Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: PC hängt wiedermal...Kann das jemand anschauen?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.06.2015, 10:40   #1
R4BBIT
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?



Kann mir jemand mal kurz durchschauen, ob da was drauf ist?
Irgendwie hängt mein PC seit längerem wieder und die Internetleistung lässt leider seither auch ziemlich nach.
Auch beim Aufstarten kommt es öfters dazu, dass sich der PC kurz aufhängt.

Soll ich ein FRST-Log posten?

Danke im Voraus!
__________________
Gruss
R4BBIT

9 von 10 Personen mögen Bier...die 10. lügt

Alt 05.06.2015, 10:47   #2
M-K-D-B
/// TB-Ausbilder
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________


Alt 05.06.2015, 11:28   #3
R4BBIT
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?



Hier FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by AdminFabian (administrator) on PC_FABIAN on 05-06-2015 12:20:42
Running from C:\Users\Fabian.PC_Fabian\Desktop\Bereinigung
Loaded Profiles: AdminFabian & Fabian (Available Profiles: AdminFabian & Fabian)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Fabian.PC_Fabian\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-07-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe [2068992 2011-12-14] (Hewlett-Packard)
HKLM-x32\...\Run: [BATINDICATORHL] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe [557056 2010-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [OSDTool] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe [2101248 2012-06-13] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [439488 2013-07-09] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\0a5626b7-54ff-490c-9d25-22eeb56b74c5.exe [183232 2015-05-25] (AVAST Software)
HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S2].txt
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\Run: [SkyDrive] => C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-12-07] (Microsoft Corporation)
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\RunOnce: [Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\RunOnce: [Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\RunOnce: [Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\RunOnce: [Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\MountPoints2: {3c35e8d1-db21-11e2-be85-4c72b97327ec} - "L:\LaunchU3.exe" -a
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\MountPoints2: {75e0df4f-7aae-11e2-be79-4c72b97327ec} - "K:\laucher.exe" 
Startup: C:\Users\Fabian.PC_Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2013-03-02]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/35
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/35
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/35
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/35
HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/35
HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/35
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.janosch-nietlispach.ch/news
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/35
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKLM -> {622E8319-E326-408F-826B-3134D29BE474} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1005 -> {622E8319-E326-408F-826B-3134D29BE474} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1005 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> DefaultScope {F7DD2BAC-CB4E-4503-BA16-78C70DB4B011} URL = https://www.google.ch/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {622E8319-E326-408F-826B-3134D29BE474} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {F7DD2BAC-CB4E-4503-BA16-78C70DB4B011} URL = https://www.google.ch/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2013-02-06] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-22] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2013-02-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2013-02-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2013-02-06] (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-1392978341-1441607686-3862372307-1005 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2013-02-06] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1392978341-1441607686-3862372307-1006: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-06]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe [5020520 2015-03-24] (Emsisoft GmbH)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-15] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1855064 2012-11-23] (Microsoft Corporation)
R2 PnkBstrA; C:\windows\system32\PnkBstrA.exe [76152 2014-10-03] ()
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2015-02-06] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-10] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-22] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-22] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-03] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 epp64; C:\Windows\System32\DRIVERS\epp64.sys [135800 2015-03-24] (Emsisoft GmbH)
R3 fwndis; C:\Windows\system32\DRIVERS\fwndis64.sys [491632 2015-01-01] ()
R1 fwwfp; C:\Program Files (x86)\Emsisoft Internet Security\fwwfp764.sys [414936 2015-01-01] ()
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\windows\system32\drivers\rzpmgrk.sys [37184 2014-12-10] (Razer, Inc.)
R2 rzpnk; C:\windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 12:20 - 2015-06-05 12:20 - 00000000 ____D C:\Users\Fabian.PC_Fabian\Desktop\Bereinigung
2015-06-03 10:08 - 2015-06-03 10:08 - 00280008 _____ C:\windows\Minidump\060315-21078-01.dmp
2015-06-01 20:46 - 2015-06-01 20:46 - 00280008 _____ C:\windows\Minidump\060115-21750-01.dmp
2015-05-19 17:31 - 2015-05-19 17:31 - 00280008 _____ C:\windows\Minidump\051915-21312-01.dmp
2015-05-19 11:58 - 2015-05-19 11:58 - 00016676 _____ C:\Users\Fabian.PC_Fabian\Desktop\Feedbackfragen Jubla Cham.dat
2015-05-13 20:26 - 2015-05-13 20:26 - 00280008 _____ C:\windows\Minidump\051315-20593-01.dmp
2015-05-12 17:27 - 2015-05-12 17:27 - 00280008 _____ C:\windows\Minidump\051215-17562-01.dmp
2015-05-07 17:33 - 2015-05-07 17:34 - 00280008 _____ C:\windows\Minidump\050715-27140-01.dmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 12:20 - 2015-04-30 19:45 - 00000000 ____D C:\FRST
2015-06-05 11:23 - 2015-03-16 21:16 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-05 11:13 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\NDF
2015-06-05 11:08 - 2013-02-02 17:50 - 01095225 _____ C:\windows\WindowsUpdate.log
2015-06-05 11:00 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\sru
2015-06-05 10:53 - 2013-02-05 21:31 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1392978341-1441607686-3862372307-1006
2015-06-04 18:36 - 2012-07-26 09:59 - 00000000 ____D C:\windows\CbsTemp
2015-06-04 18:04 - 2013-08-11 19:48 - 00000000 ____D C:\windows\system32\MRT
2015-06-04 18:02 - 2013-02-02 19:33 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-06-04 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\windows\AUInstallAgent
2015-06-03 10:13 - 2012-10-23 19:37 - 00724412 _____ C:\windows\system32\perfh007.dat
2015-06-03 10:13 - 2012-10-23 19:37 - 00163214 _____ C:\windows\system32\perfc007.dat
2015-06-03 10:13 - 2012-07-26 09:28 - 01734152 _____ C:\windows\system32\PerfStringBackup.INI
2015-06-03 10:09 - 2015-03-31 20:10 - 00000000 ____D C:\Program Files (x86)\Emsisoft Internet Security
2015-06-03 10:09 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-06-03 10:08 - 2013-10-31 21:06 - 668381772 _____ C:\windows\MEMORY.DMP
2015-06-03 10:08 - 2013-10-23 21:17 - 00000000 ____D C:\windows\Minidump
2015-05-25 20:30 - 2013-12-09 21:11 - 00000000 ____D C:\Users\Fabian.PC_Fabian\AppData\Roaming\TS3Client
2015-05-19 18:04 - 2013-02-16 21:06 - 00549888 ___SH C:\Users\Fabian.PC_Fabian\Desktop\Thumbs.db
2015-05-19 17:32 - 2013-02-06 22:21 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-05-19 12:08 - 2013-02-05 21:25 - 00000000 ____D C:\Users\Fabian.PC_Fabian\AppData\Local\Packages
2015-05-07 17:33 - 2012-08-01 19:02 - 00737506 _____ C:\windows\PFRO.log

==================== Files in the root of some directories =======

2013-02-02 18:13 - 2013-02-02 18:13 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Some files in TEMP:
====================
C:\Users\AdminFabian\AppData\Local\Temp\Quarantine.exe
C:\Users\AdminFabian\AppData\Local\Temp\sqlite3.dll
C:\Users\Fabian.PC_Fabian\AppData\Local\Temp\i4jdel0.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 21:01

==================== End of log ============================
         
--- --- ---


Addition:
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by AdminFabian at 2015-06-05 12:21:16
Running from C:\Users\Fabian.PC_Fabian\Desktop\Bereinigung
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

AdminFabian (S-1-5-21-1392978341-1441607686-3862372307-1005 - Administrator - Enabled) => C:\Users\AdminFabian
Administrator (S-1-5-21-1392978341-1441607686-3862372307-500 - Administrator - Disabled)
Fabian (S-1-5-21-1392978341-1441607686-3862372307-1006 - Limited - Enabled) => C:\Users\Fabian.PC_Fabian
Gast (S-1-5-21-1392978341-1441607686-3862372307-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1392978341-1441607686-3862372307-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Internet Security (Disabled - Out of date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Internet Security (Disabled - Out of date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Emsisoft Internet Security (Disabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{BF821093-CFD3-EC1B-B357-6817EE34E5C7}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG7100 series Benutzerregistrierung (HKLM-x32\...\Canon MG7100 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Emsisoft Internet Security (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd.)
eTax.zug 2014 nP 1.3.0 (HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\8452-4068-1171-2815) (Version: 1.3.0 - Information Factory AG)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Keyboard (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.5.0.7 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{FF27F674-821E-4BA2-985B-DDF539C2CD03}) (Version: 7.0.33.6 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{86FD8326-909D-45F5-BB61-0619D0D31293}) (Version: 11.50.0011 - Hewlett-Packard Company)
HydraVision (x32 Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
NWZ-E450 WALKMAN Guide (HKLM-x32\...\{0A6C2811-AD29-473F-8086-F0B401276DEC}) (Version: 2.1.0.17210 - Sony Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.0.0 - Ralink)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.)
RecImgManager (HKLM-x32\...\{1ECC3992-5E46-4A3B-823F-4228D5B05A83}) (Version: 2.0.26222 - SlimWare Utilities, Inc.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamSpeak 3 Client (HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

04-05-2015 20:58:43 Geplanter Prüfpunkt
04-06-2015 17:03:23 Geplanter Prüfpunkt

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2015-03-23 19:52 - 00000855 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E1975F3-5D81-4CA8-8E07-168E2CD1DF5D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2012-08-15] (Hewlett-Packard Company)
Task: {5F63D142-E881-4C1E-A6BB-D4956C70E5A0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-22] (Avast Software s.r.o.)
Task: {74BEDB4E-487E-4F08-808D-3CD98A22F124} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {97A056F4-107F-4DB8-8E61-3264A3A8DDBD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-06-04] (Microsoft Corporation)
Task: {E0CF2BA3-882C-4D8E-9580-68B42A1AA8D2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {F6E24018-619A-4763-9815-BEF6CF60CD7C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {F7C59E27-327A-406B-8FAB-A1B6132D4BA3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)

==================== Loaded Modules (Whitelisted) ==============

2013-02-05 23:21 - 2012-11-10 11:28 - 00382544 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-02-05 23:21 - 2012-11-23 19:07 - 00513600 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-02-05 23:21 - 2012-11-23 19:07 - 00607296 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-04-10 17:46 - 2015-02-06 20:08 - 00076152 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2014-12-10 00:22 - 2014-12-10 00:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2012-08-29 11:02 - 2012-08-29 11:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-12-19 05:22 - 2014-12-19 05:22 - 00290816 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2012-07-04 22:37 - 2012-07-04 22:37 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-05-04 17:42 - 2012-05-04 17:42 - 00098304 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2012-05-04 17:42 - 2012-05-04 17:42 - 00028672 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll
2015-04-22 18:20 - 2015-04-22 18:20 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-22 18:20 - 2015-04-22 18:20 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-01 20:47 - 2015-06-01 20:47 - 02951680 _____ () C:\Program Files\AVAST Software\Avast\defs\15060101\algo.dll
2015-06-05 11:52 - 2015-06-05 11:52 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060500\algo.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-10-23 10:52 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-10-23 10:58 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-10-23 10:59 - 2009-02-19 18:22 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\WMINPUT.DLL
2015-04-22 18:20 - 2015-04-22 18:20 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-29 23:26 - 2014-11-26 04:12 - 40622592 _____ () C:\Users\Fabian.PC_Fabian\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2014-12-19 05:22 - 2014-12-19 05:22 - 00192512 _____ () C:\ProgramData\Razer\Synapse\RzStats\RigWrapper.dll
2015-01-29 23:26 - 2014-11-26 04:12 - 00911360 _____ () C:\Users\Fabian.PC_Fabian\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2015-01-29 23:26 - 2014-11-26 04:12 - 00134144 _____ () C:\Users\Fabian.PC_Fabian\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Fabian.PC_Fabian\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\StartupApproved\Run: => "RESTART_STICKY_NOTES"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\StartupApproved\Run: => "SkyDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FBB1C137-790B-486B-A9C9-27B435B298F9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{293ABFA0-F8E4-4BEE-989D-E9F5BB71FA8D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FF3D2D61-C87A-4D43-9E52-1D6ABDD4012F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3F2898FF-636E-494A-A285-C5E36AF9CFB5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C008179C-4E73-43B3-AE1F-761536965182}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{D559845D-EA90-49AC-AA22-87A9048E0C3F}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{B90066BF-D10D-4365-B161-3D91EABEC775}] => (Allow) C:\Users\AdminFabian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{2DFB5855-1A34-43A2-BA35-A329FC85E85C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{18FCFA59-65A8-4E08-AFF7-D175F3A69EB5}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{5DEA5977-AAE4-4705-9CBE-A522CEDE88E6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{89579F59-EFB0-4DCB-9C86-C2F2213A110A}] => (Allow) LPort=2869
FirewallRules: [{5F8EE66C-73FF-4440-ACC8-26DEF876E66E}] => (Allow) LPort=1900
FirewallRules: [{DB8A88AE-0600-4295-88EC-70C0BC252A00}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{05F57B78-2520-4FA8-AE37-EED4AA648917}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{7E4CE3E0-E0A1-4ADF-BB67-48FEF13A388F}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{EAC1CAEE-90CA-4D75-A471-EF0E268AFF38}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [{EF607449-0DA6-4A67-916B-36757CB05CD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [{E5A994C9-B85E-42E6-BBFB-1BF6E259E16C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [TCP Query User{9A101C02-AFA2-4EE8-9018-012E365F5DE4}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe] => (Block) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe
FirewallRules: [UDP Query User{ED0CF3BB-BC4A-42C6-95CF-60F7B18D1A31}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe] => (Block) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe
FirewallRules: [TCP Query User{46220C03-5BE5-4E16-87E1-4644B21A49CF}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{FF72C7FF-F4E0-47F5-A1E0-ED12B2EC0FEE}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{2516AA43-DAD4-47EE-9345-8B815227CA08}] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{658CEDA9-859B-4117-8EA9-8DB4A7CE1EB4}] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{25B7CD5D-C18C-429B-B8B9-BE64640530EC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B433DBEC-8EA6-45B9-8863-060CE099D8CC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A8BDCF14-4299-4204-AF95-DC0772D6620B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{56E884CE-DB2E-45A7-A827-87BB7B549121}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4B47B08A-E461-45C5-87F3-0A8F0F53A797}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CEEF249C-ED01-4EEE-81C3-0C4FF075B9AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FB00654F-36F9-4054-A5FC-D3F89A90DE62}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{397D4BAD-B323-4520-A472-DE71F8919AAF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{D5B95690-0429-4F20-9608-EC3E19DAFCFA}] => (Allow) LPort=53000
FirewallRules: [{17BE0B20-3434-447A-8B20-3C78433103F2}] => (Allow) LPort=52000

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/04/2015 10:05:34 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Der Wert von "First Counter" unter dem Schlüssel "usbperf\Performance" kann nicht gelesen werden. Statuscodes wurden in den Daten zurückgegeben.

Error: (06/04/2015 10:03:20 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Der Wert von "First Counter" unter dem Schlüssel "usbperf\Performance" kann nicht gelesen werden. Statuscodes wurden in den Daten zurückgegeben.

Error: (06/04/2015 06:06:45 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Der Wert von "First Counter" unter dem Schlüssel "usbperf\Performance" kann nicht gelesen werden. Statuscodes wurden in den Daten zurückgegeben.

Error: (06/04/2015 06:04:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: usbhubC:\windows\system32\usbperf.dll8

Error: (06/04/2015 06:04:31 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Der Wert von "First Counter" unter dem Schlüssel "usbperf\Performance" kann nicht gelesen werden. Statuscodes wurden in den Daten zurückgegeben.

Error: (06/04/2015 06:04:31 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Spooler8

Error: (06/04/2015 06:04:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: RemoteAccessC:\Windows\System32\rasctrs.dll8

Error: (06/04/2015 06:04:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (06/03/2015 10:10:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.17267, Zeitstempel: 0x54e7f156
Name des fehlerhaften Moduls: KERNEL32.dll, Version: 6.2.9200.16859, Zeitstempel: 0x53118550
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00026185
ID des fehlerhaften Prozesses: 0x17b4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (06/03/2015 10:09:35 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz   konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet.   0x0.


System errors:
=============
Error: (06/03/2015 00:07:10 PM) (Source: DCOM) (EventID: 10016) (User: PC_Fabian)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}PC_FabianFabianS-1-5-21-1392978341-1441607686-3862372307-1006LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (06/03/2015 10:09:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/03/2015 10:09:13 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (06/03/2015 10:08:47 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (06/03/2015 10:08:59 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000139 (0x0000000000000003, 0xfffff880049d81e0, 0xfffff880049d8138, 0x0000000000000000)C:\windows\MEMORY.DMP060315-21078-01

Error: (06/03/2015 10:08:57 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎02.‎06.‎2015 um 21:19:13 unerwartet heruntergefahren.

Error: (06/03/2015 10:08:36 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212254731067200

Error: (06/01/2015 09:12:36 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PC_BRIGITTE",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{A8851342-14E7-401D-B490-4A2FE92AFB41}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/01/2015 08:47:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/01/2015 08:46:45 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.


Microsoft Office:
=========================
Error: (06/04/2015 10:05:34 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: 

Error: (06/04/2015 10:03:20 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: 

Error: (06/04/2015 06:06:45 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: 

Error: (06/04/2015 06:04:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: usbhubC:\windows\system32\usbperf.dll8

Error: (06/04/2015 06:04:31 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: 

Error: (06/04/2015 06:04:31 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Spooler8

Error: (06/04/2015 06:04:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: RemoteAccessC:\Windows\System32\rasctrs.dll8

Error: (06/04/2015 06:04:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (06/03/2015 10:10:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.1726754e7f156KERNEL32.dll6.2.9200.1685953118550c00000050002618517b401d09dd4b8abcf66C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\windows\SYSTEM32\KERNEL32.dll03bf193d-09c8-11e5-bee8-4c72b97327ec

Error: (06/03/2015 10:09:35 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet.   0x0


CodeIntegrity Errors:
===================================
  Date: 2015-06-04 16:58:14.038
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-04 16:58:10.789
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-04 16:58:09.252
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-04 16:58:07.802
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-04 16:58:00.266
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:24.467
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:22.008
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:20.557
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:19.329
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:18.112
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 16%
Total physical RAM: 16323.54 MB
Available physical RAM: 13579.67 MB
Total Pagefile: 32707.54 MB
Available Pagefile: 29232.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1000.11 GB) (Free:815.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.98 GB) (Free:1.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive j: (Daten) (Fixed) (Total:849.45 GB) (Free:742.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 0ABD2367)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---
__________________
__________________

Alt 05.06.2015, 11:29   #4
R4BBIT
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?



