61B8851BE3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{863ED54B-58AA-4CD2-8378-1902B634BA00}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{3CD01AAA-0CD5-4035-8C47-0F588B8F9CFE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{AC3ACB24-3A18-4374-B83E-202BA406E3AA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{28BF3EB5-54DB-4829-9815-87C87B64B330}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7BADFFEB-635E-460C-B5CD-F8C9EAE2ACE9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{05433DEB-F905-44E2-B274-06FE530E84EA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{33640D5F-9CAD-479F-AF26-6046210C8C16}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BDDB1C45-302A-4349-862F-C693A1896E97}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{412C59A2-97C8-41D6-B3C5-4724465B4A8D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F9D49EAD-3F52-451E-8620-4D52F613BA30}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{F30DA2DE-6972-44B8-A458-F3B2AD59448B}] => (Allow) C:\Users\Clegane000\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{CFDB82F9-BB5E-4A2A-9D1F-327FEFA38569}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0A137E54-CAC1-47E8-8667-CB9945115C44}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CC313B71-F57C-4BE6-B1EA-C99F0A51D4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{2CDD38A4-E862-460B-8951-0019673D5331}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{8E0309DD-3E27-46DD-99F2-B673FAE93275}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{B462E797-49A0-4E2B-9AFB-EF1AC0878E38}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{1C95723A-6A37-4D98-8115-6D5B37D8569C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{20FAB7D5-AECC-4979-A326-10CB0963F02B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{539F3868-6C30-4C42-A29B-A46C8B97E546}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{75B4D4F8-46AC-4E22-BC3E-055BA11251AD}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{BCB36B85-C31D-45EA-AC07-98686180C858}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{A8E25E4D-7264-4169-9EB4-0C7D7A9A9695}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{B3C65F3B-D478-4553-A3D7-D20727F215ED}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{B094BAEA-0458-4D20-B618-B974EDB0CF4A}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{B0239CE1-74F8-4D30-AD4A-BDDC19F7129C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{AC5C4203-4C02-42AA-A1A2-E0890CEE7F56}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C99545C2-AA3C-4878-85FD-05164A51B94F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F2175F74-909E-437C-A544-39562AA9A658}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EC045A74-FD81-4A00-BC3E-77708EC12B3B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B50C2163-4483-450C-B480-ACE28DCA273A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{523C7C78-473E-4FFE-A63E-102DA804A18E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{142832B3-B24A-44DD-8C75-096E4C3C616D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5EF4759D-76CB-435E-9F65-B9CB8487C55F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{73BC2FCC-F0F0-46EF-A516-939554B216D5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1C159E9B-95AA-43B6-B2E5-7EBB8BA39523}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4E858104-5E18-4ADD-B720-FA45968136F5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A875FE1B-4192-4077-98F6-849805E87126}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{03A280E3-C727-4F82-8D5C-655A73D5F760}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{198F55B9-28F0-4075-AADB-7ECBE9065EB5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{22C1F779-ADE3-429F-AED1-5B59EA44C934}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{837321E4-CF12-4E60-ACA6-D3FBD475A95B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{866D61A0-0D4B-4100-A10E-548EF9721DEA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D5A37509-5CF3-4C3E-B11A-6B257B9605E6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/29/2015 00:59:37 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4

Error: (05/29/2015 00:59:36 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (05/29/2015 00:59:36 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (05/29/2015 00:59:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4

Error: (05/29/2015 00:59:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (05/29/2015 00:59:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll4

Error: (05/29/2015 00:59:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (05/29/2015 00:59:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\Windows\system32\mscoree.dll4

Error: (05/29/2015 00:56:34 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4

Error: (05/29/2015 00:56:34 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4


System errors:
=============
Error: (05/30/2015 09:16:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/30/2015 09:16:04 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎29.‎05.‎2015 um 23:22:30 unerwartet heruntergefahren.

Error: (05/29/2015 06:57:14 PM) (Source: DCOM) (EventID: 10010) (User: STEFAN)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/29/2015 06:57:14 PM) (Source: DCOM) (EventID: 10010) (User: STEFAN)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/29/2015 01:03:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/29/2015 01:02:51 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (05/29/2015 01:02:51 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (05/29/2015 01:02:49 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (05/29/2015 01:02:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/29/2015 01:02:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (05/29/2015 00:59:37 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4

Error: (05/29/2015 00:59:36 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (05/29/2015 00:59:36 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (05/29/2015 00:59:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4

Error: (05/29/2015 00:59:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (05/29/2015 00:59:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll4

Error: (05/29/2015 00:59:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (05/29/2015 00:59:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\Windows\system32\mscoree.dll4

Error: (05/29/2015 00:56:34 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4

Error: (05/29/2015 00:56:34 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4


==================== Memory info =========================== 

Processor: AMD A10-7300 Radeon R6, 10 Compute Cores 4C+6G 
Percentage of memory in use: 24%
Total physical RAM: 7114.26 MB
Available physical RAM: 5368.52 MB
Total Pagefile: 14282.26 MB
Available Pagefile: 12361.96 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:914.92 GB) (Free:867.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B7EAE5F3)

Partition: GPT Partition Type.

==================== End of log ============================
         
__________________

Geändert von M-K-D-B (01.06.2015 um 11:55 Uhr)

Alt 30.05.2015, 08:44   #4
Clegane000
 
Plötzlich Blackscreen. Win 8.1 - Standard

Plötzlich Blackscreen. Win 8.1



Code:
ATTFilter
09:38:09.0601 0x07b0  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
09:38:09.0601 0x07b0  UEFI system
09:38:13.0170 0x07b0  ============================================================
09:38:13.0170 0x07b0  Current date / time: 2015/05/30 09:38:13.0170
09:38:13.0170 0x07b0  SystemInfo:
09:38:13.0170 0x07b0  
09:38:13.0170 0x07b0  OS Version: 6.3.9600 ServicePack: 0.0
09:38:13.0170 0x07b0  Product type: Workstation
09:38:13.0170 0x07b0  ComputerName: STEFAN
09:38:13.0170 0x07b0  UserName: Clegane000
09:38:13.0170 0x07b0  Windows directory: C:\Windows
09:38:13.0170 0x07b0  System windows directory: C:\Windows
09:38:13.0170 0x07b0  Running under WOW64
09:38:13.0170 0x07b0  Processor architecture: Intel x64
09:38:13.0170 0x07b0  Number of processors: 4
09:38:13.0170 0x07b0  Page size: 0x1000
09:38:13.0170 0x07b0  Boot type: Normal boot
09:38:13.0170 0x07b0  ============================================================
09:38:13.0659 0x07b0  KLMD registered as C:\Windows\system32\drivers\42543794.sys
09:38:14.0236 0x07b0  System UUID: {E4351FCE-6833-0832-66F4-E17ADC3E5ADC}
09:38:14.0797 0x07b0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:38:14.0801 0x07b0  ============================================================
09:38:14.0801 0x07b0  \Device\Harddisk0\DR0:
09:38:14.0801 0x07b0  GPT partitions:
09:38:14.0802 0x07b0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {DB8E27E4-C8EE-48C1-8087-EFDBBFEF331B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
09:38:14.0802 0x07b0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {50DC1777-8005-43CC-B400-9F25CC1428F4}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
09:38:14.0802 0x07b0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {AD79BCC1-DCBA-46F4-B289-0A0D5D8929C8}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
09:38:14.0802 0x07b0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7D2D2C8D-F5A4-478D-A15F-3C88EAFB2E03}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x725D6800
09:38:14.0802 0x07b0  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3C870C5D-CE90-4B4A-8F8E-1420A0E83449}, Name: Basic data partition, StartLBA 0x727D9000, BlocksNum 0x1F2D800
09:38:14.0802 0x07b0  MBR partitions:
09:38:14.0802 0x07b0  ============================================================
09:38:14.0820 0x07b0  C: <-> \Device\Harddisk0\DR0\Partition4
09:38:14.0820 0x07b0  ============================================================
09:38:14.0820 0x07b0  Initialize success
09:38:14.0820 0x07b0  ============================================================
09:41:16.0647 0x0790  ============================================================
09:41:16.0647 0x0790  Scan started
09:41:16.0647 0x0790  Mode: Manual; SigCheck; TDLFS; 
09:41:16.0647 0x0790  ============================================================
09:41:16.0647 0x0790  KSN ping started
09:41:19.0011 0x0790  KSN ping finished: true
09:41:19.0964 0x0790  ================ Scan system memory ========================
09:41:19.0964 0x0790  System memory - ok
09:41:19.0964 0x0790  ================ Scan services =============================
09:41:20.0120 0x0790  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
09:41:20.0151 0x0790  1394ohci - ok
09:41:20.0183 0x0790  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
09:41:20.0198 0x0790  3ware - ok
09:41:20.0229 0x0790  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:41:20.0261 0x0790  ACPI - ok
09:41:20.0276 0x0790  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
09:41:20.0292 0x0790  acpiex - ok
09:41:20.0292 0x0790  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
09:41:20.0308 0x0790  acpipagr - ok
09:41:20.0308 0x0790  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
09:41:20.0328 0x0790  AcpiPmi - ok
09:41:20.0328 0x0790  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
09:41:20.0343 0x0790  acpitime - ok
09:41:20.0453 0x0790  [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:41:20.0547 0x0790  AdobeFlashPlayerUpdateSvc - ok
09:41:20.0625 0x0790  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
09:41:20.0656 0x0790  ADP80XX - ok
09:41:20.0689 0x0790  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:41:20.0703 0x0790  AeLookupSvc - ok
09:41:20.0750 0x0790  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
09:41:20.0766 0x0790  AFD - ok
09:41:20.0797 0x0790  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
09:41:20.0813 0x0790  agp440 - ok
09:41:20.0828 0x0790  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
09:41:20.0847 0x0790  ahcache - ok
09:41:20.0863 0x0790  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
09:41:20.0878 0x0790  ALG - ok
09:41:20.0925 0x0790  [ 9BE2E20451DD60B4DCFA90093682E4F4, 3EC6821C92EF6A3894F3B4931624C5204DC1D4C3B28E608CB0654363CA6D9198 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:41:20.0956 0x0790  AMD External Events Utility - ok
09:41:20.0984 0x0790  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
09:41:21.0000 0x0790  AmdK8 - ok
09:41:21.0422 0x0790  [ 1A0E94052F86A3DACE27FBFDE8FFD4B6, 5874DB52F42C70B068EC5259C6866E4283F6F27B10381376499758044A7787F0 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
09:41:21.0735 0x0790  amdkmdag - ok
09:41:21.0797 0x0790  [ A4AD3E93AFDD03554F0D5FE104C52844, F48CAC14D8863C8F6916614A9ED41DEF06EF6FB848CCD6418DAD6802201CAD65 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
09:41:21.0828 0x0790  amdkmdap - ok
09:41:21.0844 0x0790  [ C04F35935BF6274F5593B78C7B295760, 29BC36696B3D5C75DEF9C9D96D3C06E5C6D964A00B4D5CD354CB08002E085191 ] amdkmpfd        C:\Windows\system32\drivers\amdkmpfd.sys
09:41:21.0875 0x0790  amdkmpfd - ok
09:41:21.0906 0x0790  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
09:41:21.0922 0x0790  AmdPPM - ok
09:41:21.0938 0x0790  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:41:21.0953 0x0790  amdsata - ok
09:41:21.0985 0x0790  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:41:22.0000 0x0790  amdsbs - ok
09:41:22.0016 0x0790  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:41:22.0032 0x0790  amdxata - ok
09:41:22.0047 0x0790  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
09:41:22.0063 0x0790  AppID - ok
09:41:22.0094 0x0790  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:41:22.0110 0x0790  AppIDSvc - ok
09:41:22.0141 0x0790  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
09:41:22.0173 0x0790  Appinfo - ok
09:41:22.0207 0x0790  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
09:41:22.0239 0x0790  AppReadiness - ok
09:41:22.0317 0x0790  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
09:41:22.0364 0x0790  AppXSvc - ok
09:41:22.0395 0x0790  [ A3C7FC7D3FD8B9FA5FD4B8AF903363D3, 2CCB9380839C4E4AD305F61F13CD5A6B2699C85C8338446AE1F88A0B9048FA04 ] APXACC          C:\Windows\system32\DRIVERS\appexDrv.sys
09:41:22.0411 0x0790  APXACC - ok
09:41:22.0442 0x0790  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:41:22.0457 0x0790  arcsas - ok
09:41:22.0457 0x0790  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:41:22.0473 0x0790  atapi - ok
09:41:22.0504 0x0790  [ 517334A411CD079EE9AEF4C2167875A5, 7C6A450BADCA211D553102ABDC06E1F367FBFC359711AF1DC88027B34502B484 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWB6.sys
09:41:22.0520 0x0790  AtiHDAudioService - ok
09:41:22.0567 0x0790  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
09:41:22.0598 0x0790  AudioEndpointBuilder - ok
09:41:22.0645 0x0790  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:41:22.0676 0x0790  Audiosrv - ok
09:41:22.0754 0x0790  [ 058734C95991F6BEBF3D3075B8776234, D94A0E5893723C0F30D8215F001039AE9D903BF8EC3782D9583DEFD9B304B0CA ] AVP15.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
09:41:22.0770 0x0790  AVP15.0.0 - ok
09:41:22.0801 0x0790  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:41:22.0817 0x0790  AxInstSV - ok
09:41:22.0848 0x0790  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
09:41:22.0879 0x0790  b06bdrv - ok
09:41:22.0879 0x0790  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
09:41:22.0895 0x0790  BasicDisplay - ok
09:41:22.0910 0x0790  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
09:41:22.0926 0x0790  BasicRender - ok
09:41:22.0957 0x0790  [ F8FE7E12F8151E0A17C23CF840599F9A, 5D1AA3A5DAC08B521A7BE775F32434AFF1F5F19B69CD16D2D94B0D399E61C371 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
09:41:22.0973 0x0790  bcbtums - ok
09:41:23.0207 0x0790  [ 82F593A1643252A97A00F70B34EBC0E3, 303EAF37F0877DDF8AA9A364FE6EAC38C8C19D3AF9E2723D24B1728F4F892F1C ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl63a.sys
09:41:23.0395 0x0790  BCM43XX - ok
09:41:23.0473 0x0790  [ 43907773F7563AF4DF0999D47522E802, 2563666842008E202B6A64435F06169A259D6DC56D16AF7359114C20A4FA4400 ] BcmBtRSupport   C:\Windows\system32\BtwRSupportService.exe
09:41:23.0551 0x0790  BcmBtRSupport - ok
09:41:23.0582 0x0790  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
09:41:23.0582 0x0790  bcmfn2 - ok
09:41:23.0629 0x0790  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\Windows\System32\bdesvc.dll
09:41:23.0660 0x0790  BDESVC - ok
09:41:23.0692 0x0790  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
09:41:23.0723 0x0790  Beep - ok
09:41:23.0785 0x0790  [ 22A5582ACF0CEE97268D7868C69F35CE, 78A44C10966FE467D3FCC76BE37647AE2CC2BCA9DE5715AD9E643162B23C3A19 ] BFE             C:\Windows\System32\bfe.dll
09:41:23.0817 0x0790  BFE - ok
09:41:23.0864 0x0790  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
09:41:23.0910 0x0790  BITS - ok
09:41:23.0926 0x0790  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:41:23.0942 0x0790  bowser - ok
09:41:23.0989 0x0790  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
09:41:24.0020 0x0790  BrokerInfrastructure - ok
09:41:24.0051 0x0790  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
09:41:24.0067 0x0790  Browser - ok
09:41:24.0082 0x0790  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
09:41:24.0098 0x0790  BthAvrcpTg - ok
09:41:24.0129 0x0790  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
09:41:24.0145 0x0790  BthEnum - ok
09:41:24.0176 0x0790  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
09:41:24.0207 0x0790  BthHFEnum - ok
09:41:24.0207 0x0790  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
09:41:24.0223 0x0790  bthhfhid - ok
09:41:24.0254 0x0790  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
09:41:24.0301 0x0790  BthHFSrv - ok
09:41:24.0348 0x0790  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
09:41:24.0364 0x0790  BthLEEnum - ok
09:41:24.0364 0x0790  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
09:41:24.0379 0x0790  BTHMODEM - ok