Und hier noch TDSS:

TDSS:

Code:
ATTFilter
12:23:45.0171 0x1894  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:23:45.0171 0x1894  UEFI system
12:23:49.0098 0x1894  ============================================================
12:23:49.0098 0x1894  Current date / time: 2015/06/05 12:23:49.0098
12:23:49.0098 0x1894  SystemInfo:
12:23:49.0098 0x1894  
12:23:49.0098 0x1894  OS Version: 6.2.9200 ServicePack: 0.0
12:23:49.0098 0x1894  Product type: Workstation
12:23:49.0098 0x1894  ComputerName: PC_FABIAN
12:23:49.0098 0x1894  UserName: AdminFabian
12:23:49.0098 0x1894  Windows directory: C:\windows
12:23:49.0098 0x1894  System windows directory: C:\windows
12:23:49.0098 0x1894  Running under WOW64
12:23:49.0098 0x1894  Processor architecture: Intel x64
12:23:49.0098 0x1894  Number of processors: 8
12:23:49.0098 0x1894  Page size: 0x1000
12:23:49.0098 0x1894  Boot type: Normal boot
12:23:49.0098 0x1894  ============================================================
12:23:49.0826 0x1894  KLMD registered as C:\windows\system32\drivers\84679185.sys
12:23:50.0045 0x1894  System UUID: {83CE8489-8F97-CC38-5DD8-4E9939A49D5C}
12:23:50.0432 0x1894  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:23:50.0451 0x1894  ============================================================
12:23:50.0451 0x1894  \Device\Harddisk0\DR0:
12:23:50.0451 0x1894  GPT partitions:
12:23:50.0452 0x1894  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BED31882-643C-4352-B77F-C687397A3BE2}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1FF800
12:23:50.0452 0x1894  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {B50EB2F0-5FDC-463D-83C3-63561A00B356}, Name: EFI system partition, StartLBA 0x200000, BlocksNum 0xB4000
12:23:50.0452 0x1894  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {D6A7DE4A-1193-4266-B231-8667AD6C5D81}, Name: Microsoft reserved partition, StartLBA 0x2B4000, BlocksNum 0x40000
12:23:50.0452 0x1894  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {74381645-92D0-4AD3-A3C4-BD6607EEEA62}, Name: Basic data partition, StartLBA 0x2F4000, BlocksNum 0x7D039000
12:23:50.0452 0x1894  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {735E67CD-C6AC-494E-91BA-655C8F24CE3F}, Name: Basic data partition, StartLBA 0x7D32D000, BlocksNum 0x6A2E7000
12:23:50.0452 0x1894  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F99BCA9C-5D3D-4C24-981D-E53B267E60B0}, Name: Basic data partition, StartLBA 0xE7614800, BlocksNum 0x17F4000
12:23:50.0452 0x1894  MBR partitions:
12:23:50.0452 0x1894  ============================================================
12:23:50.0469 0x1894  C: <-> \Device\Harddisk0\DR0\Partition4
12:23:50.0514 0x1894  D: <-> \Device\Harddisk0\DR0\Partition6
12:23:50.0576 0x1894  J: <-> \Device\Harddisk0\DR0\Partition5
12:23:50.0577 0x1894  ============================================================
12:23:50.0577 0x1894  Initialize success
12:23:50.0577 0x1894  ============================================================
12:23:55.0698 0x2508  ============================================================
12:23:55.0698 0x2508  Scan started
12:23:55.0698 0x2508  Mode: Manual; 
12:23:55.0698 0x2508  ============================================================
12:23:55.0698 0x2508  KSN ping started
12:23:58.0024 0x2508  KSN ping finished: true
12:23:58.0970 0x2508  ================ Scan system memory ========================
12:23:58.0970 0x2508  System memory - ok
12:23:58.0970 0x2508  ================ Scan services =============================
12:23:59.0076 0x2508  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
12:23:59.0083 0x2508  1394ohci - ok
12:23:59.0100 0x2508  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\windows\system32\drivers\3ware.sys
12:23:59.0102 0x2508  3ware - ok
12:23:59.0250 0x2508  [ BFC9B9FDFDEA8DFA86239ED8F961528E, 98795D536710199752859FFA623F823EA5690DBC66A711EAA30995C27B45D0EC ] a2AntiMalware   C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe
12:23:59.0303 0x2508  a2AntiMalware - ok
12:23:59.0325 0x2508  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\windows\system32\drivers\ACPI.sys
12:23:59.0330 0x2508  ACPI - ok
12:23:59.0342 0x2508  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\windows\system32\Drivers\acpiex.sys
12:23:59.0343 0x2508  acpiex - ok
12:23:59.0353 0x2508  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
12:23:59.0353 0x2508  acpipagr - ok
12:23:59.0356 0x2508  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
12:23:59.0356 0x2508  AcpiPmi - ok
12:23:59.0362 0x2508  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\windows\System32\drivers\acpitime.sys
12:23:59.0362 0x2508  acpitime - ok
12:23:59.0391 0x2508  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
12:23:59.0404 0x2508  adp94xx - ok
12:23:59.0424 0x2508  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\windows\system32\drivers\adpahci.sys
12:23:59.0429 0x2508  adpahci - ok
12:23:59.0443 0x2508  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\windows\system32\drivers\adpu320.sys
12:23:59.0446 0x2508  adpu320 - ok
12:23:59.0471 0x2508  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
12:23:59.0475 0x2508  AeLookupSvc - ok
12:23:59.0504 0x2508  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD             C:\windows\system32\drivers\afd.sys
12:23:59.0512 0x2508  AFD - ok
12:23:59.0527 0x2508  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\windows\system32\drivers\agp440.sys
12:23:59.0528 0x2508  agp440 - ok
12:23:59.0552 0x2508  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\windows\System32\alg.exe
12:23:59.0554 0x2508  ALG - ok
12:23:59.0574 0x2508  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
12:23:59.0576 0x2508  AllUserInstallAgent - ok
12:23:59.0596 0x2508  [ E14F7B22FD0BD5FAA8C885C64690965D, B50217D1C23AF191389B9A335270A2B6254B8A3035BFCAFE4A5F7DB0FDBD7DF6 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
12:23:59.0599 0x2508  AMD External Events Utility - ok
12:23:59.0628 0x2508  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\windows\System32\drivers\amdk8.sys
12:23:59.0630 0x2508  AmdK8 - ok
12:23:59.0840 0x2508  [ F931C2ED6C8294909C10657DCB9A9A4E, 7A9CEA4ADF31C5C93F0FE433A78817FAEE57DB737D8FC4F6A0E53F1D527EA10F ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
12:23:59.0949 0x2508  amdkmdag - ok
12:23:59.0971 0x2508  [ 0D481A7FE3A66724DC11AD8A4E417A9A, 85726C7AC933ABD5ADE7A508E7C114BA512795F6BDC53663521AE66C27231527 ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
12:23:59.0975 0x2508  amdkmdap - ok
12:23:59.0988 0x2508  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
12:23:59.0989 0x2508  AmdPPM - ok
12:24:00.0004 0x2508  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\windows\system32\drivers\amdsata.sys
12:24:00.0007 0x2508  amdsata - ok
12:24:00.0026 0x2508  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
12:24:00.0033 0x2508  amdsbs - ok
12:24:00.0043 0x2508  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\windows\system32\drivers\amdxata.sys
12:24:00.0045 0x2508  amdxata - ok
12:24:00.0076 0x2508  [ 823F34D1DEF120A657BB7529ABF4461F, C56D6614F6B3DA13DF7F6AC6B70ACA39D1DB146F7324CF96029CA038C3063DB3 ] AppHostSvc      C:\windows\system32\inetsrv\apphostsvc.dll
12:24:00.0077 0x2508  AppHostSvc - ok
12:24:00.0093 0x2508  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\windows\system32\drivers\appid.sys
12:24:00.0095 0x2508  AppID - ok
12:24:00.0117 0x2508  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\windows\System32\appidsvc.dll
12:24:00.0119 0x2508  AppIDSvc - ok
12:24:00.0150 0x2508  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\windows\System32\appinfo.dll
12:24:00.0153 0x2508  Appinfo - ok
12:24:00.0207 0x2508  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:24:00.0210 0x2508  Apple Mobile Device - ok
12:24:00.0226 0x2508  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\windows\system32\drivers\arc.sys
12:24:00.0229 0x2508  arc - ok
12:24:00.0245 0x2508  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\windows\system32\drivers\arcsas.sys
12:24:00.0249 0x2508  arcsas - ok
12:24:00.0316 0x2508  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:24:00.0328 0x2508  aspnet_state - ok
12:24:00.0342 0x2508  [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid         C:\windows\system32\drivers\aswHwid.sys
12:24:00.0344 0x2508  aswHwid - ok
12:24:00.0357 0x2508  [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
12:24:00.0360 0x2508  aswMonFlt - ok
12:24:00.0371 0x2508  [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr          C:\windows\system32\drivers\aswRdr2.sys
12:24:00.0374 0x2508  aswRdr - ok
12:24:00.0383 0x2508  [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt         C:\windows\system32\drivers\aswRvrt.sys
12:24:00.0385 0x2508  aswRvrt - ok
12:24:00.0417 0x2508  [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
12:24:00.0428 0x2508  aswSnx - ok
12:24:00.0444 0x2508  [ B1368BE5F6BA529E0886F4DA2361BD2D, B95F430B4E4EFE9D257870722AA8F0507FB96FBE3AAB12068C662CCB6A180FE2 ] aswSP           C:\windows\system32\drivers\aswSP.sys
12:24:00.0449 0x2508  aswSP - ok
12:24:00.0462 0x2508  [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm          C:\windows\system32\drivers\aswStm.sys
12:24:00.0464 0x2508  aswStm - ok
12:24:00.0473 0x2508  [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm          C:\windows\system32\drivers\aswVmm.sys
12:24:00.0477 0x2508  aswVmm - ok
12:24:00.0489 0x2508  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
12:24:00.0490 0x2508  AsyncMac - ok
12:24:00.0507 0x2508  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\windows\system32\drivers\atapi.sys
12:24:00.0507 0x2508  atapi - ok
12:24:00.0533 0x2508  [ 98A9D78AF74B2C7D27465029D389F567, 12EF8D3A7A9F27230A965D44DA4BD5692CF3F0A4183A822E226AC6722A35F4C4 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW86.sys
12:24:00.0534 0x2508  AtiHDAudioService - ok
12:24:00.0573 0x2508  [ 8FB10919E1283FD108334FDBFB173574, EAD11C6FA884AAC9E8534C267E9B1D2EAB1F2A396EACC900525465A2AEAB84D3 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
12:24:00.0575 0x2508  AudioEndpointBuilder - ok
12:24:00.0607 0x2508  [ 463E7457227E970CB249031AEAE7902C, 2F627BC558E5764592B08269F3EE4C6ECD544904963312A60F5B0C0B9C8C5D32 ] Audiosrv        C:\windows\System32\Audiosrv.dll
12:24:00.0616 0x2508  Audiosrv - ok
12:24:00.0682 0x2508  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:24:00.0691 0x2508  avast! Antivirus - ok
12:24:00.0700 0x2508  AvastVBoxSvc - ok
12:24:00.0724 0x2508  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\windows\System32\AxInstSV.dll
12:24:00.0729 0x2508  AxInstSV - ok
12:24:00.0768 0x2508  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
12:24:00.0779 0x2508  b06bdrv - ok
12:24:00.0787 0x2508  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
12:24:00.0788 0x2508  BasicDisplay - ok
12:24:00.0796 0x2508  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
12:24:00.0797 0x2508  BasicRender - ok
12:24:00.0823 0x2508  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\windows\System32\bdesvc.dll
12:24:00.0825 0x2508  BDESVC - ok
12:24:00.0832 0x2508  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\windows\system32\drivers\Beep.sys
12:24:00.0833 0x2508  Beep - ok
12:24:00.0871 0x2508  [ C72AB32F7EFCA677AF079F4336BC1609, 90FF653027709ADB674B2D4240E398E7A64D2079CBF56E3983008D92FA12EA0D ] BFE             C:\windows\System32\bfe.dll
12:24:00.0879 0x2508  BFE - ok
12:24:00.0914 0x2508  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\windows\System32\qmgr.dll
12:24:00.0925 0x2508  BITS - ok
12:24:00.0956 0x2508  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:24:00.0961 0x2508  Bonjour Service - ok
12:24:00.0972 0x2508  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
12:24:00.0973 0x2508  bowser - ok
12:24:00.0997 0x2508  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
12:24:01.0003 0x2508  BrokerInfrastructure - ok
12:24:01.0022 0x2508  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\windows\System32\browser.dll
12:24:01.0027 0x2508  Browser - ok
12:24:01.0042 0x2508  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
12:24:01.0044 0x2508  BthAvrcpTg - ok
12:24:01.0069 0x2508  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
12:24:01.0071 0x2508  BthHFEnum - ok
12:24:01.0091 0x2508  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
12:24:01.0093 0x2508  bthhfhid - ok
12:24:01.0107 0x2508  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
12:24:01.0109 0x2508  BTHMODEM - ok
12:24:01.0126 0x2508  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\windows\system32\bthserv.dll
12:24:01.0130 0x2508  bthserv - ok
12:24:01.0145 0x2508  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
12:24:01.0149 0x2508  cdfs - ok
12:24:01.0170 0x2508  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\windows\System32\drivers\cdrom.sys
12:24:01.0175 0x2508  cdrom - ok
12:24:01.0189 0x2508  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\windows\System32\certprop.dll
12:24:01.0194 0x2508  CertPropSvc - ok
12:24:01.0207 0x2508  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\windows\System32\drivers\circlass.sys
12:24:01.0208 0x2508  circlass - ok
12:24:01.0237 0x2508  [ 94250D5AE3E7269DB29BCF96E07F21A6, 538C6CDCD193AABDE40CC25220528F8F80AEF828C46D8660234CB0E592B607CB ] CLFS            C:\windows\system32\drivers\CLFS.sys
12:24:01.0243 0x2508  CLFS - ok
12:24:01.0267 0x2508  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\windows\system32\DRIVERS\CLVirtualDrive.sys
12:24:01.0268 0x2508  CLVirtualDrive - ok
12:24:01.0282 0x2508  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
12:24:01.0283 0x2508  CmBatt - ok
12:24:01.0309 0x2508  [ 711E2E14AF1FC883AA6251FCE196DC1E, AF1EF693C5C2F08C40CCC3C56F72F6840559CCFBC26F2235C20A3478A8CE95E6 ] CNG             C:\windows\system32\Drivers\cng.sys
12:24:01.0316 0x2508  CNG - ok
12:24:01.0328 0x2508  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
12:24:01.0329 0x2508  CompositeBus - ok
12:24:01.0331 0x2508  COMSysApp - ok
12:24:01.0342 0x2508  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\windows\system32\drivers\condrv.sys
12:24:01.0342 0x2508  condrv - ok
12:24:01.0359 0x2508  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\windows\system32\cryptsvc.dll
12:24:01.0361 0x2508  CryptSvc - ok
12:24:01.0388 0x2508  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\windows\system32\drivers\dam.sys
12:24:01.0389 0x2508  dam - ok
12:24:01.0422 0x2508  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\windows\system32\rpcss.dll
12:24:01.0433 0x2508  DcomLaunch - ok
12:24:01.0460 0x2508  [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc       C:\windows\System32\defragsvc.dll
12:24:01.0464 0x2508  defragsvc - ok
12:24:01.0496 0x2508  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\windows\system32\das.dll
12:24:01.0501 0x2508  DeviceAssociationService - ok
12:24:01.0525 0x2508  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
12:24:01.0528 0x2508  DeviceInstall - ok
12:24:01.0553 0x2508  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
12:24:01.0555 0x2508  Dfsc - ok
12:24:01.0579 0x2508  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\windows\system32\dhcpcore.dll
12:24:01.0583 0x2508  Dhcp - ok
12:24:01.0610 0x2508  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\windows\system32\drivers\discache.sys
12:24:01.0611 0x2508  discache - ok
12:24:01.0630 0x2508  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\windows\system32\drivers\disk.sys
12:24:01.0631 0x2508  disk - ok
12:24:01.0643 0x2508  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
12:24:01.0644 0x2508  dmvsc - ok
12:24:01.0666 0x2508  [ B9450BC3F1820A99D010D7426BCA60E9, FC7C35A0C522E5DA52B0616CF99F4903EAC14946180A18A8D8A0FF555BAA87C5 ] Dnscache        C:\windows\System32\dnsrslvr.dll
12:24:01.0669 0x2508  Dnscache - ok
12:24:01.0693 0x2508  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\windows\System32\dot3svc.dll
12:24:01.0697 0x2508  dot3svc - ok
12:24:01.0706 0x2508  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\windows\system32\dps.dll
12:24:01.0709 0x2508  DPS - ok
12:24:01.0735 0x2508  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
12:24:01.0736 0x2508  drmkaud - ok
12:24:01.0762 0x2508  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
12:24:01.0765 0x2508  DsmSvc - ok
12:24:01.0803 0x2508  [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
12:24:01.0818 0x2508  DXGKrnl - ok
12:24:01.0837 0x2508  [ 651FBD69A9713D623D456A240F96179C, 22A1F306B454EF9C84D25EF266F3ED0E1D896B1F5BE60170E79F37F2DBCA59F4 ] e1iexpress      C:\windows\system32\DRIVERS\e1i63x64.sys
12:24:01.0841 0x2508  e1iexpress - ok
12:24:01.0853 0x2508  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\windows\System32\eapsvc.dll
12:24:01.0856 0x2508  Eaphost - ok
12:24:01.0919 0x2508  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\windows\system32\drivers\evbda.sys
12:24:01.0953 0x2508  ebdrv - ok
12:24:01.0990 0x2508  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS             C:\windows\System32\lsass.exe
12:24:01.0992 0x2508  EFS - ok
12:24:02.0004 0x2508  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
12:24:02.0007 0x2508  EhStorClass - ok
12:24:02.0024 0x2508  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
12:24:02.0028 0x2508  EhStorTcgDrv - ok
12:24:02.0059 0x2508  [ CA4ADE6C3929B70317BFDDF9ABBFE0CE, 824F3D26FDFBA38A5191C78E68379D48C915FB6F82BD353A1D5416537F8A0A42 ] epp64           C:\windows\system32\DRIVERS\epp64.sys
12:24:02.0061 0x2508  epp64 - ok
12:24:02.0087 0x2508  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\windows\System32\drivers\errdev.sys
12:24:02.0087 0x2508  ErrDev - ok
12:24:02.0132 0x2508  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\windows\system32\es.dll
12:24:02.0140 0x2508  EventSystem - ok
12:24:02.0154 0x2508  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\windows\system32\drivers\exfat.sys
12:24:02.0156 0x2508  exfat - ok
12:24:02.0173 0x2508  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\windows\system32\drivers\fastfat.sys
12:24:02.0175 0x2508  fastfat - ok
12:24:02.0197 0x2508  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\windows\system32\fxssvc.exe
12:24:02.0206 0x2508  Fax - ok
12:24:02.0217 0x2508  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\windows\System32\drivers\fdc.sys
12:24:02.0218 0x2508  fdc - ok
12:24:02.0241 0x2508  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\windows\system32\fdPHost.dll
12:24:02.0244 0x2508  fdPHost - ok
12:24:02.0251 0x2508  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\windows\system32\fdrespub.dll
12:24:02.0254 0x2508  FDResPub - ok
12:24:02.0274 0x2508  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\windows\system32\fhsvc.dll
12:24:02.0278 0x2508  fhsvc - ok
12:24:02.0301 0x2508  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
12:24:02.0303 0x2508  FileInfo - ok
12:24:02.0318 0x2508  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
12:24:02.0319 0x2508  Filetrace - ok
12:24:02.0332 0x2508  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
12:24:02.0333 0x2508  flpydisk - ok
12:24:02.0351 0x2508  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
12:24:02.0358 0x2508  FltMgr - ok
12:24:02.0396 0x2508  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\windows\system32\FntCache.dll
12:24:02.0411 0x2508  FontCache - ok
12:24:02.0447 0x2508  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:24:02.0448 0x2508  FontCache3.0.0.0 - ok
12:24:02.0461 0x2508  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
12:24:02.0462 0x2508  FsDepends - ok
12:24:02.0476 0x2508  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
12:24:02.0477 0x2508  Fs_Rec - ok
12:24:02.0505 0x2508  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
12:24:02.0511 0x2508  fvevol - ok
12:24:02.0539 0x2508  [ 155871C89E9FA12B3668D457A22311B8, 3B3255DF79A1BB1D6CD2D03DAED028FC825565192523AD92D2445CAB3300D2C9 ] fwndis          C:\windows\system32\DRIVERS\fwndis64.sys
12:24:02.0544 0x2508  fwndis - ok
12:24:02.0572 0x2508  [ 879C4DA34219BA4F83456E6F7876A6BC, 3CBEF4142A27E66807CCBEF61A2730E3F9B83857A78D0CF8A7D99BF4AF152380 ] fwwfp           C:\Program Files (x86)\Emsisoft Internet Security\fwwfp764.sys
12:24:02.0577 0x2508  fwwfp - ok
12:24:02.0595 0x2508  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
12:24:02.0596 0x2508  FxPPM - ok
12:24:02.0605 0x2508  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
12:24:02.0606 0x2508  gagp30kx - ok
12:24:02.0634 0x2508  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
12:24:02.0635 0x2508  GEARAspiWDM - ok
12:24:02.0646 0x2508  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
12:24:02.0647 0x2508  gencounter - ok
12:24:02.0669 0x2508  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
12:24:02.0671 0x2508  GPIOClx0101 - ok
12:24:02.0709 0x2508  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\windows\System32\gpsvc.dll
12:24:02.0725 0x2508  gpsvc - ok
12:24:02.0753 0x2508  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
12:24:02.0757 0x2508  HdAudAddService - ok
12:24:02.0778 0x2508  [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
12:24:02.0779 0x2508  HDAudBus - ok
12:24:02.0797 0x2508  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
12:24:02.0798 0x2508  HidBatt - ok
12:24:02.0816 0x2508  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\windows\System32\drivers\hidbth.sys
12:24:02.0818 0x2508  HidBth - ok
12:24:02.0839 0x2508  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
12:24:02.0840 0x2508  hidi2c - ok
12:24:02.0852 0x2508  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\windows\System32\drivers\hidir.sys
12:24:02.0852 0x2508  HidIr - ok
12:24:02.0860 0x2508  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\windows\system32\hidserv.dll
12:24:02.0861 0x2508  hidserv - ok
12:24:02.0886 0x2508  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\windows\System32\drivers\hidusb.sys
12:24:02.0887 0x2508  HidUsb - ok
12:24:02.0910 0x2508  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\windows\system32\kmsvc.dll
12:24:02.0912 0x2508  hkmsvc - ok
12:24:02.0941 0x2508  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\windows\system32\ListSvc.dll
12:24:02.0945 0x2508  HomeGroupListener - ok
12:24:02.0973 0x2508  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\windows\system32\provsvc.dll
12:24:02.0980 0x2508  HomeGroupProvider - ok
12:24:03.0029 0x2508  [ E1C037A7E05FD39E6C1AF93CEEFDC53A, D20B056BE5CEB5D471170D6627157D8848376FF319BFE12C7331B0F2C0EBB4A4 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
12:24:03.0032 0x2508  HP Support Assistant Service - ok
12:24:03.0061 0x2508  [ E2550FBBBA31E2D4F9757E0A533689F0, 0AE6B0D89E74E57F87A6431D005BFF4213AC4C98A74A7C796894FC2A8D42E0DD ] HPConnectedRemote c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
12:24:03.0063 0x2508  HPConnectedRemote - ok
12:24:03.0099 0x2508  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
12:24:03.0115 0x2508  hpqwmiex - ok
12:24:03.0131 0x2508  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
12:24:03.0132 0x2508  HpSAMD - ok
12:24:03.0162 0x2508  [ DF2D5FB7E9964C7E626ABE86ADA8C108, A0229405777513A6A1C5BDAA19C9FB837671B7BDA8DE2E4BA54443D041E297C4 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
12:24:03.0163 0x2508  HPSupportSolutionsFrameworkService - ok
12:24:03.0200 0x2508  [ 258A9103842E36CD27D07D5A1F6D2A23, 883E797263DB0A971C5FDDB588AAE041DD1021F079A891E8AA4525799C795B04 ] HTTP            C:\windows\system32\drivers\HTTP.sys
12:24:03.0218 0x2508  HTTP - ok
12:24:03.0241 0x2508  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
12:24:03.0241 0x2508  hwpolicy - ok
12:24:03.0251 0x2508  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
12:24:03.0251 0x2508  hyperkbd - ok
12:24:03.0268 0x2508  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
12:24:03.0269 0x2508  HyperVideo - ok
12:24:03.0301 0x2508  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
12:24:03.0303 0x2508  i8042prt - ok
12:24:03.0335 0x2508  [ 459016E8A4FA6426EDB5A9456A6E5E58, 92B73EE5559ABD8783EC5AF8A2B6EBDE0D937745B4BEDBEA6DF06DD8606AE56C ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
12:24:03.0343 0x2508  iaStorA - ok
12:24:03.0358 0x2508  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
12:24:03.0363 0x2508  iaStorV - ok
12:24:03.0571 0x2508  [ 83915E05E168AB63B48302F7DC5D8E00, CD7300A5FFD5A8CE47690CDC1223F4693C536D5667F842CA457CC8716AA3F618 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
12:24:03.0686 0x2508  igfx - ok
12:24:03.0710 0x2508  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
12:24:03.0711 0x2508  iirsp - ok
12:24:03.0756 0x2508  [ 644D7E4EAC8D5CE757435FA98A7BDA50, 7C91F6E75B148E69BF701F0152CDBF8FB94009935EE97F5208560E1E8FEDA4DB ] IKEEXT          C:\windows\System32\ikeext.dll
12:24:03.0779 0x2508  IKEEXT - ok
12:24:03.0831 0x2508  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
12:24:03.0846 0x2508  Intel(R) Capability Licensing Service Interface - ok
12:24:03.0870 0x2508  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
12:24:03.0873 0x2508  Intel(R) ME Service - ok
12:24:03.0883 0x2508  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\windows\system32\drivers\intelide.sys
12:24:03.0884 0x2508  intelide - ok
12:24:03.0910 0x2508  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\windows\System32\drivers\intelppm.sys
12:24:03.0912 0x2508  intelppm - ok
12:24:03.0931 0x2508  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
12:24:03.0933 0x2508  IpFilterDriver - ok
12:24:03.0977 0x2508  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
12:24:03.0990 0x2508  iphlpsvc - ok
12:24:04.0007 0x2508  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
12:24:04.0009 0x2508  IPMIDRV - ok
12:24:04.0018 0x2508  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
12:24:04.0020 0x2508  IPNAT - ok
12:24:04.0052 0x2508  [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:24:04.0059 0x2508  iPod Service - ok
12:24:04.0077 0x2508  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\windows\system32\drivers\irenum.sys
12:24:04.0077 0x2508  IRENUM - ok
12:24:04.0085 0x2508  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\windows\system32\drivers\isapnp.sys
12:24:04.0085 0x2508  isapnp - ok
12:24:04.0111 0x2508  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
12:24:04.0115 0x2508  iScsiPrt - ok
12:24:04.0125 0x2508  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:24:04.0127 0x2508  jhi_service - ok
12:24:04.0140 0x2508  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
12:24:04.0141 0x2508  kbdclass - ok
12:24:04.0155 0x2508  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
12:24:04.0156 0x2508  kbdhid - ok
12:24:04.0164 0x2508  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
12:24:04.0165 0x2508  kdnic - ok
12:24:04.0173 0x2508  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\windows\system32\lsass.exe
12:24:04.0174 0x2508  KeyIso - ok
12:24:04.0192 0x2508  [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
12:24:04.0193 0x2508  KSecDD - ok
12:24:04.0214 0x2508  [ 0EB535ADDC065F2D0CBFC089630A6065, F6DD544227A5B7A0C80E401EB5461963567A24834C60AF520FBABC1A9FB4E631 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
12:24:04.0217 0x2508  KSecPkg - ok
12:24:04.0231 0x2508  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
12:24:04.0232 0x2508  ksthunk - ok
12:24:04.0255 0x2508  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\windows\system32\msdtckrm.dll
12:24:04.0260 0x2508  KtmRm - ok
12:24:04.0283 0x2508  [ CBD16721541EE334F6D623CE0B4003BF, DE2C6345B2051AD4C3A3F3AB89AB63AE58A0BA6AB0BCB6B0DFCE6BCD0E8E9519 ] L1C             C:\windows\system32\DRIVERS\L1C63x64.sys
12:24:04.0285 0x2508  L1C - ok
12:24:04.0307 0x2508  [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\windows\system32\DRIVERS\ladfGSCamd64.sys
12:24:04.0311 0x2508  LADF_CaptureOnly - ok
12:24:04.0327 0x2508  [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\windows\system32\DRIVERS\ladfGSRamd64.sys
12:24:04.0328 0x2508  LADF_RenderOnly - ok
12:24:04.0357 0x2508  [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer    C:\windows\system32\srvsvc.dll
12:24:04.0362 0x2508  LanmanServer - ok
12:24:04.0388 0x2508  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
12:24:04.0393 0x2508  LanmanWorkstation - ok
12:24:04.0422 0x2508  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\windows\system32\drivers\LGBusEnum.sys
12:24:04.0422 0x2508  LGBusEnum - ok
12:24:04.0444 0x2508  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\windows\system32\drivers\LGVirHid.sys
12:24:04.0445 0x2508  LGVirHid - ok
12:24:04.0449 0x2508  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
12:24:04.0451 0x2508  lltdio - ok
12:24:04.0465 0x2508  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\windows\System32\lltdsvc.dll
12:24:04.0470 0x2508  lltdsvc - ok
12:24:04.0477 0x2508  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\windows\System32\lmhsvc.dll
12:24:04.0479 0x2508  lmhosts - ok
12:24:04.0500 0x2508  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:24:04.0504 0x2508  LMS - ok
12:24:04.0526 0x2508  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
12:24:04.0527 0x2508  LSI_SAS - ok
12:24:04.0539 0x2508  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
12:24:04.0541 0x2508  LSI_SAS2 - ok
12:24:04.0555 0x2508  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
12:24:04.0557 0x2508  LSI_SCSI - ok
12:24:04.0568 0x2508  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
12:24:04.0570 0x2508  LSI_SSS - ok
12:24:04.0626 0x2508  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM             C:\windows\System32\lsm.dll
12:24:04.0641 0x2508  LSM - ok
12:24:04.0658 0x2508  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\windows\system32\drivers\luafv.sys
12:24:04.0660 0x2508  luafv - ok
12:24:04.0663 0x2508  MBAMSwissArmy - ok
12:24:04.0679 0x2508  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\windows\system32\drivers\megasas.sys
12:24:04.0680 0x2508  megasas - ok
12:24:04.0696 0x2508  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
12:24:04.0700 0x2508  MegaSR - ok
12:24:04.0723 0x2508  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\windows\System32\drivers\HECIx64.sys
12:24:04.0724 0x2508  MEIx64 - ok
12:24:04.0747 0x2508  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\windows\system32\mmcss.dll
12:24:04.0749 0x2508  MMCSS - ok
12:24:04.0761 0x2508  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\windows\system32\drivers\modem.sys
12:24:04.0762 0x2508  Modem - ok
12:24:04.0778 0x2508  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\windows\System32\drivers\monitor.sys
12:24:04.0779 0x2508  monitor - ok
12:24:04.0793 0x2508  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\windows\System32\drivers\mouclass.sys
12:24:04.0794 0x2508  mouclass - ok
12:24:04.0812 0x2508  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\windows\System32\drivers\mouhid.sys
12:24:04.0813 0x2508  mouhid - ok
12:24:04.0825 0x2508  [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
12:24:04.0827 0x2508  mountmgr - ok
12:24:04.0850 0x2508  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
12:24:04.0851 0x2508  mpsdrv - ok
12:24:04.0878 0x2508  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\windows\system32\mpssvc.dll
12:24:04.0899 0x2508  MpsSvc - ok
12:24:04.0942 0x2508  [ 25560C1656DC7F0723A0CC0B0E1C6BED, 17E8565B833ED58CCB6F85B90A42553464C4408C54006E019AA5641EDB682E31 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
12:24:04.0946 0x2508  MRxDAV - ok
12:24:04.0987 0x2508  [ 14EE56050E1637926F5CFA65B1F4209B, C654280B4BB461898B43DF350B5BB76C2FDEBD6B49A19D08B2F28D92E2FA3D0D ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
12:24:04.0998 0x2508  mrxsmb - ok
12:24:05.0026 0x2508  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
12:24:05.0030 0x2508  mrxsmb10 - ok
12:24:05.0046 0x2508  [ 0AA400AB21745F1153ECE75E0186509A, E26696A00008BB8D88ABED6F379FFFAE21ACE9AA7108D9E89A7D99CAF2F23FEF ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
12:24:05.0049 0x2508  mrxsmb20 - ok
12:24:05.0059 0x2508  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
12:24:05.0061 0x2508  MsBridge - ok
12:24:05.0085 0x2508  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\windows\System32\msdtc.exe
12:24:05.0089 0x2508  MSDTC - ok
12:24:05.0108 0x2508  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\windows\system32\drivers\Msfs.sys
12:24:05.0109 0x2508  Msfs - ok
12:24:05.0130 0x2508  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
12:24:05.0130 0x2508  msgpiowin32 - ok
12:24:05.0138 0x2508  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
12:24:05.0139 0x2508  mshidkmdf - ok
12:24:05.0149 0x2508  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
12:24:05.0150 0x2508  mshidumdf - ok
12:24:05.0165 0x2508  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
12:24:05.0166 0x2508  msisadrv - ok
12:24:05.0196 0x2508  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\windows\system32\iscsiexe.dll
12:24:05.0200 0x2508  MSiSCSI - ok
12:24:05.0205 0x2508  msiserver - ok
12:24:05.0217 0x2508  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
12:24:05.0217 0x2508  MSKSSRV - ok
12:24:05.0233 0x2508  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
12:24:05.0234 0x2508  MsLldp - ok
12:24:05.0248 0x2508  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
12:24:05.0249 0x2508  MSPCLOCK - ok
12:24:05.0255 0x2508  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
12:24:05.0255 0x2508  MSPQM - ok
12:24:05.0277 0x2508  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
12:24:05.0283 0x2508  MsRPC - ok
12:24:05.0302 0x2508  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
12:24:05.0303 0x2508  mssmbios - ok
12:24:05.0317 0x2508  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
12:24:05.0318 0x2508  MSTEE - ok
12:24:05.0327 0x2508  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
12:24:05.0327 0x2508  MTConfig - ok
12:24:05.0339 0x2508  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\windows\system32\Drivers\mup.sys
12:24:05.0341 0x2508  Mup - ok
12:24:05.0350 0x2508  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\windows\system32\drivers\mvumis.sys
12:24:05.0351 0x2508  mvumis - ok
12:24:05.0377 0x2508  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\windows\system32\qagentRT.dll
12:24:05.0384 0x2508  napagent - ok
12:24:05.0407 0x2508  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
12:24:05.0412 0x2508  NativeWifiP - ok
12:24:05.0434 0x2508  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\windows\System32\ncasvc.dll
12:24:05.0438 0x2508  NcaSvc - ok
12:24:05.0447 0x2508  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
12:24:05.0450 0x2508  NcdAutoSetup - ok
12:24:05.0492 0x2508  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\windows\system32\drivers\ndis.sys
12:24:05.0503 0x2508  NDIS - ok
12:24:05.0523 0x2508  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
12:24:05.0525 0x2508  NdisCap - ok
12:24:05.0537 0x2508  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
12:24:05.0538 0x2508  NdisImPlatform - ok
12:24:05.0566 0x2508  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
12:24:05.0568 0x2508  NdisTapi - ok
12:24:05.0588 0x2508  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
12:24:05.0591 0x2508  Ndisuio - ok
12:24:05.0611 0x2508  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
12:24:05.0615 0x2508  NdisWan - ok
12:24:05.0623 0x2508  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
12:24:05.0627 0x2508  NDISWANLEGACY - ok
12:24:05.0648 0x2508  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
12:24:05.0649 0x2508  NDProxy - ok
12:24:05.0659 0x2508  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\windows\system32\drivers\Ndu.sys
12:24:05.0661 0x2508  Ndu - ok
12:24:05.0672 0x2508  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
12:24:05.0673 0x2508  NetBIOS - ok
12:24:05.0689 0x2508  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
12:24:05.0693 0x2508  NetBT - ok
12:24:05.0706 0x2508  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\windows\system32\lsass.exe
12:24:05.0708 0x2508  Netlogon - ok
12:24:05.0727 0x2508  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\windows\System32\netman.dll
12:24:05.0732 0x2508  Netman - ok
12:24:05.0766 0x2508  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\windows\System32\netprofmsvc.dll
12:24:05.0773 0x2508  netprofm - ok
12:24:05.0855 0x2508  [ 735E4E58539FA0F0B96B7D9599C6C041, 43B603C7EF5B1819FC99776984326C5AA6D2915BA70E12E5366BB456D1F2B7E3 ] netr28x         C:\windows\system32\DRIVERS\netr28x.sys
12:24:05.0882 0x2508  netr28x - ok
12:24:05.0931 0x2508  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:24:05.0963 0x2508  NetTcpPortSharing - ok
12:24:05.0988 0x2508  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
12:24:05.0990 0x2508  nfrd960 - ok
12:24:06.0035 0x2508  [ 5177E35B186D2DED6F1EFF57BA61B975, B48C2E0FE2E95C37697107BDB8E0843D3E56200D2E242BF02E205C53978655D9 ] NlaSvc          C:\windows\System32\nlasvc.dll
12:24:06.0048 0x2508  NlaSvc - ok
12:24:06.0078 0x2508  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\windows\system32\drivers\Npfs.sys
12:24:06.0079 0x2508  Npfs - ok
12:24:06.0091 0x2508  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
12:24:06.0092 0x2508  npsvctrig - ok
12:24:06.0122 0x2508  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\windows\system32\nsisvc.dll
12:24:06.0125 0x2508  nsi - ok
12:24:06.0137 0x2508  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
12:24:06.0138 0x2508  nsiproxy - ok
12:24:06.0199 0x2508  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
12:24:06.0225 0x2508  Ntfs - ok
12:24:06.0245 0x2508  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\windows\system32\drivers\Null.sys
12:24:06.0245 0x2508  Null - ok
12:24:06.0254 0x2508  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\windows\system32\drivers\nvraid.sys
12:24:06.0256 0x2508  nvraid - ok
12:24:06.0267 0x2508  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\windows\system32\drivers\nvstor.sys
12:24:06.0269 0x2508  nvstor - ok
12:24:06.0282 0x2508  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
12:24:06.0284 0x2508  nv_agp - ok
12:24:06.0365 0x2508  [ 4E5989A0033E9805BC626A3B660362F6, E156AEB635D5ECB21B3906C5B49ADCA8212F677B1E447B4C97F4AB76E5A601EF ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
12:24:06.0389 0x2508  OfficeSvc - ok
12:24:06.0437 0x2508  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:24:06.0439 0x2508  ose - ok
12:24:06.0453 0x2508  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
12:24:06.0459 0x2508  p2pimsvc - ok
12:24:06.0478 0x2508  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\windows\system32\p2psvc.dll
12:24:06.0485 0x2508  p2psvc - ok
12:24:06.0504 0x2508  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\windows\System32\drivers\parport.sys
12:24:06.0506 0x2508  Parport - ok
12:24:06.0524 0x2508  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\windows\system32\drivers\partmgr.sys
12:24:06.0525 0x2508  partmgr - ok
12:24:06.0549 0x2508  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\windows\System32\pcasvc.dll
12:24:06.0555 0x2508  PcaSvc - ok
12:24:06.0570 0x2508  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\windows\system32\drivers\pci.sys
12:24:06.0573 0x2508  pci - ok
12:24:06.0586 0x2508  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\windows\system32\drivers\pciide.sys
12:24:06.0586 0x2508  pciide - ok
12:24:06.0605 0x2508  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
12:24:06.0608 0x2508  pcmcia - ok
12:24:06.0619 0x2508  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\windows\system32\drivers\pcw.sys
12:24:06.0620 0x2508  pcw - ok
12:24:06.0642 0x2508  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\windows\system32\drivers\pdc.sys
12:24:06.0643 0x2508  pdc - ok
12:24:06.0682 0x2508  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
12:24:06.0701 0x2508  PEAUTH - ok
12:24:06.0782 0x2508  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\windows\SysWow64\perfhost.exe
12:24:06.0784 0x2508  PerfHost - ok
12:24:06.0838 0x2508  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\windows\system32\pla.dll
12:24:06.0855 0x2508  pla - ok
12:24:06.0883 0x2508  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
12:24:06.0886 0x2508  PlugPlay - ok
12:24:06.0911 0x2508  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\windows\system32\PnkBstrA.exe
12:24:06.0914 0x2508  PnkBstrA - ok
12:24:06.0922 0x2508  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
12:24:06.0924 0x2508  PNRPAutoReg - ok
12:24:06.0945 0x2508  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
12:24:06.0951 0x2508  PNRPsvc - ok
12:24:06.0977 0x2508  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
12:24:06.0984 0x2508  PolicyAgent - ok
12:24:07.0031 0x2508  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\windows\system32\umpo.dll
12:24:07.0039 0x2508  Power - ok
12:24:07.0071 0x2508  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
12:24:07.0075 0x2508  PptpMiniport - ok
12:24:07.0190 0x2508  [ 3D312AC13CB8D05822E9EFD234766BA7, 5914CAA563FAE4E21AD58A262369657135D320788A56ABF15C9D77E9ADC4CA36 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
12:24:07.0219 0x2508  PrintNotify - ok
12:24:07.0241 0x2508  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\windows\System32\drivers\processr.sys
12:24:07.0242 0x2508  Processor - ok
12:24:07.0266 0x2508  [ 1D7127048413309629233B50BF2DD9A6, 918322AFDD576D9966961B111F5E38BDDB4278F9456E7AA1A3453EC8CAF4B8A8 ] ProfSvc         C:\windows\system32\profsvc.dll
12:24:07.0270 0x2508  ProfSvc - ok
12:24:07.0284 0x2508  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
12:24:07.0287 0x2508  Psched - ok
12:24:07.0305 0x2508  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\windows\system32\qwave.dll
12:24:07.0310 0x2508  QWAVE - ok
12:24:07.0324 0x2508  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
12:24:07.0326 0x2508  QWAVEdrv - ok
12:24:07.0347 0x2508  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
12:24:07.0349 0x2508  RasAcd - ok
12:24:07.0382 0x2508  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
12:24:07.0385 0x2508  RasAgileVpn - ok
12:24:07.0412 0x2508  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\windows\System32\rasauto.dll
12:24:07.0420 0x2508  RasAuto - ok
12:24:07.0442 0x2508  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
12:24:07.0444 0x2508  Rasl2tp - ok
12:24:07.0466 0x2508  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\windows\System32\rasmans.dll
12:24:07.0474 0x2508  RasMan - ok
12:24:07.0492 0x2508  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
12:24:07.0493 0x2508  RasPppoe - ok
12:24:07.0504 0x2508  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
12:24:07.0506 0x2508  RasSstp - ok
12:24:07.0581 0x2508  [ 71FF75BAE3D6E362BE3AD07E26C2D00A, 33F82F817AAAD585D47112A88BCC9DC2FB1B7AB8448EE140FA00FA520D8647A7 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
12:24:07.0587 0x2508  Razer Game Scanner Service - ok
12:24:07.0627 0x2508  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
12:24:07.0639 0x2508  rdbss - ok
12:24:07.0661 0x2508  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
12:24:07.0661 0x2508  rdpbus - ok
12:24:07.0678 0x2508  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
12:24:07.0680 0x2508  RDPDR - ok
12:24:07.0704 0x2508  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
12:24:07.0705 0x2508  RdpVideoMiniport - ok
12:24:07.0723 0x2508  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
12:24:07.0726 0x2508  RDPWD - ok
12:24:07.0745 0x2508  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
12:24:07.0747 0x2508  rdyboost - ok
12:24:07.0775 0x2508  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\windows\System32\mprdim.dll
12:24:07.0778 0x2508  RemoteAccess - ok
12:24:07.0790 0x2508  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\windows\system32\regsvc.dll
12:24:07.0794 0x2508  RemoteRegistry - ok
12:24:07.0817 0x2508  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
12:24:07.0820 0x2508  RpcEptMapper - ok
12:24:07.0839 0x2508  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\windows\system32\locator.exe
12:24:07.0841 0x2508  RpcLocator - ok
12:24:07.0879 0x2508  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\windows\system32\rpcss.dll
12:24:07.0890 0x2508  RpcSs - ok
12:24:07.0916 0x2508  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
12:24:07.0918 0x2508  rspndr - ok
12:24:07.0939 0x2508  [ 8295DB01432C1D1F3D0F4A27AB349730, 7FE8CC442829B8136A96E19F17070C29DA2C5F1B9EA2B5EBACCB965783F96356 ] rzendpt         C:\windows\System32\drivers\rzendpt.sys
12:24:07.0940 0x2508  rzendpt - ok
12:24:07.0965 0x2508  [ F17F84511E7DFDEEAB646F0699A006D7, 5237937841FBD1F99A5D6161DEBA26182DDAF617CA98946EE7DB0AB67FC149EA ] rzpmgrk         C:\windows\system32\drivers\rzpmgrk.sys
12:24:07.0966 0x2508  rzpmgrk - ok
12:24:07.0991 0x2508  [ FEF60A37301E1F5A3020FA3487FB2CD7, 0C925468C3376458D0E1EC65E097BD1A81A03901035C0195E8F6EF904EF3F901 ] rzpnk           C:\windows\system32\drivers\rzpnk.sys
12:24:07.0993 0x2508  rzpnk - ok
12:24:08.0022 0x2508  [ 77C5AB228FE307C55FEF0C575E218771, 73C9D4593DA694B2D52817F608E749296D9CC1C44906C97204595476B68AD50F ] rzudd           C:\windows\System32\drivers\rzudd.sys
12:24:08.0024 0x2508  rzudd - ok
12:24:08.0040 0x2508  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
12:24:08.0040 0x2508  s3cap - ok
12:24:08.0072 0x2508  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs           C:\windows\system32\lsass.exe
12:24:08.0074 0x2508  SamSs - ok
12:24:08.0090 0x2508  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
12:24:08.0092 0x2508  sbp2port - ok
12:24:08.0109 0x2508  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\windows\System32\SCardSvr.dll
12:24:08.0114 0x2508  SCardSvr - ok
12:24:08.0123 0x2508  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
12:24:08.0124 0x2508  scfilter - ok
12:24:08.0172 0x2508  [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule        C:\windows\system32\schedsvc.dll
12:24:08.0188 0x2508  Schedule - ok
12:24:08.0212 0x2508  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\windows\System32\certprop.dll
12:24:08.0215 0x2508  SCPolicySvc - ok
12:24:08.0246 0x2508  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\windows\System32\drivers\sdbus.sys
12:24:08.0248 0x2508  sdbus - ok
12:24:08.0263 0x2508  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\windows\System32\SDRSVC.dll
12:24:08.0267 0x2508  SDRSVC - ok
12:24:08.0287 0x2508  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\windows\System32\drivers\sdstor.sys
12:24:08.0288 0x2508  sdstor - ok
12:24:08.0298 0x2508  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
12:24:08.0299 0x2508  secdrv - ok
12:24:08.0306 0x2508  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\windows\system32\seclogon.dll
12:24:08.0309 0x2508  seclogon - ok
12:24:08.0325 0x2508  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\windows\System32\sens.dll
12:24:08.0328 0x2508  SENS - ok
12:24:08.0343 0x2508  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\windows\system32\sensrsvc.dll
12:24:08.0347 0x2508  SensrSvc - ok
12:24:08.0360 0x2508  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\windows\system32\drivers\SerCx.sys
12:24:08.0361 0x2508  SerCx - ok
12:24:08.0374 0x2508  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\windows\System32\drivers\serenum.sys
12:24:08.0374 0x2508  Serenum - ok
12:24:08.0386 0x2508  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\windows\System32\drivers\serial.sys
12:24:08.0387 0x2508  Serial - ok
12:24:08.0402 0x2508  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\windows\System32\drivers\sermouse.sys
12:24:08.0403 0x2508  sermouse - ok
12:24:08.0440 0x2508  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\windows\system32\sessenv.dll
12:24:08.0445 0x2508  SessionEnv - ok
12:24:08.0465 0x2508  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
12:24:08.0465 0x2508  sfloppy - ok
12:24:08.0497 0x2508  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\windows\System32\ipnathlp.dll
12:24:08.0503 0x2508  SharedAccess - ok
12:24:08.0586 0x2508  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\windows\System32\shsvcs.dll
12:24:08.0604 0x2508  ShellHWDetection - ok
12:24:08.0614 0x2508  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
12:24:08.0615 0x2508  SiSRaid2 - ok
12:24:08.0632 0x2508  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
12:24:08.0633 0x2508  SiSRaid4 - ok
12:24:08.0656 0x2508  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
12:24:08.0658 0x2508  SNMPTRAP - ok
12:24:08.0686 0x2508  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\windows\system32\drivers\spaceport.sys
12:24:08.0690 0x2508  spaceport - ok
12:24:08.0701 0x2508  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
12:24:08.0702 0x2508  SpbCx - ok
12:24:08.0732 0x2508  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\windows\System32\spoolsv.exe
12:24:08.0742 0x2508  Spooler - ok
12:24:08.0873 0x2508  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\windows\system32\sppsvc.exe
12:24:08.0927 0x2508  sppsvc - ok
12:24:08.0951 0x2508  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\windows\system32\DRIVERS\srv.sys