09:41:24.0411 0x0790  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\Windows\System32\drivers\bthpan.sys
09:41:24.0426 0x0790  BthPan - ok
09:41:24.0489 0x0790  [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
09:41:24.0536 0x0790  BTHPORT - ok
09:41:24.0567 0x0790  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
09:41:24.0598 0x0790  bthserv - ok
09:41:24.0614 0x0790  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
09:41:24.0629 0x0790  BTHUSB - ok
09:41:24.0645 0x0790  [ 8A44414F20A086D6C4F4CF6CA51E02F9, D360454AD7F20AFFD79BBD618CD8BE162DE59EBA9BC8D01D5C2480C9F3845EEB ] btwampfl        C:\Windows\system32\DRIVERS\btwampfl.sys
09:41:24.0660 0x0790  btwampfl - ok
09:41:24.0692 0x0790  [ 7A48FCA670473002812486DBEE3B19AF, 7726081E599AC54B6DBF201D924BDB2B3142072523259CC240963B9E42B36367 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
09:41:24.0707 0x0790  btwaudio - ok
09:41:24.0723 0x0790  [ C192ECC53D1B52FDD8533BF95EC63F30, A2C9C093893A6E6B887A1B29A3EA55CF0F68576D81BB402B5FB2DD5B9AB88163 ] btwavdt         C:\Windows\System32\drivers\btwavdt.sys
09:41:24.0739 0x0790  btwavdt - ok
09:41:24.0832 0x0790  [ 9E1A7582DD37E41D304E5918E1835E5D, 78184166F1819C9558788753C6668E14C4005A2C8A1003FDC01F4FBC3F883D1E ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:41:24.0879 0x0790  btwdins - ok
09:41:24.0895 0x0790  [ C3C8974D99F976C927165363855690CD, 2B73E11FE341DE581CFF655E58C5671B83F4331529C30DADCAA9B6BE615D5E1F ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
09:41:24.0895 0x0790  btwl2cap - ok
09:41:24.0910 0x0790  [ 559A66EC1CF2A2324F7A31E90DB94745, FF317F4E698051F26DE366E29CE169CD8972C2630FC4BB11FDE9294CB7A3CD06 ] btwrchid        C:\Windows\System32\drivers\btwrchid.sys
09:41:24.0926 0x0790  btwrchid - ok
09:41:25.0082 0x0790  [ 33D76C80BA71E8BA67DED7B5A9187895, D07C355C1285FD74671C58FD4A7CBF2FE7C4DD5564DEF6BEE84B758981EB664A ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
09:41:25.0145 0x0790  CCDMonitorService - ok
09:41:25.0160 0x0790  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:41:25.0192 0x0790  cdfs - ok
09:41:25.0207 0x0790  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
09:41:25.0223 0x0790  cdrom - ok
09:41:25.0255 0x0790  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:41:25.0270 0x0790  CertPropSvc - ok
09:41:25.0285 0x0790  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
09:41:25.0301 0x0790  circlass - ok
09:41:25.0333 0x0790  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
09:41:25.0348 0x0790  CLFS - ok
09:41:25.0504 0x0790  [ 42C5B8010D47EF3F4BAE6D1B427E80F4, 721C24522C43D50081EA01FD521D68EB365B91561CCF2E7AD1F091FBD61E67FB ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
09:41:25.0582 0x0790  ClickToRunSvc - ok
09:41:25.0615 0x0790  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
09:41:25.0629 0x0790  CmBatt - ok
09:41:25.0676 0x0790  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\Windows\system32\Drivers\cng.sys
09:41:25.0723 0x0790  CNG - ok
09:41:25.0786 0x0790  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
09:41:25.0801 0x0790  CompositeBus - ok
09:41:25.0817 0x0790  COMSysApp - ok
09:41:25.0817 0x0790  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
09:41:25.0832 0x0790  condrv - ok
09:41:25.0864 0x0790  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:41:25.0879 0x0790  CryptSvc - ok
09:41:25.0911 0x0790  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\Windows\system32\drivers\dam.sys
09:41:25.0926 0x0790  dam - ok
09:41:25.0989 0x0790  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:41:26.0020 0x0790  DcomLaunch - ok
09:41:26.0051 0x0790  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
09:41:26.0082 0x0790  defragsvc - ok
09:41:26.0114 0x0790  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
09:41:26.0129 0x0790  DeviceAssociationService - ok
09:41:26.0161 0x0790  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
09:41:26.0192 0x0790  DeviceInstall - ok
09:41:26.0223 0x0790  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
09:41:26.0239 0x0790  Dfsc - ok
09:41:26.0270 0x0790  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:41:26.0285 0x0790  Dhcp - ok
09:41:26.0364 0x0790  [ 9703EC57F5BBB94F89CA80A5D0C12221, 29639F73AA86AA42401A1DB0AF4E76012E617879EC03AD7591210164BA105EBF ] DiagTrack       C:\Windows\system32\diagtrack.dll
09:41:26.0426 0x0790  DiagTrack - ok
09:41:26.0426 0x0790  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
09:41:26.0442 0x0790  disk - ok
09:41:26.0457 0x0790  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
09:41:26.0473 0x0790  dmvsc - ok
09:41:26.0504 0x0790  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:41:26.0551 0x0790  Dnscache - ok
09:41:26.0582 0x0790  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:41:26.0598 0x0790  dot3svc - ok
09:41:26.0629 0x0790  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
09:41:26.0645 0x0790  DPS - ok
09:41:26.0676 0x0790  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:41:26.0676 0x0790  drmkaud - ok
09:41:26.0707 0x0790  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
09:41:26.0739 0x0790  DsmSvc - ok
09:41:26.0801 0x0790  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:41:26.0848 0x0790  DXGKrnl - ok
09:41:26.0880 0x0790  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
09:41:26.0895 0x0790  Eaphost - ok
09:41:27.0011 0x0790  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
09:41:27.0105 0x0790  ebdrv - ok
09:41:27.0152 0x0790  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
09:41:27.0152 0x0790  EFS - ok
09:41:27.0183 0x0790  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
09:41:27.0199 0x0790  EhStorClass - ok
09:41:27.0230 0x0790  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
09:41:27.0230 0x0790  EhStorTcgDrv - ok
09:41:27.0387 0x0790  [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
09:41:27.0449 0x0790  ePowerSvc - ok
09:41:27.0465 0x0790  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
09:41:27.0480 0x0790  ErrDev - ok
09:41:27.0527 0x0790  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
09:41:27.0559 0x0790  EventSystem - ok
09:41:27.0559 0x0790  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:41:27.0590 0x0790  exfat - ok
09:41:27.0637 0x0790  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:41:27.0652 0x0790  fastfat - ok
09:41:27.0699 0x0790  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
09:41:27.0730 0x0790  Fax - ok
09:41:27.0746 0x0790  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
09:41:27.0746 0x0790  fdc - ok
09:41:27.0777 0x0790  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
09:41:27.0793 0x0790  fdPHost - ok
09:41:27.0824 0x0790  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:41:27.0840 0x0790  FDResPub - ok
09:41:27.0887 0x0790  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
09:41:27.0918 0x0790  fhsvc - ok
09:41:27.0934 0x0790  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:41:27.0949 0x0790  FileInfo - ok
09:41:27.0969 0x0790  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:41:27.0985 0x0790  Filetrace - ok
09:41:28.0000 0x0790  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
09:41:28.0016 0x0790  flpydisk - ok
09:41:28.0047 0x0790  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:41:28.0063 0x0790  FltMgr - ok
09:41:28.0141 0x0790  [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache       C:\Windows\system32\FntCache.dll
09:41:28.0188 0x0790  FontCache - ok
09:41:28.0282 0x0790  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:41:28.0297 0x0790  FontCache3.0.0.0 - ok
09:41:28.0344 0x0790  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:41:28.0360 0x0790  FsDepends - ok
09:41:28.0391 0x0790  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:41:28.0391 0x0790  Fs_Rec - ok
09:41:28.0422 0x0790  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:41:28.0438 0x0790  fvevol - ok
09:41:28.0469 0x0790  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
09:41:28.0485 0x0790  FxPPM - ok
09:41:28.0485 0x0790  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:41:28.0500 0x0790  gagp30kx - ok
09:41:28.0547 0x0790  [ 9ACFC1E97F789D3C2E6E44431C9FB47B, BE5787A7B9F96BE384FF9EE4962766E7A83C60E74613557FE5274E3900889B6B ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
09:41:28.0563 0x0790  GamesAppIntegrationService - ok
09:41:28.0594 0x0790  [ C23410A44ADDF0E1A9B4BA42A5DD5EA7, 384382D16D09A17E29D8348E1CF8DD7E377607DB3472AB8888EF8E83671B772C ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
09:41:28.0610 0x0790  GamesAppService - ok
09:41:28.0641 0x0790  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
09:41:28.0641 0x0790  gencounter - ok
09:41:28.0672 0x0790  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
09:41:28.0688 0x0790  GPIOClx0101 - ok
09:41:28.0766 0x0790  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:41:28.0813 0x0790  gpsvc - ok
09:41:28.0860 0x0790  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:41:28.0875 0x0790  gupdate - ok
09:41:28.0891 0x0790  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:41:28.0891 0x0790  gupdatem - ok
09:41:28.0938 0x0790  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:41:28.0953 0x0790  HdAudAddService - ok
09:41:28.0985 0x0790  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
09:41:29.0000 0x0790  HDAudBus - ok
09:41:29.0016 0x0790  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
09:41:29.0016 0x0790  HidBatt - ok
09:41:29.0046 0x0790  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
09:41:29.0062 0x0790  HidBth - ok
09:41:29.0077 0x0790  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
09:41:29.0093 0x0790  hidi2c - ok
09:41:29.0093 0x0790  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
09:41:29.0109 0x0790  HidIr - ok
09:41:29.0140 0x0790  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
09:41:29.0156 0x0790  hidserv - ok
09:41:29.0171 0x0790  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
09:41:29.0187 0x0790  HidUsb - ok
09:41:29.0218 0x0790  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:41:29.0234 0x0790  hkmsvc - ok
09:41:29.0280 0x0790  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:41:29.0312 0x0790  HomeGroupListener - ok
09:41:29.0359 0x0790  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:41:29.0406 0x0790  HomeGroupProvider - ok
09:41:29.0421 0x0790  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:41:29.0437 0x0790  HpSAMD - ok
09:41:29.0515 0x0790  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:41:29.0562 0x0790  HTTP - ok
09:41:29.0577 0x0790  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:41:29.0593 0x0790  hwpolicy - ok
09:41:29.0593 0x0790  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
09:41:29.0609 0x0790  hyperkbd - ok
09:41:29.0624 0x0790  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
09:41:29.0624 0x0790  HyperVideo - ok
09:41:29.0655 0x0790  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
09:41:29.0671 0x0790  i8042prt - ok
09:41:29.0687 0x0790  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
09:41:29.0687 0x0790  iaLPSSi_GPIO - ok
09:41:29.0702 0x0790  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
09:41:29.0718 0x0790  iaLPSSi_I2C - ok
09:41:29.0734 0x0790  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
09:41:29.0765 0x0790  iaStorAV - ok
09:41:29.0780 0x0790  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:41:29.0796 0x0790  iaStorV - ok
09:41:29.0812 0x0790  IEEtwCollectorService - ok
09:41:29.0859 0x0790  [ 57322EBB67A59FB64E228F31A84CA43D, 258DA26BDFAB635F145E55CF65CDFCFE4EB91454E3F930489E92810250EF9FD7 ] IKEEXT          C:\Windows\System32\ikeext.dll
09:41:29.0905 0x0790  IKEEXT - ok
09:41:30.0046 0x0790  [ 867D7EBF7A01FB0ABC72CBC18CCA8A2F, 697C899C95BD7C35294B42685156C553B5C80B3648FFE4ED666BD476B478D998 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:41:30.0155 0x0790  IntcAzAudAddService - ok
09:41:30.0155 0x0790  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:41:30.0171 0x0790  intelide - ok
09:41:30.0202 0x0790  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
09:41:30.0218 0x0790  intelpep - ok
09:41:30.0234 0x0790  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
09:41:30.0249 0x0790  intelppm - ok
09:41:30.0265 0x0790  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:41:30.0281 0x0790  IpFilterDriver - ok
09:41:30.0374 0x0790  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:41:30.0406 0x0790  iphlpsvc - ok
09:41:30.0437 0x0790  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
09:41:30.0452 0x0790  IPMIDRV - ok
09:41:30.0515 0x0790  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:41:30.0562 0x0790  IPNAT - ok
09:41:30.0577 0x0790  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:41:30.0593 0x0790  IRENUM - ok
09:41:30.0593 0x0790  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:41:30.0609 0x0790  isapnp - ok
09:41:30.0640 0x0790  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
09:41:30.0656 0x0790  iScsiPrt - ok
09:41:30.0687 0x0790  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
09:41:30.0702 0x0790  kbdclass - ok
09:41:30.0734 0x0790  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
09:41:30.0734 0x0790  kbdhid - ok
09:41:30.0749 0x0790  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
09:41:30.0765 0x0790  kdnic - ok
09:41:30.0795 0x0790  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
09:41:30.0795 0x0790  KeyIso - ok
09:41:30.0842 0x0790  [ 67D1F7FA1DF9502DE12027D7C7782863, BCB92C1C11A7576FD7E91B160CBC3FB5A0C31FE028305021D7C10EC40C4D5013 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
09:41:30.0857 0x0790  kl1 - ok
09:41:30.0873 0x0790  [ F2EB9202FCCC81E0902D3C5A70037A44, 9554851BB68228500E69536B0C484B32FC92B85A76A7F1F268549212D0D5CFCA ] klelam          C:\Windows\system32\DRIVERS\klelam.sys
09:41:30.0888 0x0790  klelam - ok
09:41:30.0920 0x0790  [ C10F8065188403857CD3AE1397185877, 347BDA6371D25B6BE5FE1CB7FB7FBE2F469D74FCDBBD9BB25DD928D90D7BD235 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
09:41:30.0951 0x0790  klflt - ok
09:41:30.0951 0x0790  [ AB9F0954450B132CCC1CAD40AC3190B5, 2C8F31B4C93F2F7CB78B1FE47A38FC924BF7D4B68E861035921AD79FC27A9BEF ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
09:41:30.0967 0x0790  klhk - ok
09:41:30.0998 0x0790  [ 0620A7BE4C98C4B1DDFE2BCBE6B29D1D, 72C0516A09CB852BE63DA6C4F1A4EE2544D0FCCFA5D86FE2600101038B7802CE ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
09:41:31.0029 0x0790  KLIF - ok
09:41:31.0045 0x0790  [ 753BFA638ACE05983D4C64988CC13926, FE0D2604AE845D9AC35C793E1E0523BFF7FCA396183D7FED005E4CDF29381252 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
09:41:31.0060 0x0790  KLIM6 - ok
09:41:31.0060 0x0790  [ 37ADA02E498051A4D533F21096789597, 569D0D29C509695C5136D5039AACAF3CAD70FA92AB3F7FE92B6F58C0C691F3F6 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
09:41:31.0076 0x0790  klkbdflt - ok
09:41:31.0076 0x0790  [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
09:41:31.0092 0x0790  klmouflt - ok
09:41:31.0107 0x0790  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
09:41:31.0107 0x0790  klpd - ok
09:41:31.0139 0x0790  [ B14A25C9035DCE1108743CFE3340CB8E, 001E7FC5EB197D5863A00F0750E39FA94B2812BC975C721DFEA95F2A5396FB39 ] klwfp           C:\Windows\system32\DRIVERS\klwfp.sys
09:41:31.0139 0x0790  klwfp - ok
09:41:31.0170 0x0790  [ D043624FE4AE0A4894A785097C02EF09, 2259CA9BAC73902D291176AB689C101CACE115A8A1C2E6824CC66E928FA27552 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
09:41:31.0185 0x0790  kneps - ok
09:41:31.0201 0x0790  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:41:31.0217 0x0790  KSecDD - ok
09:41:31.0264 0x0790  [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:41:31.0279 0x0790  KSecPkg - ok
09:41:31.0310 0x0790  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:41:31.0310 0x0790  ksthunk - ok
09:41:31.0342 0x0790  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:41:31.0357 0x0790  KtmRm - ok
09:41:31.0404 0x0790  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:41:31.0420 0x0790  LanmanServer - ok
09:41:31.0467 0x0790  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:41:31.0513 0x0790  LanmanWorkstation - ok
09:41:31.0576 0x0790  [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
09:41:31.0607 0x0790  lfsvc - ok
09:41:31.0623 0x0790  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:41:31.0639 0x0790  lltdio - ok
09:41:31.0670 0x0790  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:41:31.0685 0x0790  lltdsvc - ok
09:41:31.0717 0x0790  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\Windows\System32\drivers\LMDriver.sys
09:41:31.0717 0x0790  LMDriver - ok
09:41:31.0732 0x0790  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:41:31.0748 0x0790  lmhosts - ok
09:41:31.0795 0x0790  [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc           C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
09:41:31.0810 0x0790  LMSvc - ok
09:41:31.0826 0x0790  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:41:31.0842 0x0790  LSI_SAS - ok
09:41:31.0857 0x0790  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:41:31.0873 0x0790  LSI_SAS2 - ok
09:41:31.0888 0x0790  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
09:41:31.0888 0x0790  LSI_SAS3 - ok
09:41:31.0904 0x0790  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
09:41:31.0920 0x0790  LSI_SSS - ok
09:41:31.0967 0x0790  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
09:41:31.0998 0x0790  LSM - ok
09:41:32.0013 0x0790  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:41:32.0029 0x0790  luafv - ok
09:41:32.0060 0x0790  [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
09:41:32.0076 0x0790  MBAMProtector - ok
09:41:32.0154 0x0790  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
09:41:32.0185 0x0790  MBAMService - ok
09:41:32.0263 0x0790  [ E9CD058C79EA15B4AA93E259FA713B07, 2B09F65188D8782F9C797545F2F791EC7EAB85D8914B2C0B30BD869C412E3980 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
09:41:32.0279 0x0790  MBAMSwissArmy - ok
09:41:32.0310 0x0790  [ 28B597A61C9AC9B59BC0573D70A62CBF, 032C095ECDAEEE800BD9C7AB08C089E7530A9DD09AE577D1612035F2BFFAA61C ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
09:41:32.0326 0x0790  MBAMWebAccessControl - ok
09:41:32.0326 0x0790  McAfee SiteAdvisor Service - ok
09:41:32.0357 0x0790  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
09:41:32.0373 0x0790  megasas - ok
09:41:32.0404 0x0790  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
09:41:32.0435 0x0790  megasr - ok
09:41:32.0467 0x0790  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
09:41:32.0482 0x0790  MMCSS - ok
09:41:32.0499 0x0790  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
09:41:32.0514 0x0790  Modem - ok
09:41:32.0529 0x0790  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
09:41:32.0545 0x0790  monitor - ok
09:41:32.0576 0x0790  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
09:41:32.0592 0x0790  mouclass - ok
09:41:32.0609 0x0790  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
09:41:32.0625 0x0790  mouhid - ok
09:41:32.0656 0x0790  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:41:32.0672 0x0790  mountmgr - ok
09:41:32.0719 0x0790  [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:41:32.0734 0x0790  MozillaMaintenance - ok
09:41:32.0766 0x0790  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:41:32.0781 0x0790  mpsdrv - ok
09:41:32.0828 0x0790  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:41:32.0859 0x0790  MpsSvc - ok
09:41:32.0891 0x0790  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:41:32.0906 0x0790  MRxDAV - ok
09:41:32.0940 0x0790  [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:41:32.0972 0x0790  mrxsmb - ok
09:41:32.0987 0x0790  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:41:33.0019 0x0790  mrxsmb10 - ok
09:41:33.0050 0x0790  [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:41:33.0065 0x0790  mrxsmb20 - ok
09:41:33.0097 0x0790  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
09:41:33.0112 0x0790  MsBridge - ok
09:41:33.0144 0x0790  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
09:41:33.0159 0x0790  MSDTC - ok
09:41:33.0184 0x0790  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:41:33.0198 0x0790  Msfs - ok
09:41:33.0214 0x0790  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
09:41:33.0229 0x0790  msgpiowin32 - ok
09:41:33.0245 0x0790  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:41:33.0260 0x0790  mshidkmdf - ok
09:41:33.0276 0x0790  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
09:41:33.0276 0x0790  mshidumdf - ok
09:41:33.0323 0x0790  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:41:33.0323 0x0790  msisadrv - ok
09:41:33.0354 0x0790  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:41:33.0370 0x0790  MSiSCSI - ok
09:41:33.0385 0x0790  msiserver - ok
09:41:33.0401 0x0790  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:41:33.0401 0x0790  MSKSSRV - ok
09:41:33.0432 0x0790  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
09:41:33.0448 0x0790  MsLldp - ok
09:41:33.0463 0x0790  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:41:33.0479 0x0790  MSPCLOCK - ok
09:41:33.0479 0x0790  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:41:33.0495 0x0790  MSPQM - ok
09:41:33.0526 0x0790  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:41:33.0542 0x0790  MsRPC - ok
09:41:33.0557 0x0790  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
09:41:33.0573 0x0790  mssmbios - ok