12:24:08.0956 0x2508  srv - ok
12:24:08.0994 0x2508  [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
12:24:09.0004 0x2508  srv2 - ok
12:24:09.0021 0x2508  [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
12:24:09.0024 0x2508  srvnet - ok
12:24:09.0058 0x2508  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
12:24:09.0063 0x2508  SSDPSRV - ok
12:24:09.0074 0x2508  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\windows\system32\sstpsvc.dll
12:24:09.0078 0x2508  SstpSvc - ok
12:24:09.0145 0x2508  [ 97F839E8AEC48EE271509BF4BC764C24, 7B9B791E987ADC8991C128CD52CB253F295E41DF502BF8933DF388994E84560D ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
12:24:09.0154 0x2508  STacSV - ok
12:24:09.0183 0x2508  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\windows\system32\drivers\stexstor.sys
12:24:09.0184 0x2508  stexstor - ok
12:24:09.0208 0x2508  [ 7E89F65EB250463EE8665CFE19566FC3, 45849BAFA62E72A97103C5F02962D346D3F79DE9DB07297D1073FF355A506D9C ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
12:24:09.0216 0x2508  STHDA - ok
12:24:09.0233 0x2508  [ F38F79114380246B6D40CD53FB2CA28D, 5F4001F6D97903DCBB2399B3AC36329A515823D44CDEE784613F2976398DB950 ] StillCam        C:\windows\System32\drivers\serscan.sys
12:24:09.0233 0x2508  StillCam - ok
12:24:09.0269 0x2508  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\windows\System32\wiaservc.dll
12:24:09.0278 0x2508  stisvc - ok
12:24:09.0298 0x2508  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\windows\system32\drivers\storahci.sys
12:24:09.0299 0x2508  storahci - ok
12:24:09.0308 0x2508  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
12:24:09.0309 0x2508  storflt - ok
12:24:09.0319 0x2508  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\windows\system32\storsvc.dll
12:24:09.0321 0x2508  StorSvc - ok
12:24:09.0330 0x2508  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\windows\system32\drivers\storvsc.sys
12:24:09.0331 0x2508  storvsc - ok
12:24:09.0356 0x2508  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\windows\system32\svsvc.dll
12:24:09.0359 0x2508  svsvc - ok
12:24:09.0376 0x2508  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\windows\System32\drivers\swenum.sys
12:24:09.0377 0x2508  swenum - ok
12:24:09.0408 0x2508  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\windows\System32\swprv.dll
12:24:09.0418 0x2508  swprv - ok
12:24:09.0472 0x2508  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\windows\system32\sysmain.dll
12:24:09.0488 0x2508  SysMain - ok
12:24:09.0520 0x2508  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
12:24:09.0524 0x2508  SystemEventsBroker - ok
12:24:09.0552 0x2508  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\windows\System32\TabSvc.dll
12:24:09.0555 0x2508  TabletInputService - ok
12:24:09.0576 0x2508  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\windows\System32\tapisrv.dll
12:24:09.0581 0x2508  TapiSrv - ok
12:24:09.0643 0x2508  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
12:24:09.0667 0x2508  Tcpip - ok
12:24:09.0706 0x2508  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
12:24:09.0730 0x2508  TCPIP6 - ok
12:24:09.0759 0x2508  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
12:24:09.0760 0x2508  tcpipreg - ok
12:24:09.0775 0x2508  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
12:24:09.0777 0x2508  tdx - ok
12:24:09.0790 0x2508  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\windows\System32\drivers\terminpt.sys
12:24:09.0791 0x2508  terminpt - ok
12:24:09.0820 0x2508  [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService     C:\windows\System32\termsrv.dll
12:24:09.0830 0x2508  TermService - ok
12:24:09.0859 0x2508  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\windows\system32\themeservice.dll
12:24:09.0862 0x2508  Themes - ok
12:24:09.0887 0x2508  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\windows\system32\mmcss.dll
12:24:09.0890 0x2508  THREADORDER - ok
12:24:09.0920 0x2508  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
12:24:09.0925 0x2508  TimeBroker - ok
12:24:09.0948 0x2508  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\windows\system32\drivers\tpm.sys
12:24:09.0950 0x2508  TPM - ok
12:24:09.0963 0x2508  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\windows\System32\trkwks.dll
12:24:09.0967 0x2508  TrkWks - ok
12:24:10.0018 0x2508  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
12:24:10.0019 0x2508  TrustedInstaller - ok
12:24:10.0042 0x2508  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
12:24:10.0043 0x2508  TsUsbFlt - ok
12:24:10.0056 0x2508  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
12:24:10.0057 0x2508  TsUsbGD - ok
12:24:10.0072 0x2508  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
12:24:10.0074 0x2508  tunnel - ok
12:24:10.0086 0x2508  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\windows\system32\drivers\uagp35.sys
12:24:10.0087 0x2508  uagp35 - ok
12:24:10.0107 0x2508  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
12:24:10.0108 0x2508  UASPStor - ok
12:24:10.0137 0x2508  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
12:24:10.0139 0x2508  UCX01000 - ok
12:24:10.0173 0x2508  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
12:24:10.0177 0x2508  udfs - ok
12:24:10.0200 0x2508  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\windows\system32\UI0Detect.exe
12:24:10.0203 0x2508  UI0Detect - ok
12:24:10.0213 0x2508  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
12:24:10.0215 0x2508  uliagpkx - ok
12:24:10.0227 0x2508  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\windows\System32\drivers\umbus.sys
12:24:10.0228 0x2508  umbus - ok
12:24:10.0240 0x2508  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\windows\System32\drivers\umpass.sys
12:24:10.0240 0x2508  UmPass - ok
12:24:10.0253 0x2508  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\windows\System32\umrdp.dll
12:24:10.0259 0x2508  UmRdpService - ok
12:24:10.0301 0x2508  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:24:10.0305 0x2508  UNS - ok
12:24:10.0332 0x2508  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\windows\System32\upnphost.dll
12:24:10.0340 0x2508  upnphost - ok
12:24:10.0367 0x2508  [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64       C:\windows\System32\Drivers\usbaapl64.sys
12:24:10.0368 0x2508  USBAAPL64 - ok
12:24:10.0396 0x2508  [ 9E9F21FF91D7ECC0BCCB94D3FE52A959, 85461393D62ED939F6741C2D0A90C8AB34F4415173223BB4CFC119715D10E7A7 ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
12:24:10.0398 0x2508  usbaudio - ok
12:24:10.0429 0x2508  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
12:24:10.0430 0x2508  usbccgp - ok
12:24:10.0448 0x2508  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\windows\System32\drivers\usbcir.sys
12:24:10.0449 0x2508  usbcir - ok
12:24:10.0461 0x2508  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\windows\System32\drivers\usbehci.sys
12:24:10.0462 0x2508  usbehci - ok
12:24:10.0496 0x2508  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\windows\System32\drivers\usbhub.sys
12:24:10.0503 0x2508  usbhub - ok
12:24:10.0537 0x2508  [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
12:24:10.0542 0x2508  USBHUB3 - ok
12:24:10.0563 0x2508  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\windows\System32\drivers\usbohci.sys
12:24:10.0564 0x2508  usbohci - ok
12:24:10.0579 0x2508  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\windows\System32\drivers\usbprint.sys
12:24:10.0580 0x2508  usbprint - ok
12:24:10.0604 0x2508  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
12:24:10.0605 0x2508  USBSTOR - ok
12:24:10.0623 0x2508  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
12:24:10.0624 0x2508  usbuhci - ok
12:24:10.0646 0x2508  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
12:24:10.0650 0x2508  USBXHCI - ok
12:24:10.0664 0x2508  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\windows\system32\lsass.exe
12:24:10.0666 0x2508  VaultSvc - ok
12:24:10.0700 0x2508  VBoxAswDrv - ok
12:24:10.0725 0x2508  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
12:24:10.0726 0x2508  vdrvroot - ok
12:24:10.0757 0x2508  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\windows\System32\vds.exe
12:24:10.0771 0x2508  vds - ok
12:24:10.0793 0x2508  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
12:24:10.0795 0x2508  VerifierExt - ok
12:24:10.0828 0x2508  [ D4051AA2ACD38AABF9DEC24B8A331EB1, 377D5DD98E4E09F3CCC330852F9FD9E4CC2069AE1A1C1AFBC90002FE3101708B ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
12:24:10.0835 0x2508  vhdmp - ok
12:24:10.0851 0x2508  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\windows\system32\drivers\viaide.sys
12:24:10.0851 0x2508  viaide - ok
12:24:10.0866 0x2508  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\windows\system32\drivers\vmbus.sys
12:24:10.0869 0x2508  vmbus - ok
12:24:10.0880 0x2508  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
12:24:10.0881 0x2508  VMBusHID - ok
12:24:10.0914 0x2508  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\windows\System32\ICSvc.dll
12:24:10.0919 0x2508  vmicheartbeat - ok
12:24:10.0929 0x2508  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\windows\System32\ICSvc.dll
12:24:10.0934 0x2508  vmickvpexchange - ok
12:24:10.0944 0x2508  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\windows\System32\ICSvc.dll
12:24:10.0949 0x2508  vmicrdv - ok
12:24:10.0959 0x2508  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\windows\System32\ICSvc.dll
12:24:10.0964 0x2508  vmicshutdown - ok
12:24:10.0973 0x2508  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\windows\System32\ICSvc.dll
12:24:10.0978 0x2508  vmictimesync - ok
12:24:10.0988 0x2508  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\windows\System32\ICSvc.dll
12:24:10.0993 0x2508  vmicvss - ok
12:24:11.0005 0x2508  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\windows\system32\drivers\volmgr.sys
12:24:11.0006 0x2508  volmgr - ok
12:24:11.0029 0x2508  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
12:24:11.0034 0x2508  volmgrx - ok
12:24:11.0070 0x2508  [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap         C:\windows\system32\drivers\volsnap.sys
12:24:11.0074 0x2508  volsnap - ok
12:24:11.0092 0x2508  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\windows\System32\drivers\vpci.sys
12:24:11.0094 0x2508  vpci - ok
12:24:11.0109 0x2508  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
12:24:11.0112 0x2508  vsmraid - ok
12:24:11.0164 0x2508  [ FE37051171F3B90B18037FDBAC5B9D76, F220D71512E059F298F3CD958D69BE7225A8E8D492387347E75A0E615159782A ] VSS             C:\windows\system32\vssvc.exe
12:24:11.0182 0x2508  VSS - ok
12:24:11.0203 0x2508  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
12:24:11.0207 0x2508  VSTXRAID - ok
12:24:11.0225 0x2508  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
12:24:11.0226 0x2508  vwifibus - ok
12:24:11.0250 0x2508  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
12:24:11.0251 0x2508  vwififlt - ok
12:24:11.0264 0x2508  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
12:24:11.0265 0x2508  vwifimp - ok
12:24:11.0292 0x2508  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\windows\system32\w32time.dll
12:24:11.0298 0x2508  W32Time - ok
12:24:11.0310 0x2508  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\windows\System32\drivers\wacompen.sys
12:24:11.0311 0x2508  WacomPen - ok
12:24:11.0344 0x2508  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
12:24:11.0346 0x2508  Wanarp - ok
12:24:11.0353 0x2508  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
12:24:11.0354 0x2508  Wanarpv6 - ok
12:24:11.0396 0x2508  [ 901CC968412F8155B08D7ABE0171166A, D05A8E3D4D159546394E902C618D0583FE497B51C8F1C86D8E3B9E046819DD53 ] WAS             C:\windows\system32\inetsrv\iisw3adm.dll
12:24:11.0409 0x2508  WAS - ok
12:24:11.0463 0x2508  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\windows\system32\wbengine.exe
12:24:11.0488 0x2508  wbengine - ok
12:24:11.0511 0x2508  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
12:24:11.0517 0x2508  WbioSrvc - ok
12:24:11.0552 0x2508  [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc          C:\windows\System32\wcmsvc.dll
12:24:11.0564 0x2508  Wcmsvc - ok
12:24:11.0604 0x2508  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\windows\System32\wcncsvc.dll
12:24:11.0612 0x2508  wcncsvc - ok
12:24:11.0625 0x2508  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
12:24:11.0628 0x2508  WcsPlugInService - ok
12:24:11.0643 0x2508  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\windows\system32\drivers\wd.sys
12:24:11.0644 0x2508  Wd - ok
12:24:11.0668 0x2508  [ 5A416C253D2C50327928ABC4A1D8A0F2, A3A41F3E6229D86F85F68062BBEA38290FB78B3D3F0D8DF3B6C01FF5B93A9F16 ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
12:24:11.0669 0x2508  WdBoot - ok
12:24:11.0713 0x2508  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
12:24:11.0722 0x2508  Wdf01000 - ok
12:24:11.0742 0x2508  [ 6FBA6CD2348DEC440D0C6D511C55F3FE, 0CB50B57D9C6E56B20FA8777540E2C8C5702753758075DA4C310A7B2B2F8A352 ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
12:24:11.0746 0x2508  WdFilter - ok
12:24:11.0766 0x2508  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\windows\system32\wdi.dll
12:24:11.0770 0x2508  WdiServiceHost - ok
12:24:11.0777 0x2508  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\windows\system32\wdi.dll
12:24:11.0780 0x2508  WdiSystemHost - ok
12:24:11.0809 0x2508  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\windows\System32\webclnt.dll
12:24:11.0816 0x2508  WebClient - ok
12:24:11.0837 0x2508  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\windows\system32\wecsvc.dll
12:24:11.0845 0x2508  Wecsvc - ok
12:24:11.0865 0x2508  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\windows\System32\wercplsupport.dll
12:24:11.0868 0x2508  wercplsupport - ok
12:24:11.0886 0x2508  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\windows\System32\WerSvc.dll
12:24:11.0890 0x2508  WerSvc - ok
12:24:11.0913 0x2508  [ 8FDA12E934C7BB7CC317F90FC70DC4FC, AA0DA063BCE5692DFD46F0AAE07727B38D4AA87A9BAEBAFF137F9CAAF2808EC0 ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
12:24:11.0915 0x2508  WFPLWFS - ok
12:24:11.0928 0x2508  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\windows\System32\wiarpc.dll
12:24:11.0932 0x2508  WiaRpc - ok
12:24:11.0960 0x2508  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
12:24:11.0961 0x2508  WIMMount - ok
12:24:11.0984 0x2508  WinDefend - ok
12:24:12.0021 0x2508  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
12:24:12.0031 0x2508  WinHttpAutoProxySvc - ok
12:24:12.0081 0x2508  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
12:24:12.0086 0x2508  Winmgmt - ok
12:24:12.0182 0x2508  [ 89DA335401D956F2696E35A38817BE19, D5A8D5C0BE285564AB0DF1B4594FE612359C72BE3B64063C3460BB73AA34F413 ] WinRM           C:\windows\system32\WsmSvc.dll
12:24:12.0216 0x2508  WinRM - ok
12:24:12.0257 0x2508  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
12:24:12.0258 0x2508  WinUsb - ok
12:24:12.0324 0x2508  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\windows\System32\wlansvc.dll
12:24:12.0342 0x2508  WlanSvc - ok
12:24:12.0420 0x2508  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\windows\system32\wlidsvc.dll
12:24:12.0443 0x2508  wlidsvc - ok
12:24:12.0468 0x2508  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
12:24:12.0469 0x2508  WmiAcpi - ok
12:24:12.0499 0x2508  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
12:24:12.0501 0x2508  wmiApSrv - ok
12:24:12.0524 0x2508  WMPNetworkSvc - ok
12:24:12.0543 0x2508  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
12:24:12.0544 0x2508  wpcfltr - ok
12:24:12.0569 0x2508  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\windows\System32\wpcsvc.dll
12:24:12.0572 0x2508  WPCSvc - ok
12:24:12.0597 0x2508  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
12:24:12.0605 0x2508  WPDBusEnum - ok
12:24:12.0626 0x2508  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
12:24:12.0627 0x2508  WpdUpFltr - ok
12:24:12.0650 0x2508  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
12:24:12.0651 0x2508  ws2ifsl - ok
12:24:12.0673 0x2508  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\windows\System32\wscsvc.dll
12:24:12.0676 0x2508  wscsvc - ok
12:24:12.0683 0x2508  WSearch - ok
12:24:12.0756 0x2508  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\windows\System32\WSService.dll
12:24:12.0783 0x2508  WSService - ok
12:24:12.0908 0x2508  [ C5B45464B98F211FE58AEE62CFF21F05, A0AB6142F35707102B75C9C29A749C7EB12CB6F5E85E6BA67C5B961AF7EB3BE8 ] wuauserv        C:\windows\system32\wuaueng.dll
12:24:12.0945 0x2508  wuauserv - ok
12:24:12.0972 0x2508  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
12:24:12.0974 0x2508  WudfPf - ok
12:24:13.0001 0x2508  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
12:24:13.0007 0x2508  WUDFRd - ok
12:24:13.0049 0x2508  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
12:24:13.0057 0x2508  wudfsvc - ok
12:24:13.0075 0x2508  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
12:24:13.0078 0x2508  WUDFWpdFs - ok
12:24:13.0087 0x2508  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
12:24:13.0090 0x2508  WUDFWpdMtp - ok
12:24:13.0126 0x2508  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\windows\System32\wwansvc.dll
12:24:13.0134 0x2508  WwanSvc - ok
12:24:13.0162 0x2508  ================ Scan global ===============================
12:24:13.0191 0x2508  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\windows\system32\basesrv.dll
12:24:13.0215 0x2508  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\windows\system32\winsrv.dll
12:24:13.0242 0x2508  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\windows\system32\sxssrv.dll
12:24:13.0267 0x2508  [ B6AEF1771CCA54B67DA4932753F74124, 83A353CAC6111C16EB880345E7D89DC9D56F0A3C79F854A4BB7DBABF7270C29F ] C:\windows\system32\services.exe
12:24:13.0273 0x2508  [ Global ] - ok
12:24:13.0274 0x2508  ================ Scan MBR ==================================
12:24:13.0281 0x2508  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:24:13.0283 0x2508  \Device\Harddisk0\DR0 - ok
12:24:13.0284 0x2508  ================ Scan VBR ==================================
12:24:13.0286 0x2508  [ 36D5C98962745F35CC55B36A48BBEFBF ] \Device\Harddisk0\DR0\Partition1
12:24:13.0331 0x2508  \Device\Harddisk0\DR0\Partition1 - ok
12:24:13.0339 0x2508  [ 0CEC52DD76835EA0C696771235B75171 ] \Device\Harddisk0\DR0\Partition2
12:24:13.0373 0x2508  \Device\Harddisk0\DR0\Partition2 - ok
12:24:13.0387 0x2508  [ 7D4B560A7CFC88364DB6B6DBC55CAE70 ] \Device\Harddisk0\DR0\Partition3
12:24:13.0387 0x2508  \Device\Harddisk0\DR0\Partition3 - ok
12:24:13.0398 0x2508  [ D03002DD977159F500A3D2220140CFB5 ] \Device\Harddisk0\DR0\Partition4
12:24:13.0444 0x2508  \Device\Harddisk0\DR0\Partition4 - ok
12:24:13.0463 0x2508  [ B7221BE3E4FCACBC1D021C80858C5AAF ] \Device\Harddisk0\DR0\Partition5
12:24:13.0497 0x2508  \Device\Harddisk0\DR0\Partition5 - ok
12:24:13.0517 0x2508  [ 21FA2730E96401AC3336B7407B6FCF25 ] \Device\Harddisk0\DR0\Partition6
12:24:13.0519 0x2508  \Device\Harddisk0\DR0\Partition6 - ok
12:24:13.0519 0x2508  ================ Scan generic autorun ======================
12:24:13.0549 0x2508  [ 49BD5663071AA799AC0B1E6B48EB9257, 39364B7E08C87545B4E48264509D73800FE5B0A76E34E0B169DA489895820B22 ] C:\Program Files\IDT\WDM\beats64.exe
12:24:13.0551 0x2508  BeatsOSDApp - ok
12:24:13.0596 0x2508  [ 94BFCE236D6340011721470E394056E3, 42A7808F6C53C268354E9E47F0689FE2B4717F61E97CBAA0ABF33E0275B908EF ] C:\Program Files\IDT\WDM\sttray64.exe
12:24:13.0616 0x2508  SysTrayApp - ok
12:24:13.0804 0x2508  [ 1539331FFDB2D977BFF14F5737F5063E, 29C6CDEDA01D406BEE2B6E06CC42491A9EA89E45751D92DB4A2E9C017527B44A ] C:\Program Files\Logitech Gaming Software\LCore.exe
12:24:13.0890 0x2508  Launch LCore - ok
12:24:13.0921 0x2508  [ C89FAB42CD5FD672506031D941529A74, EAB2BC06BBA552A9506F9E1B537E95AC0A839616764C0F9D5ADCD7527DC7AA4B ] C:\windows\SYSTEM32\WerFault.exe
12:24:13.0929 0x2508  *WerKernelReporting - ok
12:24:13.0992 0x2508  [ BDF02FD9CE2760046F7021D73E795FDE, 5A505A88F88C1D142C1509BE7A2492A0EA51F92D91B683EF53DFE192BF03A8B3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
12:24:14.0005 0x2508  StartCCC - ok
12:24:14.0071 0x2508  [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
12:24:14.0074 0x2508  CLMLServer_For_P2G8 - ok
12:24:14.0096 0x2508  [ B35B97FC934A9A7D02232094128CD636, 08F9E36F7DB86325986712210DF1B235DAC4F76FB599D2756E863A9FAFEBD57B ] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
12:24:14.0103 0x2508  CLVirtualDrive - ok
12:24:14.0205 0x2508  [ 82E9ECACEA799EDD4FD554E14A1838F3, E9E99D387C0204671F36317B812FA97D277B3BC1F7281B907040963C685968E4 ] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
12:24:14.0229 0x2508  BATINDICATOR - ok
12:24:14.0253 0x2508  [ F0DC5AFA79FB54A6B5425735E3FFBBE2, 16D161C4D54FC49E6C175FC0292D78AA37131CF11290135829DF1447C6B52BB4 ] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe
12:24:14.0260 0x2508  BATINDICATORHL - ok
12:24:14.0342 0x2508  [ 547DD95D50865FD628FEF018B9B2E878, 62305BD8EB58505E9669C47D2BECB20E004C8078BAC4B3B44C3141D4839981DC ] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
12:24:14.0364 0x2508  OSDTool - ok
12:24:14.0412 0x2508  [ C26B09276755E0698B31CF0BAE0BF182, A95B567626C0573DF0F136818AA7E487BC4995552E9B7A041437539E49B99473 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:24:14.0414 0x2508  APSDaemon - ok
12:24:14.0459 0x2508  [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
12:24:14.0463 0x2508  iTunesHelper - ok
12:24:14.0594 0x2508  [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
12:24:14.0663 0x2508  AvastUI.exe - ok
12:24:14.0731 0x2508  [ 8AC10EC7431ABCB52A74CC9236907EB7, 40C1354165EDE1503D078C1274A9BA0B02C80B2628EB8BF663A23A87760B9C17 ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
12:24:14.0744 0x2508  CanonQuickMenu - ok
12:24:14.0779 0x2508  [ 6B53177248AC5327FFB5CB2D5C500C94, 2F03DA955BF63BDCA979B76B263FBE4EB1BA2A76476EF0D9145E66CAB781C67C ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
12:24:14.0786 0x2508  IJNetworkScannerSelectorEX - ok
12:24:14.0790 0x2508  GrpConv - ok
12:24:14.0848 0x2508  [ 9DECF401AE4CB834D89957BDBF484068, 084056EAA068F88B6168566F14D315F2AD35F2202B18CFC5F88A466C154210A3 ] C:\Program Files\AVAST Software\Avast\setup\emupdate\0a5626b7-54ff-490c-9d25-22eeb56b74c5.exe
12:24:14.0854 0x2508  20150107 - ok
12:24:14.0861 0x2508  Report - ok
12:24:14.0948 0x2508  [ D213F06AE294341F3503FD74E22E7DDA, 57CD0D08BADAA0CAB4FA7BB2ABEEF1AADCB87A798937696B9E3431C1B793B869 ] C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
12:24:14.0955 0x2508  SkyDrive - ok
12:24:14.0992 0x2508  [ BF93A2F9901E9B3DFCA8A7982F4A9868, 858A5766A2DE54A6908A2CA30DD5983790B8C63614A455292613B129877223E9 ] C:\windows\system32\cmd.exe
12:24:14.0998 0x2508  Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64 - ok
12:24:15.0011 0x2508  [ BF93A2F9901E9B3DFCA8A7982F4A9868, 858A5766A2DE54A6908A2CA30DD5983790B8C63614A455292613B129877223E9 ] C:\windows\system32\cmd.exe
12:24:15.0018 0x2508  Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828 - ok
12:24:15.0030 0x2508  [ BF93A2F9901E9B3DFCA8A7982F4A9868, 858A5766A2DE54A6908A2CA30DD5983790B8C63614A455292613B129877223E9 ] C:\windows\system32\cmd.exe
12:24:15.0035 0x2508  Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64 - ok
12:24:15.0044 0x2508  [ BF93A2F9901E9B3DFCA8A7982F4A9868, 858A5766A2DE54A6908A2CA30DD5983790B8C63614A455292613B129877223E9 ] C:\windows\system32\cmd.exe
12:24:15.0049 0x2508  Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314 - ok
12:24:15.0050 0x2508  Waiting for KSN requests completion. In queue: 58
12:24:16.0051 0x2508  Waiting for KSN requests completion. In queue: 58
12:24:17.0051 0x2508  Waiting for KSN requests completion. In queue: 58
12:24:18.0080 0x2508  AV detected via SS2: Emsisoft Internet Security, C:\PROGRAM FILES (X86)\EMSISOFT INTERNET SECURITY\a2start.exe ( 9.0.0.5066 ), 0x40010 ( disabled : outofdate )
12:24:18.0088 0x2508  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
12:24:18.0090 0x2508  FW detected via SS2: Emsisoft Internet Security, C:\PROGRAM FILES (X86)\EMSISOFT INTERNET SECURITY\a2start.exe ( 9.0.0.5066 ), 0x40010 ( disabled )
12:24:18.0102 0x2508  Win FW state via NFP2: enabled
12:24:20.0475 0x2508  ============================================================
12:24:20.0475 0x2508  Scan finished
12:24:20.0475 0x2508  ============================================================
12:24:20.0487 0x1240  Detected object count: 0
12:24:20.0487 0x1240  Actual detected object count: 0
         