09:41:33.0573 0x0790  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:41:33.0588 0x0790  MSTEE - ok
09:41:33.0604 0x0790  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
09:41:33.0620 0x0790  MTConfig - ok
09:41:33.0620 0x0790  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
09:41:33.0635 0x0790  Mup - ok
09:41:33.0651 0x0790  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
09:41:33.0667 0x0790  mvumis - ok
09:41:33.0698 0x0790  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
09:41:33.0729 0x0790  napagent - ok
09:41:33.0760 0x0790  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:41:33.0776 0x0790  NativeWifiP - ok
09:41:33.0807 0x0790  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
09:41:33.0823 0x0790  NcaSvc - ok
09:41:33.0854 0x0790  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
09:41:33.0870 0x0790  NcbService - ok
09:41:33.0901 0x0790  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
09:41:33.0917 0x0790  NcdAutoSetup - ok
09:41:33.0979 0x0790  [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:41:34.0026 0x0790  NDIS - ok
09:41:34.0057 0x0790  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:41:34.0073 0x0790  NdisCap - ok
09:41:34.0104 0x0790  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
09:41:34.0135 0x0790  NdisImPlatform - ok
09:41:34.0167 0x0790  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:41:34.0182 0x0790  NdisTapi - ok
09:41:34.0214 0x0790  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:41:34.0229 0x0790  Ndisuio - ok
09:41:34.0229 0x0790  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
09:41:34.0245 0x0790  NdisVirtualBus - ok
09:41:34.0260 0x0790  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:41:34.0292 0x0790  NdisWan - ok
09:41:34.0307 0x0790  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
09:41:34.0323 0x0790  NdisWanLegacy - ok
09:41:34.0351 0x0790  [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:41:34.0351 0x0790  NDProxy - ok
09:41:34.0398 0x0790  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
09:41:34.0413 0x0790  Ndu - ok
09:41:34.0429 0x0790  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:41:34.0445 0x0790  NetBIOS - ok
09:41:34.0476 0x0790  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:41:34.0523 0x0790  NetBT - ok
09:41:34.0523 0x0790  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
09:41:34.0538 0x0790  Netlogon - ok
09:41:34.0585 0x0790  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
09:41:34.0617 0x0790  Netman - ok
09:41:34.0663 0x0790  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
09:41:34.0695 0x0790  netprofm - ok
09:41:34.0742 0x0790  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:41:34.0804 0x0790  NetTcpPortSharing - ok
09:41:34.0820 0x0790  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
09:41:34.0835 0x0790  netvsc - ok
09:41:34.0882 0x0790  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:41:34.0913 0x0790  NlaSvc - ok
09:41:34.0929 0x0790  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:41:34.0945 0x0790  Npfs - ok
09:41:34.0976 0x0790  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
09:41:34.0991 0x0790  npsvctrig - ok
09:41:35.0007 0x0790  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
09:41:35.0023 0x0790  nsi - ok
09:41:35.0054 0x0790  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:41:35.0054 0x0790  nsiproxy - ok
09:41:35.0148 0x0790  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:41:35.0226 0x0790  Ntfs - ok
09:41:35.0258 0x0790  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
09:41:35.0273 0x0790  Null - ok
09:41:35.0288 0x0790  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:41:35.0304 0x0790  nvraid - ok
09:41:35.0320 0x0790  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:41:35.0335 0x0790  nvstor - ok
09:41:35.0351 0x0790  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:41:35.0351 0x0790  nv_agp - ok
09:41:35.0398 0x0790  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:41:35.0413 0x0790  ose - ok
09:41:35.0460 0x0790  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:41:35.0491 0x0790  p2pimsvc - ok
09:41:35.0538 0x0790  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
09:41:35.0570 0x0790  p2psvc - ok
09:41:35.0585 0x0790  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
09:41:35.0601 0x0790  Parport - ok
09:41:35.0616 0x0790  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:41:35.0632 0x0790  partmgr - ok
09:41:35.0679 0x0790  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:41:35.0695 0x0790  PcaSvc - ok
09:41:35.0742 0x0790  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
09:41:35.0757 0x0790  pci - ok
09:41:35.0773 0x0790  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:41:35.0773 0x0790  pciide - ok
09:41:35.0804 0x0790  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:41:35.0820 0x0790  pcmcia - ok
09:41:35.0835 0x0790  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:41:35.0835 0x0790  pcw - ok
09:41:35.0851 0x0790  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc             C:\Windows\system32\drivers\pdc.sys
09:41:35.0867 0x0790  pdc - ok
09:41:35.0898 0x0790  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:41:35.0929 0x0790  PEAUTH - ok
09:41:36.0101 0x0790  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:41:36.0116 0x0790  PerfHost - ok
09:41:36.0226 0x0790  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
09:41:36.0273 0x0790  pla - ok
09:41:36.0305 0x0790  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:41:36.0335 0x0790  PlugPlay - ok
09:41:36.0367 0x0790  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:41:36.0382 0x0790  PNRPAutoReg - ok
09:41:36.0398 0x0790  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:41:36.0429 0x0790  PNRPsvc - ok
09:41:36.0460 0x0790  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:41:36.0492 0x0790  PolicyAgent - ok
09:41:36.0523 0x0790  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
09:41:36.0538 0x0790  Power - ok
09:41:36.0960 0x0790  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
09:41:37.0038 0x0790  PrintNotify - ok
09:41:37.0132 0x0790  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
09:41:37.0163 0x0790  Processor - ok
09:41:37.0257 0x0790  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:41:37.0288 0x0790  ProfSvc - ok
09:41:37.0375 0x0790  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:41:37.0406 0x0790  Psched - ok
09:41:37.0812 0x0790  [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc           C:\Program Files\Acer\Acer Quick Access\QASvc.exe
09:41:37.0843 0x0790  QASvc - ok
09:41:37.0953 0x0790  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
09:41:37.0984 0x0790  QWAVE - ok
09:41:38.0047 0x0790  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:41:38.0078 0x0790  QWAVEdrv - ok
09:41:38.0125 0x0790  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\Windows\System32\drivers\RadioShim.sys
09:41:38.0140 0x0790  RadioShim - ok
09:41:38.0203 0x0790  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:41:38.0234 0x0790  RasAcd - ok
09:41:38.0312 0x0790  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
09:41:38.0328 0x0790  RasAuto - ok
09:41:38.0437 0x0790  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
09:41:38.0468 0x0790  RasMan - ok
09:41:38.0531 0x0790  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:41:38.0546 0x0790  RasPppoe - ok
09:41:38.0718 0x0790  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:41:38.0750 0x0790  rdbss - ok
09:41:38.0812 0x0790  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
09:41:38.0843 0x0790  rdpbus - ok
09:41:38.0937 0x0790  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
09:41:38.0968 0x0790  RDPDR - ok
09:41:39.0000 0x0790  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:41:39.0000 0x0790  RdpVideoMiniport - ok
09:41:39.0031 0x0790  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:41:39.0047 0x0790  rdyboost - ok
09:41:39.0296 0x0790  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
09:41:39.0328 0x0790  ReFS - ok
09:41:39.0437 0x0790  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:41:39.0453 0x0790  RemoteAccess - ok
09:41:39.0562 0x0790  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:41:39.0593 0x0790  RemoteRegistry - ok
09:41:39.0656 0x0790  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
09:41:39.0671 0x0790  RFCOMM - ok
09:41:39.0796 0x0790  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
09:41:39.0828 0x0790  RichVideo - ok
09:41:40.0000 0x0790  [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc           C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
09:41:40.0031 0x0790  RMSvc - ok
09:41:40.0047 0x0790  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:41:40.0078 0x0790  RpcEptMapper - ok
09:41:40.0101 0x0790  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
09:41:40.0115 0x0790  RpcLocator - ok
09:41:40.0381 0x0790  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
09:41:40.0412 0x0790  RpcSs - ok
09:41:40.0459 0x0790  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:41:40.0490 0x0790  rspndr - ok
09:41:40.0740 0x0790  [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
09:41:40.0756 0x0790  RTL8168 - ok
09:41:40.0944 0x0790  [ 1C4B1188E9329CA82EE89CDBC70C8BEF, A086896C3058377CEE1A5BC1BFF11B02A33CCBD3C7CD42B7B17E05CE155E5D4D ] RTSPER          C:\Windows\system32\DRIVERS\RtsPer.sys
09:41:40.0975 0x0790  RTSPER - ok
09:41:41.0022 0x0790  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
09:41:41.0037 0x0790  s3cap - ok
09:41:41.0084 0x0790  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
09:41:41.0100 0x0790  SamSs - ok
09:41:41.0209 0x0790  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:41:41.0225 0x0790  sbp2port - ok
09:41:41.0272 0x0790  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:41:41.0303 0x0790  SCardSvr - ok
09:41:41.0365 0x0790  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
09:41:41.0397 0x0790  ScDeviceEnum - ok
09:41:41.0522 0x0790  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:41:41.0553 0x0790  scfilter - ok
09:41:41.0914 0x0790  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\Windows\system32\schedsvc.dll
09:41:41.0961 0x0790  Schedule - ok
09:41:42.0039 0x0790  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:41:42.0070 0x0790  SCPolicySvc - ok
09:41:42.0211 0x0790  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
09:41:42.0242 0x0790  sdbus - ok
09:41:42.0351 0x0790  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
09:41:42.0351 0x0790  sdstor - ok
09:41:42.0382 0x0790  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:41:42.0429 0x0790  secdrv - ok
09:41:42.0479 0x0790  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
09:41:42.0479 0x0790  seclogon - ok
09:41:42.0542 0x0790  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
09:41:42.0573 0x0790  SENS - ok
09:41:42.0620 0x0790  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:41:42.0636 0x0790  SensrSvc - ok
09:41:42.0714 0x0790  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
09:41:42.0745 0x0790  SerCx - ok
09:41:42.0823 0x0790  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
09:41:42.0839 0x0790  SerCx2 - ok
09:41:42.0870 0x0790  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
09:41:42.0870 0x0790  Serenum - ok
09:41:42.0979 0x0790  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
09:41:43.0010 0x0790  Serial - ok
09:41:43.0057 0x0790  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
09:41:43.0073 0x0790  sermouse - ok
09:41:43.0167 0x0790  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
09:41:43.0198 0x0790  SessionEnv - ok
09:41:43.0261 0x0790  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
09:41:43.0261 0x0790  sfloppy - ok
09:41:43.0354 0x0790  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:41:43.0386 0x0790  SharedAccess - ok
09:41:43.0464 0x0790  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:41:43.0495 0x0790  ShellHWDetection - ok
09:41:43.0511 0x0790  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:41:43.0511 0x0790  SiSRaid2 - ok
09:41:43.0526 0x0790  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:41:43.0542 0x0790  SiSRaid4 - ok
09:41:43.0557 0x0790  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
09:41:43.0573 0x0790  smphost - ok
09:41:43.0604 0x0790  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:41:43.0620 0x0790  SNMPTRAP - ok
09:41:43.0651 0x0790  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
09:41:43.0683 0x0790  spaceport - ok
09:41:43.0698 0x0790  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
09:41:43.0714 0x0790  SpbCx - ok
09:41:43.0761 0x0790  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\Windows\System32\spoolsv.exe
09:41:43.0807 0x0790  Spooler - ok
09:41:44.0011 0x0790  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
09:41:44.0214 0x0790  sppsvc - ok
09:41:44.0261 0x0790  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:41:44.0276 0x0790  srv - ok
09:41:44.0323 0x0790  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:41:44.0354 0x0790  srv2 - ok
09:41:44.0386 0x0790  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:41:44.0417 0x0790  srvnet - ok
09:41:44.0448 0x0790  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:41:44.0464 0x0790  SSDPSRV - ok
09:41:44.0495 0x0790  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:41:44.0511 0x0790  SstpSvc - ok
09:41:44.0542 0x0790  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:41:44.0542 0x0790  stexstor - ok
09:41:44.0589 0x0790  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
09:41:44.0620 0x0790  stisvc - ok
09:41:44.0651 0x0790  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
09:41:44.0651 0x0790  storahci - ok
09:41:44.0683 0x0790  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
09:41:44.0698 0x0790  storflt - ok
09:41:44.0714 0x0790  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
09:41:44.0714 0x0790  stornvme - ok
09:41:44.0745 0x0790  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
09:41:44.0761 0x0790  StorSvc - ok
09:41:44.0776 0x0790  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
09:41:44.0776 0x0790  storvsc - ok
09:41:44.0807 0x0790  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
09:41:44.0823 0x0790  svsvc - ok
09:41:44.0854 0x0790  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
09:41:44.0870 0x0790  swenum - ok
09:41:44.0917 0x0790  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
09:41:44.0964 0x0790  swprv - ok
09:41:44.0995 0x0790  [ 1BCD06B8BA217CB73FDFF07E7921AC2D, 9E495715ACD48CFD3482CA022CA79A17645DA46DBB69006C69B3FC61B87EF18B ] SynRMIHID       C:\Windows\system32\DRIVERS\SynRMIHID.sys
09:41:44.0995 0x0790  SynRMIHID - ok
09:41:45.0057 0x0790  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\Windows\system32\sysmain.dll
09:41:45.0104 0x0790  SysMain - ok
09:41:45.0151 0x0790  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
09:41:45.0167 0x0790  SystemEventsBroker - ok
09:41:45.0198 0x0790  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:41:45.0214 0x0790  TabletInputService - ok
09:41:45.0261 0x0790  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:41:45.0276 0x0790  TapiSrv - ok
09:41:45.0386 0x0790  [ 3C2DF97A21A9BBE6355B0A51F288EFFF, 47BBE47CFE2379B072AEEC360C4F207059BED9AD18C55FDF2AC0DA9CAD837BFB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:41:45.0479 0x0790  Tcpip - ok
09:41:45.0573 0x0790  [ 3C2DF97A21A9BBE6355B0A51F288EFFF, 47BBE47CFE2379B072AEEC360C4F207059BED9AD18C55FDF2AC0DA9CAD837BFB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:41:45.0651 0x0790  TCPIP6 - ok
09:41:45.0667 0x0790  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:41:45.0683 0x0790  tcpipreg - ok
09:41:45.0698 0x0790  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:41:45.0714 0x0790  tdx - ok
09:41:45.0729 0x0790  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
09:41:45.0745 0x0790  terminpt - ok
09:41:45.0807 0x0790  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
09:41:45.0854 0x0790  TermService - ok
09:41:45.0886 0x0790  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
09:41:45.0901 0x0790  Themes - ok
09:41:45.0932 0x0790  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
09:41:45.0948 0x0790  THREADORDER - ok
09:41:45.0979 0x0790  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
09:41:46.0011 0x0790  TimeBroker - ok
09:41:46.0042 0x0790  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
09:41:46.0058 0x0790  TPM - ok
09:41:46.0089 0x0790  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
09:41:46.0104 0x0790  TrkWks - ok
09:41:46.0151 0x0790  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:41:46.0167 0x0790  TrustedInstaller - ok
09:41:46.0182 0x0790  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:41:46.0198 0x0790  TsUsbFlt - ok
09:41:46.0229 0x0790  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
09:41:46.0245 0x0790  TsUsbGD - ok
09:41:46.0276 0x0790  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:41:46.0292 0x0790  tunnel - ok
09:41:46.0307 0x0790  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:41:46.0323 0x0790  uagp35 - ok
09:41:46.0354 0x0790  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
09:41:46.0370 0x0790  UASPStor - ok
09:41:46.0401 0x0790  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
09:41:46.0417 0x0790  UCX01000 - ok
09:41:46.0448 0x0790  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:41:46.0479 0x0790  udfs - ok
09:41:46.0495 0x0790  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
09:41:46.0495 0x0790  UEFI - ok
09:41:46.0557 0x0790  [ EB7E8BF35D31BC9F111E282C2F263854, 8969BCC5072499A2ACFEFF583BC7849BA25629EB0CBB708D581FC8D58388E772 ] UEIPSvc         C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
09:41:46.0573 0x0790  UEIPSvc - ok
09:41:46.0604 0x0790  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:41:46.0620 0x0790  UI0Detect - ok
09:41:46.0636 0x0790  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:41:46.0651 0x0790  uliagpkx - ok
09:41:46.0667 0x0790  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
09:41:46.0682 0x0790  umbus - ok
09:41:46.0698 0x0790  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
09:41:46.0714 0x0790  UmPass - ok
09:41:46.0745 0x0790  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:41:46.0776 0x0790  UmRdpService - ok
09:41:46.0807 0x0790  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
09:41:46.0839 0x0790  upnphost - ok
09:41:46.0870 0x0790  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
09:41:46.0886 0x0790  usbccgp - ok
09:41:46.0917 0x0790  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
09:41:46.0932 0x0790  usbcir - ok
09:41:46.0964 0x0790  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
09:41:46.0979 0x0790  usbehci - ok
09:41:47.0026 0x0790  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
09:41:47.0042 0x0790  usbhub - ok
09:41:47.0136 0x0790  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
09:41:47.0167 0x0790  USBHUB3 - ok
09:41:47.0214 0x0790  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
09:41:47.0229 0x0790  usbohci - ok
09:41:47.0245 0x0790  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
09:41:47.0261 0x0790  usbprint - ok
09:41:47.0292 0x0790  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
09:41:47.0307 0x0790  USBSTOR - ok
09:41:47.0339 0x0790  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
09:41:47.0354 0x0790  usbuhci - ok
09:41:47.0386 0x0790  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
09:41:47.0401 0x0790  usbvideo - ok
09:41:47.0433 0x0790  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
09:41:47.0464 0x0790  USBXHCI - ok
09:41:47.0464 0x0790  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
09:41:47.0479 0x0790  VaultSvc - ok
09:41:47.0495 0x0790  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:41:47.0511 0x0790  vdrvroot - ok
09:41:47.0573 0x0790  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
09:41:47.0620 0x0790  vds - ok
09:41:47.0636 0x0790  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
09:41:47.0651 0x0790  VerifierExt - ok
09:41:47.0698 0x0790  [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
09:41:47.0745 0x0790  vhdmp - ok
09:41:47.0792 0x0790  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:41:47.0807 0x0790  viaide - ok
09:41:47.0839 0x0790  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
09:41:47.0870 0x0790  vmbus - ok
09:41:47.0886 0x0790  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
09:41:47.0886 0x0790  VMBusHID - ok
09:41:47.0932 0x0790  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
09:41:47.0964 0x0790  vmicguestinterface - ok
09:41:48.0011 0x0790  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
09:41:48.0042 0x0790  vmicheartbeat - ok
09:41:48.0057 0x0790  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
09:41:48.0073 0x0790  vmickvpexchange - ok
09:41:48.0089 0x0790  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
09:41:48.0120 0x0790  vmicrdv - ok
09:41:48.0135 0x0790  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
09:41:48.0167 0x0790  vmicshutdown - ok
09:41:48.0182 0x0790  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
09:41:48.0214 0x0790  vmictimesync - ok
09:41:48.0229 0x0790  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
09:41:48.0261 0x0790  vmicvss - ok
09:41:48.0276 0x0790  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:41:48.0292 0x0790  volmgr - ok