__________________
Gruss
R4BBIT

9 von 10 Personen mögen Bier...die 10. lügt

Alt 05.06.2015, 11:44   #5
M-K-D-B
/// TB-Ausbilder
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?



Servus,



Zukünftig bitte beachten:
Zitat:
Running from C:\Users\Fabian.PC_Fabian\Desktop\Bereinigung
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.


Alt 05.06.2015, 12:33   #6
R4BBIT
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?



Oh sorry...

Hab dir hier nochmals die Logs:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by AdminFabian (administrator) on PC_FABIAN on 05-06-2015 13:32:30
Running from C:\Users\Fabian.PC_Fabian\Desktop
Loaded Profiles: AdminFabian & Fabian (Available Profiles: AdminFabian & Fabian)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Fabian.PC_Fabian\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-07-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe [2068992 2011-12-14] (Hewlett-Packard)
HKLM-x32\...\Run: [BATINDICATORHL] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe [557056 2010-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [OSDTool] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe [2101248 2012-06-13] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [439488 2013-07-09] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\0a5626b7-54ff-490c-9d25-22eeb56b74c5.exe [183232 2015-05-25] (AVAST Software)
HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S2].txt
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\Run: [SkyDrive] => C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-12-07] (Microsoft Corporation)
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\RunOnce: [Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\RunOnce: [Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\RunOnce: [Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\RunOnce: [Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\MountPoints2: {3c35e8d1-db21-11e2-be85-4c72b97327ec} - "L:\LaunchU3.exe" -a
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\MountPoints2: {75e0df4f-7aae-11e2-be79-4c72b97327ec} - "K:\laucher.exe" 
Startup: C:\Users\Fabian.PC_Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2013-03-02]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/35
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/35
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/35
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/35
HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/35
HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/35
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.janosch-nietlispach.ch/news
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/35
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKLM -> {622E8319-E326-408F-826B-3134D29BE474} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1005 -> {622E8319-E326-408F-826B-3134D29BE474} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1005 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> DefaultScope {F7DD2BAC-CB4E-4503-BA16-78C70DB4B011} URL = https://www.google.ch/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {622E8319-E326-408F-826B-3134D29BE474} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {F7DD2BAC-CB4E-4503-BA16-78C70DB4B011} URL = https://www.google.ch/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2013-02-06] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-22] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2013-02-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2013-02-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2013-02-06] (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-1392978341-1441607686-3862372307-1005 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2013-02-06] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1392978341-1441607686-3862372307-1006: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-06]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe [5020520 2015-03-24] (Emsisoft GmbH)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-15] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1855064 2012-11-23] (Microsoft Corporation)
R2 PnkBstrA; C:\windows\system32\PnkBstrA.exe [76152 2014-10-03] ()
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2015-02-06] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-10] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-22] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-22] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-03] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 epp64; C:\Windows\System32\DRIVERS\epp64.sys [135800 2015-03-24] (Emsisoft GmbH)
R3 fwndis; C:\Windows\system32\DRIVERS\fwndis64.sys [491632 2015-01-01] ()
R1 fwwfp; C:\Program Files (x86)\Emsisoft Internet Security\fwwfp764.sys [414936 2015-01-01] ()
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\windows\system32\drivers\rzpmgrk.sys [37184 2014-12-10] (Razer, Inc.)
R2 rzpnk; C:\windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 12:23 - 2015-06-05 12:23 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Fabian.PC_Fabian\Desktop\tdsskiller.exe
2015-06-05 12:20 - 2015-06-05 13:32 - 00021396 _____ C:\Users\Fabian.PC_Fabian\Desktop\FRST.txt
2015-06-05 12:20 - 2015-06-05 12:20 - 02108928 _____ (Farbar) C:\Users\Fabian.PC_Fabian\Desktop\FRST64.exe
2015-06-03 10:08 - 2015-06-03 10:08 - 00280008 _____ C:\windows\Minidump\060315-21078-01.dmp
2015-06-01 20:46 - 2015-06-01 20:46 - 00280008 _____ C:\windows\Minidump\060115-21750-01.dmp
2015-05-19 17:31 - 2015-05-19 17:31 - 00280008 _____ C:\windows\Minidump\051915-21312-01.dmp
2015-05-19 11:58 - 2015-05-19 11:58 - 00016676 _____ C:\Users\Fabian.PC_Fabian\Desktop\Feedbackfragen Jubla Cham.dat
2015-05-13 20:26 - 2015-05-13 20:26 - 00280008 _____ C:\windows\Minidump\051315-20593-01.dmp
2015-05-12 17:27 - 2015-05-12 17:27 - 00280008 _____ C:\windows\Minidump\051215-17562-01.dmp
2015-05-07 17:33 - 2015-05-07 17:34 - 00280008 _____ C:\windows\Minidump\050715-27140-01.dmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 13:32 - 2015-04-30 19:45 - 00000000 ____D C:\FRST
2015-06-05 13:30 - 2013-02-02 17:50 - 01153292 _____ C:\windows\WindowsUpdate.log
2015-06-05 13:29 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\sru
2015-06-05 13:29 - 2012-07-26 09:59 - 00000000 ____D C:\windows\CbsTemp
2015-06-05 11:23 - 2015-03-16 21:16 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-05 11:13 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\NDF
2015-06-05 10:53 - 2013-02-05 21:31 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1392978341-1441607686-3862372307-1006
2015-06-04 18:04 - 2013-08-11 19:48 - 00000000 ____D C:\windows\system32\MRT
2015-06-04 18:02 - 2013-02-02 19:33 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-06-04 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\windows\AUInstallAgent
2015-06-03 10:13 - 2012-10-23 19:37 - 00724412 _____ C:\windows\system32\perfh007.dat
2015-06-03 10:13 - 2012-10-23 19:37 - 00163214 _____ C:\windows\system32\perfc007.dat
2015-06-03 10:13 - 2012-07-26 09:28 - 01734152 _____ C:\windows\system32\PerfStringBackup.INI
2015-06-03 10:09 - 2015-03-31 20:10 - 00000000 ____D C:\Program Files (x86)\Emsisoft Internet Security
2015-06-03 10:09 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-06-03 10:08 - 2013-10-31 21:06 - 668381772 _____ C:\windows\MEMORY.DMP
2015-06-03 10:08 - 2013-10-23 21:17 - 00000000 ____D C:\windows\Minidump
2015-05-25 20:30 - 2013-12-09 21:11 - 00000000 ____D C:\Users\Fabian.PC_Fabian\AppData\Roaming\TS3Client
2015-05-19 18:04 - 2013-02-16 21:06 - 00549888 ___SH C:\Users\Fabian.PC_Fabian\Desktop\Thumbs.db
2015-05-19 17:32 - 2013-02-06 22:21 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-05-19 12:08 - 2013-02-05 21:25 - 00000000 ____D C:\Users\Fabian.PC_Fabian\AppData\Local\Packages
2015-05-07 17:33 - 2012-08-01 19:02 - 00737506 _____ C:\windows\PFRO.log

==================== Files in the root of some directories =======

2013-02-02 18:13 - 2013-02-02 18:13 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Some files in TEMP:
====================
C:\Users\AdminFabian\AppData\Local\Temp\Quarantine.exe
C:\Users\AdminFabian\AppData\Local\Temp\sqlite3.dll
C:\Users\Fabian.PC_Fabian\AppData\Local\Temp\i4jdel0.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 21:01

==================== End of log ============================
         
--- --- ---


[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by AdminFabian at 2015-06-05 13:33:01
Running from C:\Users\Fabian.PC_Fabian\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