09:41:48.0323 0x0790  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:41:48.0339 0x0790  volmgrx - ok
09:41:48.0417 0x0790  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:41:48.0433 0x0790  volsnap - ok
09:41:48.0479 0x0790  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
09:41:48.0495 0x0790  vpci - ok
09:41:48.0542 0x0790  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:41:48.0557 0x0790  vsmraid - ok
09:41:48.0636 0x0790  [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS             C:\Windows\system32\vssvc.exe
09:41:48.0682 0x0790  VSS - ok
09:41:48.0729 0x0790  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
09:41:48.0745 0x0790  VSTXRAID - ok
09:41:48.0761 0x0790  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
09:41:48.0792 0x0790  vwifibus - ok
09:41:48.0807 0x0790  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:41:48.0823 0x0790  vwififlt - ok
09:41:48.0823 0x0790  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:41:48.0839 0x0790  vwifimp - ok
09:41:48.0870 0x0790  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
09:41:48.0901 0x0790  W32Time - ok
09:41:48.0917 0x0790  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
09:41:48.0933 0x0790  WacomPen - ok
09:41:49.0026 0x0790  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
09:41:49.0089 0x0790  wbengine - ok
09:41:49.0136 0x0790  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:41:49.0167 0x0790  WbioSrvc - ok
09:41:49.0198 0x0790  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
09:41:49.0214 0x0790  Wcmsvc - ok
09:41:49.0245 0x0790  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:41:49.0261 0x0790  wcncsvc - ok
09:41:49.0308 0x0790  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:41:49.0323 0x0790  WcsPlugInService - ok
09:41:49.0354 0x0790  [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
09:41:49.0354 0x0790  WdBoot - ok
09:41:49.0401 0x0790  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:41:49.0448 0x0790  Wdf01000 - ok
09:41:49.0464 0x0790  [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
09:41:49.0495 0x0790  WdFilter - ok
09:41:49.0526 0x0790  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:41:49.0542 0x0790  WdiServiceHost - ok
09:41:49.0558 0x0790  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:41:49.0573 0x0790  WdiSystemHost - ok
09:41:49.0604 0x0790  [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
09:41:49.0620 0x0790  WdNisDrv - ok
09:41:49.0651 0x0790  WdNisSvc - ok
09:41:49.0683 0x0790  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\Windows\System32\webclnt.dll
09:41:49.0698 0x0790  WebClient - ok
09:41:49.0714 0x0790  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:41:49.0745 0x0790  Wecsvc - ok
09:41:49.0776 0x0790  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
09:41:49.0792 0x0790  WEPHOSTSVC - ok
09:41:49.0823 0x0790  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:41:49.0854 0x0790  wercplsupport - ok
09:41:49.0870 0x0790  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
09:41:49.0901 0x0790  WerSvc - ok
09:41:49.0948 0x0790  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
09:41:49.0979 0x0790  WFPLWFS - ok
09:41:49.0996 0x0790  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
09:41:50.0011 0x0790  WiaRpc - ok
09:41:50.0026 0x0790  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:41:50.0042 0x0790  WIMMount - ok
09:41:50.0042 0x0790  WinDefend - ok
09:41:50.0104 0x0790  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
09:41:50.0151 0x0790  WinHttpAutoProxySvc - ok
09:41:50.0198 0x0790  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:41:50.0229 0x0790  Winmgmt - ok
09:41:50.0323 0x0790  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:41:50.0401 0x0790  WinRM - ok
09:41:50.0495 0x0790  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
09:41:50.0557 0x0790  WlanSvc - ok
09:41:50.0636 0x0790  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
09:41:50.0682 0x0790  wlidsvc - ok
09:41:50.0714 0x0790  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
09:41:50.0729 0x0790  WmiAcpi - ok
09:41:50.0776 0x0790  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:41:50.0792 0x0790  wmiApSrv - ok
09:41:50.0808 0x0790  WMPNetworkSvc - ok
09:41:50.0839 0x0790  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
09:41:50.0854 0x0790  Wof - ok
09:41:50.0932 0x0790  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
09:41:51.0011 0x0790  workfolderssvc - ok
09:41:51.0042 0x0790  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
09:41:51.0058 0x0790  wpcfltr - ok
09:41:51.0073 0x0790  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:41:51.0089 0x0790  WPCSvc - ok
09:41:51.0120 0x0790  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:41:51.0136 0x0790  WPDBusEnum - ok
09:41:51.0167 0x0790  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
09:41:51.0183 0x0790  WpdUpFltr - ok
09:41:51.0183 0x0790  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:41:51.0198 0x0790  ws2ifsl - ok
09:41:51.0245 0x0790  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
09:41:51.0261 0x0790  wscsvc - ok
09:41:51.0276 0x0790  WSearch - ok
09:41:51.0401 0x0790  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
09:41:51.0511 0x0790  WSService - ok
09:41:51.0667 0x0790  [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:41:51.0776 0x0790  wuauserv - ok
09:41:51.0808 0x0790  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:41:51.0823 0x0790  WudfPf - ok
09:41:51.0854 0x0790  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
09:41:51.0870 0x0790  WUDFRd - ok
09:41:51.0886 0x0790  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\Windows\System32\drivers\WUDFRd.sys
09:41:51.0901 0x0790  WUDFSensorLP - ok
09:41:51.0917 0x0790  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:41:51.0933 0x0790  wudfsvc - ok
09:41:51.0948 0x0790  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
09:41:51.0964 0x0790  WUDFWpdFs - ok
09:41:52.0011 0x0790  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:41:52.0042 0x0790  WwanSvc - ok
09:41:52.0057 0x0790  ================ Scan global ===============================
09:41:52.0104 0x0790  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\Windows\system32\basesrv.dll
09:41:52.0151 0x0790  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
09:41:52.0167 0x0790  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
09:41:52.0229 0x0790  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
09:41:52.0245 0x0790  [ Global ] - ok
09:41:52.0245 0x0790  ================ Scan MBR ==================================
09:41:52.0276 0x0790  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
09:41:52.0370 0x0790  \Device\Harddisk0\DR0 - ok
09:41:52.0370 0x0790  ================ Scan VBR ==================================
09:41:52.0370 0x0790  [ 012A9007F208905560833EEE0C686DB5 ] \Device\Harddisk0\DR0\Partition1
09:41:52.0495 0x0790  \Device\Harddisk0\DR0\Partition1 - ok
09:41:52.0511 0x0790  [ 758DE408C56DFB8413A59702D3F8F7CD ] \Device\Harddisk0\DR0\Partition2
09:41:52.0604 0x0790  \Device\Harddisk0\DR0\Partition2 - ok
09:41:52.0620 0x0790  [ 9E8EF42D1E1E8472A65419DE23661933 ] \Device\Harddisk0\DR0\Partition3
09:41:52.0620 0x0790  \Device\Harddisk0\DR0\Partition3 - ok
09:41:52.0636 0x0790  [ 3534BACF5F2B85A35081CF1F5A31496C ] \Device\Harddisk0\DR0\Partition4
09:41:52.0761 0x0790  \Device\Harddisk0\DR0\Partition4 - ok
09:41:52.0792 0x0790  [ 4B3DD64860FCF11B68E9CC2943E31288 ] \Device\Harddisk0\DR0\Partition5
09:41:52.0807 0x0790  \Device\Harddisk0\DR0\Partition5 - ok
09:41:52.0807 0x0790  ================ Scan generic autorun ======================
09:41:53.0307 0x0790  [ 89AA8AC9B4E101E4173455D4620C5117, 746A6EA06A980EE29E6A401AA19313F13ECBF0F0EDFB6E7E6BD8C46ACCF9DA0B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
09:41:53.0636 0x0790  RTHDVCPL - ok
09:41:53.0682 0x0790  [ 023DBDED84029A04B7A2AED160D262BA, E1D16468F3024439E145639A5D5A2656E9C43FD467963C4D29E6B5444FDE8F89 ] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
09:41:53.0698 0x0790  BacKGround Agent - ok
09:41:53.0807 0x0790  [ D2260FA9A1B636E29E2B92DD53A74B4B, 8748F4DAA340030456241D6C0A8975F9A8E34BC2A627192CF506EC12134FA9AF ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
09:41:53.0839 0x0790  StartCCC - ok
09:41:53.0870 0x0790  [ 7098B51BEEE94AFEF209C85E7CD1F0C2, 066B4BBC82DA9766A43B9E4A4E91BAB6F2A1697581190B1C94AEB08F0347706E ] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
09:41:53.0886 0x0790  abDocsDllLoader - ok
09:41:53.0948 0x0790  [ 4860117DA2E6E9B300144902629B09AC, B5C804C752FE18B2B10991AC93F75054C6D35540DF902D280006D45ADFA17391 ] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
09:41:53.0995 0x0790  Spotify Web Helper - ok
09:41:53.0995 0x0790  Waiting for KSN requests completion. In queue: 111
09:41:55.0011 0x0790  Waiting for KSN requests completion. In queue: 111
09:41:56.0011 0x0790  Waiting for KSN requests completion. In queue: 111
09:41:57.0011 0x0790  Waiting for KSN requests completion. In queue: 111
09:41:58.0018 0x0790  Waiting for KSN requests completion. In queue: 111
09:41:59.0025 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:00.0032 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:01.0039 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:02.0040 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:03.0055 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:04.0071 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:05.0083 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:06.0083 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:07.0083 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:08.0091 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:09.0099 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:10.0099 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:11.0106 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:12.0121 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:13.0124 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:14.0125 0x0790  Waiting for KSN requests completion. In queue: 111
09:42:15.0141 0x0790  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmiav.exe ( 15.0.0.463 ), 0x41000 ( enabled : updated )
09:42:15.0219 0x0790  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
09:42:15.0219 0x0790  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmifw.exe ( 15.0.0.463 ), 0x41010 ( enabled )
09:42:17.0610 0x0790  ============================================================
09:42:17.0610 0x0790  Scan finished
09:42:17.0610 0x0790  ============================================================
09:42:17.0626 0x1614  Detected object count: 0
09:42:17.0626 0x1614  Actual detected object count: 0
         

Geändert von M-K-D-B (01.06.2015 um 11:55 Uhr)

Alt 30.05.2015, 09:19   #5
M-K-D-B
/// TB-Ausbilder
 
Plötzlich Blackscreen. Win 8.1 - Standard

Plötzlich Blackscreen. Win 8.1



Servus,


sieht alles ok aus, was Malware angeht.

Haben Kaspersky, Malwarebytes oder AdwCleaner vor kurzem was gefunden? Wenn ja, hast du dazu noch die Logdateien?

Du sollst keine Suchläufe starten, nur die Fragen beantworten...

__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 30.05.2015, 13:09   #6
Clegane000
 
Plötzlich Blackscreen. Win 8.1 - Standard

Plötzlich Blackscreen. Win 8.1



logdateien hab ich nicht. aber gestern haben alle 3 programme auch nichts gefunden.

Der plötzliche grundlose schwarze Bildschirm kommt mir trotzdem noch verdächtig vor. Woran könnte dies dann liegen?

Vielen Dank!

Alt 30.05.2015, 16:05   #7
M-K-D-B
/// TB-Ausbilder
 
Plötzlich Blackscreen. Win 8.1 - Standard

Plötzlich Blackscreen. Win 8.1



Servus,

man könnte einen Hinweis bekommen, wenn man die entsprechenden Minidump-Dateien ausliest bzw. diese auswertet. Damit kenne ich mich aber ehrlich gesagt nicht aus.

An Malware liegt es wohl nicht, trotzdem würde ich dich bitten, noch kurz ein paar Kontrollen auszuführen, nur um sicherzugehen:


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 30.05.2015, 20:49   #8
Clegane000
 
Plötzlich Blackscreen. Win 8.1 - Standard

Plötzlich Blackscreen. Win 8.1



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.05.30.04
  rootkit: v2015.05.24.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17801
Clegane000 :: STEFAN [administrator]

30.05.2015 21:10:05
mbar-log-2015-05-30 (21-10-05).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 362681
Time elapsed: 25 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
also mbar hatte nichts gefunden. Nach dem Scan gab es nichts und daher konnte ich auch kein clean up machen.

Ist damit dann doch alles ok mit dem Laptop? Oder muss man sich noch sorgen machen?

Geändert von M-K-D-B (01.06.2015 um 11:56 Uhr)

Alt 31.05.2015, 08:29   #9
M-K-D-B
/// TB-Ausbilder
 
Plötzlich Blackscreen. Win 8.1 - Standard

Plötzlich Blackscreen. Win 8.1



Servus,



bitte noch ausführen:




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset








Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.









Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 31.05.2015, 11:13   #10
Clegane000
 
Plötzlich Blackscreen. Win 8.1 - Standard

Plötzlich Blackscreen. Win 8.1



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=52f5b429884da246ae1145bbb5fe3751
# engine=24104
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-31 10:03:05
# local_time=2015-05-31 12:03:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1296 16777213 100 100 5424 37142867 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2859009 37883353 0 0
# scanned=231852
# found=0
# cleaned=0
# scan_time=4862
         
Code:
ATTFilter
Farbar Service Scanner Version: 17-01-2015
Ran by Clegane000 (administrator) on 31-05-2015 at 12:09:25
Running from "C:\Users\Clegane000\Desktop"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Policy: 
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.002  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
Windows Defender              
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 	17.0.0.188  
 Mozilla Firefox (38.0.1) 
 Google Chrome (43.0.2357.65) 
 Google Chrome (43.0.2357.81) 
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Internet Security 15.0.0 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 15.0.0 avpui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Sollte man eigentlich die Windows-Firewalls ausschalten wenn bei Kaspersky auch schon Firewalls eingeschaltet sind? Waren beide bei mir an. Ist mir nur aufgefallen. Danke

Geändert von M-K-D-B (01.06.2015 um 11:56 Uhr)

Alt 31.05.2015, 12:26   #11
M-K-D-B
/// TB-Ausbilder
 
Plötzlich Blackscreen. Win 8.1 - Standard

Plötzlich Blackscreen. Win 8.1



Zitat:
Zitat von Clegane000 Beitrag anzeigen
Sollte man eigentlich die Windows-Firewalls ausschalten wenn bei Kaspersky auch schon Firewalls eingeschaltet sind?
Ja, die Windows-Firewall kannst du dann ausschalten.







Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.


Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.


Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
 
 


Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Ghostery Erkennt und blockiert Tracker, Web Bugs, Pixel und Beacons und weitere Scripte, die das Surfverhalten ausspähen/beobachten.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 31.05.2015, 12:57   #12
Clegane000
 
Plötzlich Blackscreen. Win 8.1 - Standard

Plötzlich Blackscreen. Win 8.1



Danke für die Antwort auf meine Frage! Konnte man jetzt erkennen wo das Problem lag? Ich meine wegen dem schwarzen Bildschirm?

Vielen dank auch für die Ratschläge am Ende!

Alt 31.05.2015, 13:03   #13
M-K-D-B
/// TB-Ausbilder
 
Plötzlich Blackscreen. Win 8.1 - Standard

Plötzlich Blackscreen. Win 8.1



Zitat:
Zitat von Clegane000 Beitrag anzeigen
Konnte man jetzt erkennen wo das Problem lag? Ich meine wegen dem schwarzen Bildschirm?
Dein Problem scheint nicht mit Malware zusammenzuhängen. Gut möglich, dass ein Treiber bzw. eine neue Software, die kürzlich installiert wurde, Probleme macht.




Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Antwort

Themen zu Plötzlich Blackscreen. Win 8.1
abend, aktuellsten, außen, blackscreen, bluescree, garnicht, konnte, laptop, nicht mehr, plötzlich, schwarzer, sorge, sorgen, troja, wegbekomme, win, win 8.1



Ähnliche Themen: Plötzlich Blackscreen. Win 8.1


  1. Blackscreen nach dem Einloggen
    Log-Analyse und Auswertung - 29.04.2015 (18)
  2. BlackScreen nach Windows 8 Update
    Alles rund um Windows - 15.11.2014 (10)
  3. Blackscreen mit Geräusch
    Log-Analyse und Auswertung - 30.05.2014 (15)
  4. Blackscreen beim boot
    Alles rund um Windows - 24.02.2014 (6)
  5. Blackscreen am Laptop
    Log-Analyse und Auswertung - 14.11.2013 (3)
  6. Blackscreen ?
    Netzwerk und Hardware - 11.10.2013 (0)
  7. Blackscreen nach Boot
    Plagegeister aller Art und deren Bekämpfung - 06.04.2013 (13)
  8. Windows XP Blackscreen der besonderen Art
    Alles rund um Windows - 18.07.2012 (23)
  9. Blackscreen und 50€
    Plagegeister aller Art und deren Bekämpfung - 25.04.2012 (15)
  10. Blackscreen mit Windows Sicherheitswarnung
    Plagegeister aller Art und deren Bekämpfung - 05.04.2012 (13)
  11. Windows Sicherheitswarnung, Zahlungsaufforderung, blackscreen
    Log-Analyse und Auswertung - 22.03.2012 (25)
  12. Windows - Blackscreen - 50 Euro zahlen
    Log-Analyse und Auswertung - 24.01.2012 (3)
  13. PC startet nur die ganze Zeit neu - Blackscreen
    Netzwerk und Hardware - 25.04.2011 (9)
  14. Blackscreen mit Cursor
    Alles rund um Windows - 10.04.2011 (23)
  15. Blackscreen
    Diskussionsforum - 15.09.2010 (0)
  16. Blackscreen=Totalabsturz
    Alles rund um Windows - 24.02.2010 (2)
  17. Blackscreen mit ICQ Lite
    Plagegeister aller Art und deren Bekämpfung - 19.06.2006 (5)

Zum Thema Plötzlich Blackscreen. Win 8.1 - Hallo Trojanerboard-Team, gestern Abend kam plötzlich ein schwarzer Bildschirm. Dabei ist garnicht soviel Zeit für den eigentlich Blackscreen vergangen und auch mit Mausbewegung konnte ich das nicht mehr wegbekommen. Musste - Plötzlich Blackscreen. Win 8.1...
Archiv
Du betrachtest: Plötzlich Blackscreen. Win 8.1 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.