AdminFabian (S-1-5-21-1392978341-1441607686-3862372307-1005 - Administrator - Enabled) => C:\Users\AdminFabian
Administrator (S-1-5-21-1392978341-1441607686-3862372307-500 - Administrator - Disabled)
Fabian (S-1-5-21-1392978341-1441607686-3862372307-1006 - Limited - Enabled) => C:\Users\Fabian.PC_Fabian
Gast (S-1-5-21-1392978341-1441607686-3862372307-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1392978341-1441607686-3862372307-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Internet Security (Disabled - Out of date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Internet Security (Disabled - Out of date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Emsisoft Internet Security (Disabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{BF821093-CFD3-EC1B-B357-6817EE34E5C7}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG7100 series Benutzerregistrierung (HKLM-x32\...\Canon MG7100 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Emsisoft Internet Security (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd.)
eTax.zug 2014 nP 1.3.0 (HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\8452-4068-1171-2815) (Version: 1.3.0 - Information Factory AG)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Keyboard (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.5.0.7 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{FF27F674-821E-4BA2-985B-DDF539C2CD03}) (Version: 7.0.33.6 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{86FD8326-909D-45F5-BB61-0619D0D31293}) (Version: 11.50.0011 - Hewlett-Packard Company)
HydraVision (x32 Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
NWZ-E450 WALKMAN Guide (HKLM-x32\...\{0A6C2811-AD29-473F-8086-F0B401276DEC}) (Version: 2.1.0.17210 - Sony Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.0.0 - Ralink)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.)
RecImgManager (HKLM-x32\...\{1ECC3992-5E46-4A3B-823F-4228D5B05A83}) (Version: 2.0.26222 - SlimWare Utilities, Inc.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamSpeak 3 Client (HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

04-05-2015 20:58:43 Geplanter Prüfpunkt
04-06-2015 17:03:23 Geplanter Prüfpunkt

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2015-03-23 19:52 - 00000855 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E1975F3-5D81-4CA8-8E07-168E2CD1DF5D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2012-08-15] (Hewlett-Packard Company)
Task: {5F63D142-E881-4C1E-A6BB-D4956C70E5A0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-22] (Avast Software s.r.o.)
Task: {74BEDB4E-487E-4F08-808D-3CD98A22F124} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {97A056F4-107F-4DB8-8E61-3264A3A8DDBD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-06-04] (Microsoft Corporation)
Task: {E0CF2BA3-882C-4D8E-9580-68B42A1AA8D2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {F6E24018-619A-4763-9815-BEF6CF60CD7C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {F7C59E27-327A-406B-8FAB-A1B6132D4BA3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)

==================== Loaded Modules (Whitelisted) ==============

2013-02-05 23:21 - 2012-11-10 11:28 - 00382544 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-02-05 23:21 - 2012-11-23 19:07 - 00513600 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-02-05 23:21 - 2012-11-23 19:07 - 00607296 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-04-10 17:46 - 2015-02-06 20:08 - 00076152 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2014-12-10 00:22 - 2014-12-10 00:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2012-08-29 11:02 - 2012-08-29 11:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-12-19 05:22 - 2014-12-19 05:22 - 00290816 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2015-04-22 18:20 - 2015-04-22 18:20 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-22 18:20 - 2015-04-22 18:20 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-01 20:47 - 2015-06-01 20:47 - 02951680 _____ () C:\Program Files\AVAST Software\Avast\defs\15060101\algo.dll
2015-06-05 11:52 - 2015-06-05 11:52 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060500\algo.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-10-23 10:52 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-10-23 10:58 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-10-23 10:59 - 2009-02-19 18:22 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\WMINPUT.DLL
2015-04-22 18:20 - 2015-04-22 18:20 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-29 23:26 - 2014-11-26 04:12 - 40622592 _____ () C:\Users\Fabian.PC_Fabian\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2014-12-19 05:22 - 2014-12-19 05:22 - 00192512 _____ () C:\ProgramData\Razer\Synapse\RzStats\RigWrapper.dll
2015-01-29 23:26 - 2014-11-26 04:12 - 00911360 _____ () C:\Users\Fabian.PC_Fabian\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2015-01-29 23:26 - 2014-11-26 04:12 - 00134144 _____ () C:\Users\Fabian.PC_Fabian\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Fabian.PC_Fabian\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\StartupApproved\Run: => "RESTART_STICKY_NOTES"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\StartupApproved\Run: => "SkyDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FBB1C137-790B-486B-A9C9-27B435B298F9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{293ABFA0-F8E4-4BEE-989D-E9F5BB71FA8D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FF3D2D61-C87A-4D43-9E52-1D6ABDD4012F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3F2898FF-636E-494A-A285-C5E36AF9CFB5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C008179C-4E73-43B3-AE1F-761536965182}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{D559845D-EA90-49AC-AA22-87A9048E0C3F}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{B90066BF-D10D-4365-B161-3D91EABEC775}] => (Allow) C:\Users\AdminFabian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{2DFB5855-1A34-43A2-BA35-A329FC85E85C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{18FCFA59-65A8-4E08-AFF7-D175F3A69EB5}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{5DEA5977-AAE4-4705-9CBE-A522CEDE88E6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{89579F59-EFB0-4DCB-9C86-C2F2213A110A}] => (Allow) LPort=2869
FirewallRules: [{5F8EE66C-73FF-4440-ACC8-26DEF876E66E}] => (Allow) LPort=1900
FirewallRules: [{DB8A88AE-0600-4295-88EC-70C0BC252A00}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{05F57B78-2520-4FA8-AE37-EED4AA648917}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{7E4CE3E0-E0A1-4ADF-BB67-48FEF13A388F}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{EAC1CAEE-90CA-4D75-A471-EF0E268AFF38}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [{EF607449-0DA6-4A67-916B-36757CB05CD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [{E5A994C9-B85E-42E6-BBFB-1BF6E259E16C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [TCP Query User{9A101C02-AFA2-4EE8-9018-012E365F5DE4}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe] => (Block) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe
FirewallRules: [UDP Query User{ED0CF3BB-BC4A-42C6-95CF-60F7B18D1A31}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe] => (Block) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe
FirewallRules: [TCP Query User{46220C03-5BE5-4E16-87E1-4644B21A49CF}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{FF72C7FF-F4E0-47F5-A1E0-ED12B2EC0FEE}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{2516AA43-DAD4-47EE-9345-8B815227CA08}] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{658CEDA9-859B-4117-8EA9-8DB4A7CE1EB4}] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{25B7CD5D-C18C-429B-B8B9-BE64640530EC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B433DBEC-8EA6-45B9-8863-060CE099D8CC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A8BDCF14-4299-4204-AF95-DC0772D6620B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{56E884CE-DB2E-45A7-A827-87BB7B549121}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4B47B08A-E461-45C5-87F3-0A8F0F53A797}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CEEF249C-ED01-4EEE-81C3-0C4FF075B9AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FB00654F-36F9-4054-A5FC-D3F89A90DE62}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{397D4BAD-B323-4520-A472-DE71F8919AAF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{D5B95690-0429-4F20-9608-EC3E19DAFCFA}] => (Allow) LPort=53000
FirewallRules: [{17BE0B20-3434-447A-8B20-3C78433103F2}] => (Allow) LPort=52000

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/04/2015 10:05:34 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Der Wert von "First Counter" unter dem Schlüssel "usbperf\Performance" kann nicht gelesen werden. Statuscodes wurden in den Daten zurückgegeben.

Error: (06/04/2015 10:03:20 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Der Wert von "First Counter" unter dem Schlüssel "usbperf\Performance" kann nicht gelesen werden. Statuscodes wurden in den Daten zurückgegeben.

Error: (06/04/2015 06:06:45 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Der Wert von "First Counter" unter dem Schlüssel "usbperf\Performance" kann nicht gelesen werden. Statuscodes wurden in den Daten zurückgegeben.

Error: (06/04/2015 06:04:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: usbhubC:\windows\system32\usbperf.dll8

Error: (06/04/2015 06:04:31 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Der Wert von "First Counter" unter dem Schlüssel "usbperf\Performance" kann nicht gelesen werden. Statuscodes wurden in den Daten zurückgegeben.

Error: (06/04/2015 06:04:31 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Spooler8

Error: (06/04/2015 06:04:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: RemoteAccessC:\Windows\System32\rasctrs.dll8

Error: (06/04/2015 06:04:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (06/03/2015 10:10:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.17267, Zeitstempel: 0x54e7f156
Name des fehlerhaften Moduls: KERNEL32.dll, Version: 6.2.9200.16859, Zeitstempel: 0x53118550
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00026185
ID des fehlerhaften Prozesses: 0x17b4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (06/03/2015 10:09:35 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz   konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet.   0x0.


System errors:
=============
Error: (06/03/2015 00:07:10 PM) (Source: DCOM) (EventID: 10016) (User: PC_Fabian)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}PC_FabianFabianS-1-5-21-1392978341-1441607686-3862372307-1006LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (06/03/2015 10:09:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/03/2015 10:09:13 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (06/03/2015 10:08:47 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (06/03/2015 10:08:59 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000139 (0x0000000000000003, 0xfffff880049d81e0, 0xfffff880049d8138, 0x0000000000000000)C:\windows\MEMORY.DMP060315-21078-01

Error: (06/03/2015 10:08:57 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎02.‎06.‎2015 um 21:19:13 unerwartet heruntergefahren.

Error: (06/03/2015 10:08:36 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212254731067200

Error: (06/01/2015 09:12:36 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PC_BRIGITTE",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{A8851342-14E7-401D-B490-4A2FE92AFB41}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (06/01/2015 08:47:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/01/2015 08:46:45 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.


Microsoft Office:
=========================
Error: (06/04/2015 10:05:34 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: 

Error: (06/04/2015 10:03:20 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: 

Error: (06/04/2015 06:06:45 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: 

Error: (06/04/2015 06:04:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: usbhubC:\windows\system32\usbperf.dll8

Error: (06/04/2015 06:04:31 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: 

Error: (06/04/2015 06:04:31 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Spooler8

Error: (06/04/2015 06:04:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: RemoteAccessC:\Windows\System32\rasctrs.dll8

Error: (06/04/2015 06:04:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (06/03/2015 10:10:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.1726754e7f156KERNEL32.dll6.2.9200.1685953118550c00000050002618517b401d09dd4b8abcf66C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\windows\SYSTEM32\KERNEL32.dll03bf193d-09c8-11e5-bee8-4c72b97327ec

Error: (06/03/2015 10:09:35 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet.   0x0


CodeIntegrity Errors:
===================================
  Date: 2015-06-04 16:58:14.038
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-04 16:58:10.789
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-04 16:58:09.252
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-04 16:58:07.802
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-04 16:58:00.266
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:24.467
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:22.008
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:20.557
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:19.329
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:18.112
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 13%
Total physical RAM: 16323.54 MB
Available physical RAM: 14054 MB
Total Pagefile: 32707.54 MB
Available Pagefile: 29740.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1000.11 GB) (Free:815.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.98 GB) (Free:1.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive j: (Daten) (Fixed) (Total:849.45 GB) (Free:742.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 0ABD2367)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---
__________________
--> PC hängt wiedermal...Kann das jemand anschauen?

Alt 05.06.2015, 12:34   #7
R4BBIT
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?



Code:
ATTFilter
13:34:15.0405 0x28c8  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
13:34:15.0405 0x28c8  UEFI system
13:34:18.0188 0x28c8  ============================================================
13:34:18.0188 0x28c8  Current date / time: 2015/06/05 13:34:18.0188
13:34:18.0188 0x28c8  SystemInfo:
13:34:18.0188 0x28c8  
13:34:18.0188 0x28c8  OS Version: 6.2.9200 ServicePack: 0.0
13:34:18.0188 0x28c8  Product type: Workstation
13:34:18.0188 0x28c8  ComputerName: PC_FABIAN
13:34:18.0188 0x28c8  UserName: AdminFabian
13:34:18.0188 0x28c8  Windows directory: C:\windows
13:34:18.0188 0x28c8  System windows directory: C:\windows
13:34:18.0188 0x28c8  Running under WOW64
13:34:18.0188 0x28c8  Processor architecture: Intel x64
13:34:18.0188 0x28c8  Number of processors: 8
13:34:18.0188 0x28c8  Page size: 0x1000
13:34:18.0188 0x28c8  Boot type: Normal boot
13:34:18.0188 0x28c8  ============================================================
13:34:19.0011 0x28c8  KLMD registered as C:\windows\system32\drivers\37421580.sys
13:34:19.0274 0x28c8  System UUID: {83CE8489-8F97-CC38-5DD8-4E9939A49D5C}
13:34:19.0634 0x28c8  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:34:19.0657 0x28c8  ============================================================
13:34:19.0657 0x28c8  \Device\Harddisk0\DR0:
13:34:19.0658 0x28c8  GPT partitions:
13:34:19.0658 0x28c8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BED31882-643C-4352-B77F-C687397A3BE2}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1FF800
13:34:19.0658 0x28c8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {B50EB2F0-5FDC-463D-83C3-63561A00B356}, Name: EFI system partition, StartLBA 0x200000, BlocksNum 0xB4000
13:34:19.0658 0x28c8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {D6A7DE4A-1193-4266-B231-8667AD6C5D81}, Name: Microsoft reserved partition, StartLBA 0x2B4000, BlocksNum 0x40000
13:34:19.0658 0x28c8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {74381645-92D0-4AD3-A3C4-BD6607EEEA62}, Name: Basic data partition, StartLBA 0x2F4000, BlocksNum 0x7D039000
13:34:19.0658 0x28c8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {735E67CD-C6AC-494E-91BA-655C8F24CE3F}, Name: Basic data partition, StartLBA 0x7D32D000, BlocksNum 0x6A2E7000
13:34:19.0658 0x28c8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F99BCA9C-5D3D-4C24-981D-E53B267E60B0}, Name: Basic data partition, StartLBA 0xE7614800, BlocksNum 0x17F4000
13:34:19.0658 0x28c8  MBR partitions:
13:34:19.0658 0x28c8  ============================================================
13:34:19.0678 0x28c8  C: <-> \Device\Harddisk0\DR0\Partition4
13:34:19.0724 0x28c8  D: <-> \Device\Harddisk0\DR0\Partition6
13:34:19.0761 0x28c8  J: <-> \Device\Harddisk0\DR0\Partition5
13:34:19.0761 0x28c8  ============================================================
13:34:19.0761 0x28c8  Initialize success
13:34:19.0761 0x28c8  ============================================================
13:34:20.0907 0x22c0  ============================================================
13:34:20.0907 0x22c0  Scan started
13:34:20.0907 0x22c0  Mode: Manual; 
13:34:20.0907 0x22c0  ============================================================
13:34:20.0907 0x22c0  KSN ping started
13:34:23.0359 0x22c0  KSN ping finished: true
13:34:24.0396 0x22c0  ================ Scan system memory ========================
13:34:24.0396 0x22c0  System memory - ok
13:34:24.0397 0x22c0  ================ Scan services =============================
13:34:24.0519 0x22c0  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
13:34:24.0526 0x22c0  1394ohci - ok
13:34:24.0560 0x22c0  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\windows\system32\drivers\3ware.sys
13:34:24.0562 0x22c0  3ware - ok
13:34:24.0700 0x22c0  [ BFC9B9FDFDEA8DFA86239ED8F961528E, 98795D536710199752859FFA623F823EA5690DBC66A711EAA30995C27B45D0EC ] a2AntiMalware   C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe
13:34:24.0754 0x22c0  a2AntiMalware - ok
13:34:24.0777 0x22c0  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\windows\system32\drivers\ACPI.sys
13:34:24.0781 0x22c0  ACPI - ok
13:34:24.0793 0x22c0  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\windows\system32\Drivers\acpiex.sys
13:34:24.0794 0x22c0  acpiex - ok
13:34:24.0804 0x22c0  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
13:34:24.0805 0x22c0  acpipagr - ok
13:34:24.0810 0x22c0  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
13:34:24.0811 0x22c0  AcpiPmi - ok
13:34:24.0821 0x22c0  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\windows\System32\drivers\acpitime.sys
13:34:24.0822 0x22c0  acpitime - ok
13:34:24.0850 0x22c0  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
13:34:24.0862 0x22c0  adp94xx - ok
13:34:24.0880 0x22c0  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\windows\system32\drivers\adpahci.sys
13:34:24.0886 0x22c0  adpahci - ok
13:34:24.0901 0x22c0  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\windows\system32\drivers\adpu320.sys
13:34:24.0904 0x22c0  adpu320 - ok
13:34:24.0922 0x22c0  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
13:34:24.0924 0x22c0  AeLookupSvc - ok
13:34:24.0952 0x22c0  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD             C:\windows\system32\drivers\afd.sys
13:34:24.0959 0x22c0  AFD - ok
13:34:24.0978 0x22c0  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\windows\system32\drivers\agp440.sys
13:34:24.0979 0x22c0  agp440 - ok
13:34:25.0013 0x22c0  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\windows\System32\alg.exe
13:34:25.0014 0x22c0  ALG - ok
13:34:25.0050 0x22c0  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
13:34:25.0052 0x22c0  AllUserInstallAgent - ok
13:34:25.0117 0x22c0  [ E14F7B22FD0BD5FAA8C885C64690965D, B50217D1C23AF191389B9A335270A2B6254B8A3035BFCAFE4A5F7DB0FDBD7DF6 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
13:34:25.0124 0x22c0  AMD External Events Utility - ok
13:34:25.0155 0x22c0  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\windows\System32\drivers\amdk8.sys
13:34:25.0157 0x22c0  AmdK8 - ok
13:34:25.0655 0x22c0  [ F931C2ED6C8294909C10657DCB9A9A4E, 7A9CEA4ADF31C5C93F0FE433A78817FAEE57DB737D8FC4F6A0E53F1D527EA10F ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
13:34:25.0763 0x22c0  amdkmdag - ok
13:34:25.0781 0x22c0  [ 0D481A7FE3A66724DC11AD8A4E417A9A, 85726C7AC933ABD5ADE7A508E7C114BA512795F6BDC53663521AE66C27231527 ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
13:34:25.0785 0x22c0  amdkmdap - ok
13:34:25.0798 0x22c0  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
13:34:25.0799 0x22c0  AmdPPM - ok
13:34:25.0813 0x22c0  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\windows\system32\drivers\amdsata.sys
13:34:25.0814 0x22c0  amdsata - ok
13:34:25.0823 0x22c0  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
13:34:25.0826 0x22c0  amdsbs - ok
13:34:25.0836 0x22c0  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\windows\system32\drivers\amdxata.sys
13:34:25.0836 0x22c0  amdxata - ok
13:34:25.0868 0x22c0  [ 823F34D1DEF120A657BB7529ABF4461F, C56D6614F6B3DA13DF7F6AC6B70ACA39D1DB146F7324CF96029CA038C3063DB3 ] AppHostSvc      C:\windows\system32\inetsrv\apphostsvc.dll
13:34:25.0869 0x22c0  AppHostSvc - ok
13:34:25.0877 0x22c0  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\windows\system32\drivers\appid.sys
13:34:25.0879 0x22c0  AppID - ok
13:34:25.0885 0x22c0  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\windows\System32\appidsvc.dll
13:34:25.0886 0x22c0  AppIDSvc - ok
13:34:25.0918 0x22c0  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\windows\System32\appinfo.dll
13:34:25.0919 0x22c0  Appinfo - ok
13:34:25.0966 0x22c0  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:34:25.0967 0x22c0  Apple Mobile Device - ok
13:34:25.0976 0x22c0  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\windows\system32\drivers\arc.sys
13:34:25.0977 0x22c0  arc - ok
13:34:25.0987 0x22c0  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\windows\system32\drivers\arcsas.sys
13:34:25.0988 0x22c0  arcsas - ok
13:34:26.0041 0x22c0  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:34:26.0042 0x22c0  aspnet_state - ok
13:34:26.0060 0x22c0  [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid         C:\windows\system32\drivers\aswHwid.sys
13:34:26.0061 0x22c0  aswHwid - ok
13:34:26.0074 0x22c0  [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
13:34:26.0075 0x22c0  aswMonFlt - ok
13:34:26.0087 0x22c0  [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr          C:\windows\system32\drivers\aswRdr2.sys
13:34:26.0088 0x22c0  aswRdr - ok
13:34:26.0100 0x22c0  [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt         C:\windows\system32\drivers\aswRvrt.sys
13:34:26.0101 0x22c0  aswRvrt - ok
13:34:26.0132 0x22c0  [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
13:34:26.0143 0x22c0  aswSnx - ok
13:34:26.0162 0x22c0  [ B1368BE5F6BA529E0886F4DA2361BD2D, B95F430B4E4EFE9D257870722AA8F0507FB96FBE3AAB12068C662CCB6A180FE2 ] aswSP           C:\windows\system32\drivers\aswSP.sys
13:34:26.0167 0x22c0  aswSP - ok
13:34:26.0179 0x22c0  [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm          C:\windows\system32\drivers\aswStm.sys
13:34:26.0181 0x22c0  aswStm - ok
13:34:26.0201 0x22c0  [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm          C:\windows\system32\drivers\aswVmm.sys
13:34:26.0205 0x22c0  aswVmm - ok
13:34:26.0216 0x22c0  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
13:34:26.0216 0x22c0  AsyncMac - ok
13:34:26.0241 0x22c0  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\windows\system32\drivers\atapi.sys
13:34:26.0242 0x22c0  atapi - ok
13:34:26.0267 0x22c0  [ 98A9D78AF74B2C7D27465029D389F567, 12EF8D3A7A9F27230A965D44DA4BD5692CF3F0A4183A822E226AC6722A35F4C4 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW86.sys
13:34:26.0268 0x22c0  AtiHDAudioService - ok
13:34:26.0308 0x22c0  [ 8FB10919E1283FD108334FDBFB173574, EAD11C6FA884AAC9E8534C267E9B1D2EAB1F2A396EACC900525465A2AEAB84D3 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
13:34:26.0310 0x22c0  AudioEndpointBuilder - ok
13:34:26.0425 0x22c0  [ 463E7457227E970CB249031AEAE7902C, 2F627BC558E5764592B08269F3EE4C6ECD544904963312A60F5B0C0B9C8C5D32 ] Audiosrv        C:\windows\System32\Audiosrv.dll
13:34:26.0435 0x22c0  Audiosrv - ok
13:34:26.0504 0x22c0  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:34:26.0508 0x22c0  avast! Antivirus - ok
13:34:26.0518 0x22c0  AvastVBoxSvc - ok
13:34:26.0532 0x22c0  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\windows\System32\AxInstSV.dll
13:34:26.0534 0x22c0  AxInstSV - ok
13:34:26.0571 0x22c0  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
13:34:26.0578 0x22c0  b06bdrv - ok
13:34:26.0588 0x22c0  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
13:34:26.0589 0x22c0  BasicDisplay - ok
13:34:26.0597 0x22c0  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
13:34:26.0598 0x22c0  BasicRender - ok
13:34:26.0633 0x22c0  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\windows\System32\bdesvc.dll
13:34:26.0636 0x22c0  BDESVC - ok
13:34:26.0650 0x22c0  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\windows\system32\drivers\Beep.sys
13:34:26.0651 0x22c0  Beep - ok
13:34:26.0689 0x22c0  [ C72AB32F7EFCA677AF079F4336BC1609, 90FF653027709ADB674B2D4240E398E7A64D2079CBF56E3983008D92FA12EA0D ] BFE             C:\windows\System32\bfe.dll
13:34:26.0697 0x22c0  BFE - ok
13:34:26.0732 0x22c0  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\windows\System32\qmgr.dll
13:34:26.0743 0x22c0  BITS - ok
13:34:26.0774 0x22c0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:34:26.0779 0x22c0  Bonjour Service - ok
13:34:26.0790 0x22c0  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
13:34:26.0791 0x22c0  bowser - ok
13:34:26.0813 0x22c0  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
13:34:26.0815 0x22c0  BrokerInfrastructure - ok
13:34:26.0829 0x22c0  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\windows\System32\browser.dll
13:34:26.0831 0x22c0  Browser - ok
13:34:26.0843 0x22c0  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
13:34:26.0844 0x22c0  BthAvrcpTg - ok
13:34:26.0869 0x22c0  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
13:34:26.0870 0x22c0  BthHFEnum - ok
13:34:26.0892 0x22c0  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
13:34:26.0893 0x22c0  bthhfhid - ok
13:34:26.0907 0x22c0  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
13:34:26.0908 0x22c0  BTHMODEM - ok
13:34:26.0926 0x22c0  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\windows\system32\bthserv.dll
13:34:26.0928 0x22c0  bthserv - ok
13:34:26.0936 0x22c0  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
13:34:26.0938 0x22c0  cdfs - ok
13:34:26.0952 0x22c0  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\windows\System32\drivers\cdrom.sys
13:34:26.0954 0x22c0  cdrom - ok
13:34:27.0024 0x22c0  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\windows\System32\certprop.dll
13:34:27.0030 0x22c0  CertPropSvc - ok
13:34:27.0051 0x22c0  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\windows\System32\drivers\circlass.sys
13:34:27.0052 0x22c0  circlass - ok
13:34:27.0084 0x22c0  [ 94250D5AE3E7269DB29BCF96E07F21A6, 538C6CDCD193AABDE40CC25220528F8F80AEF828C46D8660234CB0E592B607CB ] CLFS            C:\windows\system32\drivers\CLFS.sys
13:34:27.0094 0x22c0  CLFS - ok
13:34:27.0126 0x22c0  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\windows\system32\DRIVERS\CLVirtualDrive.sys
13:34:27.0128 0x22c0  CLVirtualDrive - ok
13:34:27.0142 0x22c0  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
13:34:27.0142 0x22c0  CmBatt - ok
13:34:27.0169 0x22c0  [ 711E2E14AF1FC883AA6251FCE196DC1E, AF1EF693C5C2F08C40CCC3C56F72F6840559CCFBC26F2235C20A3478A8CE95E6 ] CNG             C:\windows\system32\Drivers\cng.sys
13:34:27.0176 0x22c0  CNG - ok
13:34:27.0188 0x22c0  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
13:34:27.0189 0x22c0  CompositeBus - ok
13:34:27.0191 0x22c0  COMSysApp - ok
13:34:27.0201 0x22c0  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\windows\system32\drivers\condrv.sys
13:34:27.0202 0x22c0  condrv - ok
13:34:27.0219 0x22c0  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\windows\system32\cryptsvc.dll
13:34:27.0221 0x22c0  CryptSvc - ok
13:34:27.0247 0x22c0  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\windows\system32\drivers\dam.sys
13:34:27.0249 0x22c0  dam - ok
13:34:27.0272 0x22c0  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\windows\system32\rpcss.dll
13:34:27.0284 0x22c0  DcomLaunch - ok
13:34:27.0310 0x22c0  [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc       C:\windows\System32\defragsvc.dll
13:34:27.0315 0x22c0  defragsvc - ok
13:34:27.0330 0x22c0  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\windows\system32\das.dll
13:34:27.0335 0x22c0  DeviceAssociationService - ok
13:34:27.0359 0x22c0  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
13:34:27.0363 0x22c0  DeviceInstall - ok
13:34:27.0387 0x22c0  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
13:34:27.0389 0x22c0  Dfsc - ok
13:34:27.0414 0x22c0  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\windows\system32\dhcpcore.dll
13:34:27.0419 0x22c0  Dhcp - ok
13:34:27.0427 0x22c0  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\windows\system32\drivers\discache.sys
13:34:27.0428 0x22c0  discache - ok
13:34:27.0447 0x22c0  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\windows\system32\drivers\disk.sys
13:34:27.0449 0x22c0  disk - ok
13:34:27.0460 0x22c0  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
13:34:27.0461 0x22c0  dmvsc - ok
13:34:27.0483 0x22c0  [ B9450BC3F1820A99D010D7426BCA60E9, FC7C35A0C522E5DA52B0616CF99F4903EAC14946180A18A8D8A0FF555BAA87C5 ] Dnscache        C:\windows\System32\dnsrslvr.dll
13:34:27.0486 0x22c0  Dnscache - ok
13:34:27.0502 0x22c0  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\windows\System32\dot3svc.dll
13:34:27.0506 0x22c0  dot3svc - ok
13:34:27.0523 0x22c0  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\windows\system32\dps.dll
13:34:27.0526 0x22c0  DPS - ok
13:34:27.0552 0x22c0  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
13:34:27.0553 0x22c0  drmkaud - ok
13:34:27.0580 0x22c0  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
13:34:27.0583 0x22c0  DsmSvc - ok
13:34:27.0623 0x22c0  [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
13:34:27.0654 0x22c0  DXGKrnl - ok
13:34:27.0680 0x22c0  [ 651FBD69A9713D623D456A240F96179C, 22A1F306B454EF9C84D25EF266F3ED0E1D896B1F5BE60170E79F37F2DBCA59F4 ] e1iexpress      C:\windows\system32\DRIVERS\e1i63x64.sys
13:34:27.0684 0x22c0  e1iexpress - ok
13:34:27.0706 0x22c0  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\windows\System32\eapsvc.dll
13:34:27.0708 0x22c0  Eaphost - ok
13:34:27.0769 0x22c0  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\windows\system32\drivers\evbda.sys
13:34:27.0803 0x22c0  ebdrv - ok
13:34:27.0833 0x22c0  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS             C:\windows\System32\lsass.exe
13:34:27.0835 0x22c0  EFS - ok
13:34:27.0846 0x22c0  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
13:34:27.0848 0x22c0  EhStorClass - ok
13:34:27.0857 0x22c0  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
13:34:27.0859 0x22c0  EhStorTcgDrv - ok
13:34:27.0876 0x22c0  [ CA4ADE6C3929B70317BFDDF9ABBFE0CE, 824F3D26FDFBA38A5191C78E68379D48C915FB6F82BD353A1D5416537F8A0A42 ] epp64           C:\windows\system32\DRIVERS\epp64.sys
13:34:27.0878 0x22c0  epp64 - ok
13:34:27.0888 0x22c0  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\windows\System32\drivers\errdev.sys
13:34:27.0888 0x22c0  ErrDev - ok
13:34:27.0922 0x22c0  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\windows\system32\es.dll
13:34:27.0929 0x22c0  EventSystem - ok
13:34:27.0947 0x22c0  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\windows\system32\drivers\exfat.sys
13:34:27.0949 0x22c0  exfat - ok
13:34:27.0957 0x22c0  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\windows\system32\drivers\fastfat.sys
13:34:27.0959 0x22c0  fastfat - ok
13:34:27.0990 0x22c0  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\windows\system32\fxssvc.exe
13:34:27.0998 0x22c0  Fax - ok
13:34:28.0010 0x22c0  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\windows\System32\drivers\fdc.sys
13:34:28.0011 0x22c0  fdc - ok
13:34:28.0018 0x22c0  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\windows\system32\fdPHost.dll
13:34:28.0019 0x22c0  fdPHost - ok
13:34:28.0023 0x22c0  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\windows\system32\fdrespub.dll
13:34:28.0025 0x22c0  FDResPub - ok
13:34:28.0042 0x22c0  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\windows\system32\fhsvc.dll
13:34:28.0044 0x22c0  fhsvc - ok
13:34:28.0069 0x22c0  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
13:34:28.0070 0x22c0  FileInfo - ok
13:34:28.0077 0x22c0  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
13:34:28.0078 0x22c0  Filetrace - ok
13:34:28.0091 0x22c0  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
13:34:28.0091 0x22c0  flpydisk - ok
13:34:28.0109 0x22c0  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
13:34:28.0113 0x22c0  FltMgr - ok
13:34:28.0154 0x22c0  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\windows\system32\FntCache.dll
13:34:28.0169 0x22c0  FontCache - ok
13:34:28.0206 0x22c0  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:34:28.0207 0x22c0  FontCache3.0.0.0 - ok
13:34:28.0221 0x22c0  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
13:34:28.0222 0x22c0  FsDepends - ok
13:34:28.0237 0x22c0  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
13:34:28.0237 0x22c0  Fs_Rec - ok
13:34:28.0265 0x22c0  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
13:34:28.0270 0x22c0  fvevol - ok
13:34:28.0298 0x22c0  [ 155871C89E9FA12B3668D457A22311B8, 3B3255DF79A1BB1D6CD2D03DAED028FC825565192523AD92D2445CAB3300D2C9 ] fwndis          C:\windows\system32\DRIVERS\fwndis64.sys
13:34:28.0304 0x22c0  fwndis - ok
13:34:28.0332 0x22c0  [ 879C4DA34219BA4F83456E6F7876A6BC, 3CBEF4142A27E66807CCBEF61A2730E3F9B83857A78D0CF8A7D99BF4AF152380 ] fwwfp           C:\Program Files (x86)\Emsisoft Internet Security\fwwfp764.sys
13:34:28.0337 0x22c0  fwwfp - ok
13:34:28.0355 0x22c0  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
13:34:28.0355 0x22c0  FxPPM - ok
13:34:28.0364 0x22c0  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
13:34:28.0365 0x22c0  gagp30kx - ok
13:34:28.0395 0x22c0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\windows\system32\DRIVERS\GEARAspiWDM.sys
13:34:28.0396 0x22c0  GEARAspiWDM - ok
13:34:28.0407 0x22c0  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
13:34:28.0407 0x22c0  gencounter - ok
13:34:28.0429 0x22c0  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
13:34:28.0431 0x22c0  GPIOClx0101 - ok
13:34:28.0459 0x22c0  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\windows\System32\gpsvc.dll
13:34:28.0475 0x22c0  gpsvc - ok
13:34:28.0504 0x22c0  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
13:34:28.0508 0x22c0  HdAudAddService - ok
13:34:28.0531 0x22c0  [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
13:34:28.0534 0x22c0  HDAudBus - ok
13:34:28.0557 0x22c0  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
13:34:28.0559 0x22c0  HidBatt - ok
13:34:28.0586 0x22c0  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\windows\System32\drivers\hidbth.sys
13:34:28.0589 0x22c0  HidBth - ok
13:34:28.0616 0x22c0  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
13:34:28.0618 0x22c0  hidi2c - ok
13:34:28.0637 0x22c0  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\windows\System32\drivers\hidir.sys
13:34:28.0639 0x22c0  HidIr - ok
13:34:28.0670 0x22c0  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\windows\system32\hidserv.dll
13:34:28.0674 0x22c0  hidserv - ok
13:34:28.0696 0x22c0  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\windows\System32\drivers\hidusb.sys
13:34:28.0697 0x22c0  HidUsb - ok
13:34:28.0720 0x22c0  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\windows\system32\kmsvc.dll
13:34:28.0726 0x22c0  hkmsvc - ok
13:34:28.0762 0x22c0  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:34:28.0772 0x22c0  HomeGroupListener - ok
13:34:28.0811 0x22c0  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:34:28.0820 0x22c0  HomeGroupProvider - ok
13:34:28.0871 0x22c0  [ E1C037A7E05FD39E6C1AF93CEEFDC53A, D20B056BE5CEB5D471170D6627157D8848376FF319BFE12C7331B0F2C0EBB4A4 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
13:34:28.0874 0x22c0  HP Support Assistant Service - ok
13:34:28.0904 0x22c0  [ E2550FBBBA31E2D4F9757E0A533689F0, 0AE6B0D89E74E57F87A6431D005BFF4213AC4C98A74A7C796894FC2A8D42E0DD ] HPConnectedRemote c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
13:34:28.0905 0x22c0  HPConnectedRemote - ok
13:34:28.0936 0x22c0  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
13:34:28.0947 0x22c0  hpqwmiex - ok
13:34:28.0965 0x22c0  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
13:34:28.0966 0x22c0  HpSAMD - ok
13:34:28.0996 0x22c0  [ DF2D5FB7E9964C7E626ABE86ADA8C108, A0229405777513A6A1C5BDAA19C9FB837671B7BDA8DE2E4BA54443D041E297C4 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
13:34:28.0997 0x22c0  HPSupportSolutionsFrameworkService - ok
13:34:29.0035 0x22c0  [ 258A9103842E36CD27D07D5A1F6D2A23, 883E797263DB0A971C5FDDB588AAE041DD1021F079A891E8AA4525799C795B04 ] HTTP            C:\windows\system32\drivers\HTTP.sys
13:34:29.0045 0x22c0  HTTP - ok
13:34:29.0059 0x22c0  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
13:34:29.0059 0x22c0  hwpolicy - ok
13:34:29.0069 0x22c0  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
13:34:29.0070 0x22c0  hyperkbd - ok
13:34:29.0087 0x22c0  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
13:34:29.0087 0x22c0  HyperVideo - ok
13:34:29.0102 0x22c0  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
13:34:29.0103 0x22c0  i8042prt - ok
13:34:29.0135 0x22c0  [ 459016E8A4FA6426EDB5A9456A6E5E58, 92B73EE5559ABD8783EC5AF8A2B6EBDE0D937745B4BEDBEA6DF06DD8606AE56C ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
13:34:29.0142 0x22c0  iaStorA - ok
13:34:29.0160 0x22c0  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
13:34:29.0165 0x22c0  iaStorV - ok
13:34:29.0371 0x22c0  [ 83915E05E168AB63B48302F7DC5D8E00, CD7300A5FFD5A8CE47690CDC1223F4693C536D5667F842CA457CC8716AA3F618 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
13:34:29.0482 0x22c0  igfx - ok
13:34:29.0511 0x22c0  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
13:34:29.0512 0x22c0  iirsp - ok
13:34:29.0550 0x22c0  [ 644D7E4EAC8D5CE757435FA98A7BDA50, 7C91F6E75B148E69BF701F0152CDBF8FB94009935EE97F5208560E1E8FEDA4DB ] IKEEXT          C:\windows\System32\ikeext.dll
13:34:29.0564 0x22c0  IKEEXT - ok
13:34:29.0616 0x22c0  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
13:34:29.0631 0x22c0  Intel(R) Capability Licensing Service Interface - ok
13:34:29.0655 0x22c0  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:34:29.0657 0x22c0  Intel(R) ME Service - ok
13:34:29.0668 0x22c0  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\windows\system32\drivers\intelide.sys
13:34:29.0668 0x22c0  intelide - ok
13:34:29.0694 0x22c0  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\windows\System32\drivers\intelppm.sys
13:34:29.0695 0x22c0  intelppm - ok
13:34:29.0715 0x22c0  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
13:34:29.0717 0x22c0  IpFilterDriver - ok
13:34:29.0748 0x22c0  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
13:34:29.0759 0x22c0  iphlpsvc - ok
13:34:29.0784 0x22c0  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
13:34:29.0786 0x22c0  IPMIDRV - ok
13:34:29.0794 0x22c0  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
13:34:29.0796 0x22c0  IPNAT - ok
13:34:29.0829 0x22c0  [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:34:29.0836 0x22c0  iPod Service - ok
13:34:29.0853 0x22c0  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\windows\system32\drivers\irenum.sys
13:34:29.0853 0x22c0  IRENUM - ok
13:34:29.0862 0x22c0  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\windows\system32\drivers\isapnp.sys
13:34:29.0862 0x22c0  isapnp - ok
13:34:29.0887 0x22c0  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
13:34:29.0891 0x22c0  iScsiPrt - ok
13:34:29.0901 0x22c0  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:34:29.0903 0x22c0  jhi_service - ok
13:34:29.0916 0x22c0  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
13:34:29.0917 0x22c0  kbdclass - ok
13:34:29.0931 0x22c0  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
13:34:29.0932 0x22c0  kbdhid - ok
13:34:29.0941 0x22c0  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
13:34:29.0941 0x22c0  kdnic - ok
13:34:29.0949 0x22c0  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\windows\system32\lsass.exe
13:34:29.0951 0x22c0  KeyIso - ok
13:34:29.0968 0x22c0  [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
13:34:29.0969 0x22c0  KSecDD - ok
13:34:29.0991 0x22c0  [ 0EB535ADDC065F2D0CBFC089630A6065, F6DD544227A5B7A0C80E401EB5461963567A24834C60AF520FBABC1A9FB4E631 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
13:34:29.0993 0x22c0  KSecPkg - ok
13:34:30.0007 0x22c0  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
13:34:30.0007 0x22c0  ksthunk - ok
13:34:30.0032 0x22c0  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\windows\system32\msdtckrm.dll
13:34:30.0037 0x22c0  KtmRm - ok
13:34:30.0060 0x22c0  [ CBD16721541EE334F6D623CE0B4003BF, DE2C6345B2051AD4C3A3F3AB89AB63AE58A0BA6AB0BCB6B0DFCE6BCD0E8E9519 ] L1C             C:\windows\system32\DRIVERS\L1C63x64.sys
13:34:30.0061 0x22c0  L1C - ok
13:34:30.0083 0x22c0  [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\windows\system32\DRIVERS\ladfGSCamd64.sys
13:34:30.0088 0x22c0  LADF_CaptureOnly - ok
13:34:30.0103 0x22c0  [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\windows\system32\DRIVERS\ladfGSRamd64.sys
13:34:30.0104 0x22c0  LADF_RenderOnly - ok
13:34:30.0133 0x22c0  [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer    C:\windows\system32\srvsvc.dll
13:34:30.0138 0x22c0  LanmanServer - ok
13:34:30.0156 0x22c0  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:34:30.0161 0x22c0  LanmanWorkstation - ok
13:34:30.0190 0x22c0  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\windows\system32\drivers\LGBusEnum.sys
13:34:30.0191 0x22c0  LGBusEnum - ok
13:34:30.0213 0x22c0  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\windows\system32\drivers\LGVirHid.sys
13:34:30.0213 0x22c0  LGVirHid - ok
13:34:30.0218 0x22c0  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
13:34:30.0219 0x22c0  lltdio - ok
13:34:30.0233 0x22c0  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\windows\System32\lltdsvc.dll
13:34:30.0238 0x22c0  lltdsvc - ok
13:34:30.0245 0x22c0  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\windows\System32\lmhsvc.dll
13:34:30.0247 0x22c0  lmhosts - ok
13:34:30.0268 0x22c0  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:34:30.0271 0x22c0  LMS - ok
13:34:30.0302 0x22c0  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
13:34:30.0303 0x22c0  LSI_SAS - ok
13:34:30.0315 0x22c0  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
13:34:30.0317 0x22c0  LSI_SAS2 - ok
13:34:30.0332 0x22c0  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
13:34:30.0333 0x22c0  LSI_SCSI - ok
13:34:30.0344 0x22c0  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
13:34:30.0346 0x22c0  LSI_SSS - ok
13:34:30.0397 0x22c0  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM             C:\windows\System32\lsm.dll
13:34:30.0403 0x22c0  LSM - ok
13:34:30.0418 0x22c0  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\windows\system32\drivers\luafv.sys
13:34:30.0420 0x22c0  luafv - ok
13:34:30.0424 0x22c0  MBAMSwissArmy - ok
13:34:30.0439 0x22c0  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\windows\system32\drivers\megasas.sys
13:34:30.0440 0x22c0  megasas - ok
13:34:30.0455 0x22c0  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
13:34:30.0459 0x22c0  MegaSR - ok
13:34:30.0509 0x22c0  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\windows\System32\drivers\HECIx64.sys
13:34:30.0512 0x22c0  MEIx64 - ok
13:34:30.0541 0x22c0  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\windows\system32\mmcss.dll
13:34:30.0546 0x22c0  MMCSS - ok
13:34:30.0580 0x22c0  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\windows\system32\drivers\modem.sys
13:34:30.0582 0x22c0  Modem - ok
13:34:30.0630 0x22c0  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\windows\System32\drivers\monitor.sys
13:34:30.0632 0x22c0  monitor - ok
13:34:30.0662 0x22c0  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\windows\System32\drivers\mouclass.sys
13:34:30.0664 0x22c0  mouclass - ok
13:34:30.0697 0x22c0  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\windows\System32\drivers\mouhid.sys
13:34:30.0698 0x22c0  mouhid - ok
13:34:30.0740 0x22c0  [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
13:34:30.0743 0x22c0  mountmgr - ok
13:34:30.0786 0x22c0  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
13:34:30.0789 0x22c0  mpsdrv - ok
13:34:30.0925 0x22c0  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\windows\system32\mpssvc.dll
13:34:30.0950 0x22c0  MpsSvc - ok
13:34:31.0007 0x22c0  [ 25560C1656DC7F0723A0CC0B0E1C6BED, 17E8565B833ED58CCB6F85B90A42553464C4408C54006E019AA5641EDB682E31 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
13:34:31.0009 0x22c0  MRxDAV - ok
13:34:31.0033 0x22c0  [ 14EE56050E1637926F5CFA65B1F4209B, C654280B4BB461898B43DF350B5BB76C2FDEBD6B49A19D08B2F28D92E2FA3D0D ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
13:34:31.0037 0x22c0  mrxsmb - ok
13:34:31.0052 0x22c0  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
13:34:31.0056 0x22c0  mrxsmb10 - ok
13:34:31.0109 0x22c0  [ 0AA400AB21745F1153ECE75E0186509A, E26696A00008BB8D88ABED6F379FFFAE21ACE9AA7108D9E89A7D99CAF2F23FEF ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
13:34:31.0115 0x22c0  mrxsmb20 - ok
13:34:31.0162 0x22c0  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
13:34:31.0166 0x22c0  MsBridge - ok
13:34:31.0206 0x22c0  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\windows\System32\msdtc.exe
13:34:31.0213 0x22c0  MSDTC - ok
13:34:31.0251 0x22c0  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\windows\system32\drivers\Msfs.sys
13:34:31.0253 0x22c0  Msfs - ok
13:34:31.0306 0x22c0  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
13:34:31.0308 0x22c0  msgpiowin32 - ok
13:34:31.0340 0x22c0  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
13:34:31.0341 0x22c0  mshidkmdf - ok
13:34:31.0367 0x22c0  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
13:34:31.0369 0x22c0  mshidumdf - ok
13:34:31.0400 0x22c0  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
13:34:31.0402 0x22c0  msisadrv - ok
13:34:31.0450 0x22c0  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\windows\system32\iscsiexe.dll
13:34:31.0457 0x22c0  MSiSCSI - ok
13:34:31.0465 0x22c0  msiserver - ok
13:34:31.0493 0x22c0  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
13:34:31.0494 0x22c0  MSKSSRV - ok
13:34:31.0526 0x22c0  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
13:34:31.0527 0x22c0  MsLldp - ok
13:34:31.0542 0x22c0  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
13:34:31.0542 0x22c0  MSPCLOCK - ok
13:34:31.0564 0x22c0  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
13:34:31.0565 0x22c0  MSPQM - ok
13:34:31.0588 0x22c0  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
13:34:31.0605 0x22c0  MsRPC - ok
13:34:31.0629 0x22c0  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
13:34:31.0629 0x22c0  mssmbios - ok
13:34:31.0652 0x22c0  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
13:34:31.0652 0x22c0  MSTEE - ok
13:34:31.0662 0x22c0  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
13:34:31.0662 0x22c0  MTConfig - ok
13:34:31.0673 0x22c0  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\windows\system32\Drivers\mup.sys
13:34:31.0675 0x22c0  Mup - ok
13:34:31.0701 0x22c0  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\windows\system32\drivers\mvumis.sys
13:34:31.0702 0x22c0  mvumis - ok
13:34:31.0833 0x22c0  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\windows\system32\qagentRT.dll
13:34:31.0848 0x22c0  napagent - ok
13:34:31.0931 0x22c0  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
13:34:31.0941 0x22c0  NativeWifiP - ok
13:34:31.0979 0x22c0  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\windows\System32\ncasvc.dll
13:34:31.0984 0x22c0  NcaSvc - ok
13:34:32.0008 0x22c0  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
13:34:32.0012 0x22c0  NcdAutoSetup - ok
13:34:32.0139 0x22c0  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\windows\system32\drivers\ndis.sys
13:34:32.0156 0x22c0  NDIS - ok
13:34:32.0175 0x22c0  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
13:34:32.0176 0x22c0  NdisCap - ok
13:34:32.0205 0x22c0  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
13:34:32.0207 0x22c0  NdisImPlatform - ok
13:34:32.0259 0x22c0  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
13:34:32.0261 0x22c0  NdisTapi - ok
13:34:32.0298 0x22c0  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
13:34:32.0300 0x22c0  Ndisuio - ok
13:34:32.0322 0x22c0  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
13:34:32.0327 0x22c0  NdisWan - ok
13:34:32.0350 0x22c0  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
13:34:32.0353 0x22c0  NDISWANLEGACY - ok
13:34:32.0383 0x22c0  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
13:34:32.0385 0x22c0  NDProxy - ok
13:34:32.0419 0x22c0  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\windows\system32\drivers\Ndu.sys
13:34:32.0421 0x22c0  Ndu - ok
13:34:32.0448 0x22c0  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
13:34:32.0449 0x22c0  NetBIOS - ok
13:34:32.0496 0x22c0  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
13:34:32.0501 0x22c0  NetBT - ok
13:34:32.0515 0x22c0  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\windows\system32\lsass.exe
13:34:32.0517 0x22c0  Netlogon - ok
13:34:32.0545 0x22c0  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\windows\System32\netman.dll
13:34:32.0550 0x22c0  Netman - ok
13:34:32.0617 0x22c0  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\windows\System32\netprofmsvc.dll
13:34:32.0631 0x22c0  netprofm - ok
13:34:32.0884 0x22c0  [ 735E4E58539FA0F0B96B7D9599C6C041, 43B603C7EF5B1819FC99776984326C5AA6D2915BA70E12E5366BB456D1F2B7E3 ] netr28x         C:\windows\system32\DRIVERS\netr28x.sys
13:34:32.0911 0x22c0  netr28x - ok
13:34:33.0069 0x22c0  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:34:33.0105 0x22c0  NetTcpPortSharing - ok
13:34:33.0130 0x22c0  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
13:34:33.0132 0x22c0  nfrd960 - ok
13:34:33.0201 0x22c0  [ 5177E35B186D2DED6F1EFF57BA61B975, B48C2E0FE2E95C37697107BDB8E0843D3E56200D2E242BF02E205C53978655D9 ] NlaSvc          C:\windows\System32\nlasvc.dll
13:34:33.0207 0x22c0  NlaSvc - ok
13:34:33.0253 0x22c0  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\windows\system32\drivers\Npfs.sys
13:34:33.0254 0x22c0  Npfs - ok
13:34:33.0283 0x22c0  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
13:34:33.0284 0x22c0  npsvctrig - ok
13:34:33.0340 0x22c0  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\windows\system32\nsisvc.dll
13:34:33.0342 0x22c0  nsi - ok
13:34:33.0364 0x22c0  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
13:34:33.0365 0x22c0  nsiproxy - ok
13:34:33.0448 0x22c0  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
13:34:33.0474 0x22c0  Ntfs - ok
13:34:33.0488 0x22c0  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\windows\system32\drivers\Null.sys
13:34:33.0489 0x22c0  Null - ok
13:34:33.0514 0x22c0  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\windows\system32\drivers\nvraid.sys
13:34:33.0516 0x22c0  nvraid - ok
13:34:33.0527 0x22c0  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\windows\system32\drivers\nvstor.sys
13:34:33.0529 0x22c0  nvstor - ok
13:34:33.0542 0x22c0  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
13:34:33.0544 0x22c0  nv_agp - ok
13:34:33.0611 0x22c0  [ 4E5989A0033E9805BC626A3B660362F6, E156AEB635D5ECB21B3906C5B49ADCA8212F677B1E447B4C97F4AB76E5A601EF ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
13:34:33.0631 0x22c0  OfficeSvc - ok
13:34:33.0672 0x22c0  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:34:33.0674 0x22c0  ose - ok
13:34:33.0697 0x22c0  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
13:34:33.0702 0x22c0  p2pimsvc - ok
13:34:33.0722 0x22c0  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\windows\system32\p2psvc.dll
13:34:33.0728 0x22c0  p2psvc - ok
13:34:33.0739 0x22c0  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\windows\System32\drivers\parport.sys
13:34:33.0741 0x22c0  Parport - ok
13:34:33.0759 0x22c0  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\windows\system32\drivers\partmgr.sys
13:34:33.0760 0x22c0  partmgr - ok
13:34:33.0831 0x22c0  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\windows\System32\pcasvc.dll
13:34:33.0846 0x22c0  PcaSvc - ok
13:34:33.0880 0x22c0  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\windows\system32\drivers\pci.sys
13:34:33.0884 0x22c0  pci - ok
13:34:33.0912 0x22c0  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\windows\system32\drivers\pciide.sys
13:34:33.0913 0x22c0  pciide - ok
13:34:33.0951 0x22c0  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
13:34:33.0958 0x22c0  pcmcia - ok
13:34:33.0979 0x22c0  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\windows\system32\drivers\pcw.sys
13:34:33.0981 0x22c0  pcw - ok
13:34:34.0010 0x22c0  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\windows\system32\drivers\pdc.sys
13:34:34.0012 0x22c0  pdc - ok
13:34:34.0126 0x22c0  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
13:34:34.0139 0x22c0  PEAUTH - ok
13:34:34.0525 0x22c0  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\windows\SysWow64\perfhost.exe
13:34:34.0529 0x22c0  PerfHost - ok
13:34:34.0704 0x22c0  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\windows\system32\pla.dll
13:34:34.0720 0x22c0  pla - ok
13:34:34.0758 0x22c0  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
13:34:34.0762 0x22c0  PlugPlay - ok
13:34:34.0804 0x22c0  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\windows\system32\PnkBstrA.exe
13:34:34.0811 0x22c0  PnkBstrA - ok
13:34:34.0840 0x22c0  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
13:34:34.0843 0x22c0  PNRPAutoReg - ok
13:34:34.0891 0x22c0  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
13:34:34.0904 0x22c0  PNRPsvc - ok
13:34:35.0010 0x22c0  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
13:34:35.0027 0x22c0  PolicyAgent - ok
13:34:35.0090 0x22c0  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\windows\system32\umpo.dll
13:34:35.0098 0x22c0  Power - ok
13:34:35.0154 0x22c0  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
13:34:35.0156 0x22c0  PptpMiniport - ok
13:34:35.0555 0x22c0  [ 3D312AC13CB8D05822E9EFD234766BA7, 5914CAA563FAE4E21AD58A262369657135D320788A56ABF15C9D77E9ADC4CA36 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
13:34:35.0584 0x22c0  PrintNotify - ok
13:34:35.0635 0x22c0  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\windows\System32\drivers\processr.sys
13:34:35.0638 0x22c0  Processor - ok
13:34:35.0692 0x22c0  [ 1D7127048413309629233B50BF2DD9A6, 918322AFDD576D9966961B111F5E38BDDB4278F9456E7AA1A3453EC8CAF4B8A8 ] ProfSvc         C:\windows\system32\profsvc.dll
13:34:35.0702 0x22c0  ProfSvc - ok
13:34:35.0777 0x22c0  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
13:34:35.0782 0x22c0  Psched - ok
13:34:35.0868 0x22c0  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\windows\system32\qwave.dll
13:34:35.0880 0x22c0  QWAVE - ok
13:34:35.0908 0x22c0  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
13:34:35.0910 0x22c0  QWAVEdrv - ok
13:34:35.0932 0x22c0  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
13:34:35.0933 0x22c0  RasAcd - ok
13:34:35.0966 0x22c0  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
13:34:35.0967 0x22c0  RasAgileVpn - ok
13:34:35.0996 0x22c0  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\windows\System32\rasauto.dll
13:34:36.0001 0x22c0  RasAuto - ok
13:34:36.0026 0x22c0  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
13:34:36.0029 0x22c0  Rasl2tp - ok
13:34:36.0078 0x22c0  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\windows\System32\rasmans.dll
13:34:36.0087 0x22c0  RasMan - ok
13:34:36.0110 0x22c0  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
13:34:36.0111 0x22c0  RasPppoe - ok
13:34:36.0139 0x22c0  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
13:34:36.0141 0x22c0  RasSstp - ok
13:34:36.0312 0x22c0  [ 71FF75BAE3D6E362BE3AD07E26C2D00A, 33F82F817AAAD585D47112A88BCC9DC2FB1B7AB8448EE140FA00FA520D8647A7 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
13:34:36.0317 0x22c0  Razer Game Scanner Service - ok
13:34:36.0388 0x22c0  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
13:34:36.0399 0x22c0  rdbss - ok
13:34:36.0437 0x22c0  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
13:34:36.0437 0x22c0  rdpbus - ok
13:34:36.0454 0x22c0  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
13:34:36.0457 0x22c0  RDPDR - ok
13:34:36.0488 0x22c0  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
13:34:36.0489 0x22c0  RdpVideoMiniport - ok
13:34:36.0509 0x22c0  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
13:34:36.0516 0x22c0  RDPWD - ok
13:34:36.0546 0x22c0  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
13:34:36.0550 0x22c0  rdyboost - ok
13:34:36.0584 0x22c0  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\windows\System32\mprdim.dll
13:34:36.0587 0x22c0  RemoteAccess - ok
13:34:36.0609 0x22c0  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\windows\system32\regsvc.dll
13:34:36.0613 0x22c0  RemoteRegistry - ok
13:34:36.0644 0x22c0  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
13:34:36.0647 0x22c0  RpcEptMapper - ok
13:34:36.0690 0x22c0  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\windows\system32\locator.exe
13:34:36.0692 0x22c0  RpcLocator - ok
13:34:36.0810 0x22c0  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\windows\system32\rpcss.dll
13:34:36.0821 0x22c0  RpcSs - ok
13:34:36.0842 0x22c0  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
13:34:36.0844 0x22c0  rspndr - ok
13:34:36.0882 0x22c0  [ 8295DB01432C1D1F3D0F4A27AB349730, 7FE8CC442829B8136A96E19F17070C29DA2C5F1B9EA2B5EBACCB965783F96356 ] rzendpt         C:\windows\System32\drivers\rzendpt.sys
13:34:36.0883 0x22c0  rzendpt - ok
13:34:36.0908 0x22c0  [ F17F84511E7DFDEEAB646F0699A006D7, 5237937841FBD1F99A5D6161DEBA26182DDAF617CA98946EE7DB0AB67FC149EA ] rzpmgrk         C:\windows\system32\drivers\rzpmgrk.sys
13:34:36.0909 0x22c0  rzpmgrk - ok
13:34:36.0933 0x22c0  [ FEF60A37301E1F5A3020FA3487FB2CD7, 0C925468C3376458D0E1EC65E097BD1A81A03901035C0195E8F6EF904EF3F901 ] rzpnk           C:\windows\system32\drivers\rzpnk.sys
13:34:36.0935 0x22c0  rzpnk - ok
13:34:36.0964 0x22c0  [ 77C5AB228FE307C55FEF0C575E218771, 73C9D4593DA694B2D52817F608E749296D9CC1C44906C97204595476B68AD50F ] rzudd           C:\windows\System32\drivers\rzudd.sys
13:34:36.0966 0x22c0  rzudd - ok
13:34:36.0990 0x22c0  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
13:34:36.0991 0x22c0  s3cap - ok
13:34:37.0015 0x22c0  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs           C:\windows\system32\lsass.exe
13:34:37.0017 0x22c0  SamSs - ok
13:34:37.0034 0x22c0  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
13:34:37.0036 0x22c0  sbp2port - ok
13:34:37.0052 0x22c0  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\windows\System32\SCardSvr.dll
13:34:37.0057 0x22c0  SCardSvr - ok
13:34:37.0066 0x22c0  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
13:34:37.0067 0x22c0  scfilter - ok
13:34:37.0116 0x22c0  [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule        C:\windows\system32\schedsvc.dll
13:34:37.0132 0x22c0  Schedule - ok
13:34:37.0163 0x22c0  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\windows\System32\certprop.dll
13:34:37.0166 0x22c0  SCPolicySvc - ok
13:34:37.0197 0x22c0  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\windows\System32\drivers\sdbus.sys
13:34:37.0200 0x22c0  sdbus - ok
13:34:37.0223 0x22c0  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\windows\System32\SDRSVC.dll
13:34:37.0227 0x22c0  SDRSVC - ok
13:34:37.0247 0x22c0  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\windows\System32\drivers\sdstor.sys
13:34:37.0248 0x22c0  sdstor - ok
13:34:37.0258 0x22c0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
13:34:37.0259 0x22c0  secdrv - ok
13:34:37.0283 0x22c0  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\windows\system32\seclogon.dll
13:34:37.0285 0x22c0  seclogon - ok
13:34:37.0310 0x22c0  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\windows\System32\sens.dll
13:34:37.0313 0x22c0  SENS - ok
13:34:37.0349 0x22c0  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\windows\system32\sensrsvc.dll
13:34:37.0353 0x22c0  SensrSvc - ok
13:34:37.0370 0x22c0  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\windows\system32\drivers\SerCx.sys
13:34:37.0371 0x22c0  SerCx - ok
13:34:37.0391 0x22c0  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\windows\System32\drivers\serenum.sys
13:34:37.0392 0x22c0  Serenum - ok
13:34:37.0412 0x22c0  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\windows\System32\drivers\serial.sys
13:34:37.0414 0x22c0  Serial - ok
13:34:37.0428 0x22c0  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\windows\System32\drivers\sermouse.sys
13:34:37.0429 0x22c0  sermouse - ok
13:34:37.0477 0x22c0  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\windows\system32\sessenv.dll
13:34:37.0482 0x22c0  SessionEnv - ok
13:34:37.0500 0x22c0  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
13:34:37.0500 0x22c0  sfloppy - ok
13:34:37.0563 0x22c0  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\windows\System32\ipnathlp.dll
13:34:37.0576 0x22c0  SharedAccess - ok
13:34:37.0621 0x22c0  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:34:37.0629 0x22c0  ShellHWDetection - ok
13:34:37.0640 0x22c0  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
13:34:37.0641 0x22c0  SiSRaid2 - ok
13:34:37.0683 0x22c0  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
13:34:37.0685 0x22c0  SiSRaid4 - ok
13:34:37.0707 0x22c0  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
13:34:37.0709 0x22c0  SNMPTRAP - ok
13:34:37.0753 0x22c0  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\windows\system32\drivers\spaceport.sys
13:34:37.0757 0x22c0  spaceport - ok
13:34:37.0769 0x22c0  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
13:34:37.0770 0x22c0  SpbCx - ok
13:34:37.0834 0x22c0  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\windows\System32\spoolsv.exe
13:34:37.0854 0x22c0  Spooler - ok
13:34:38.0244 0x22c0  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\windows\system32\sppsvc.exe
13:34:38.0298 0x22c0  sppsvc - ok
13:34:38.0351 0x22c0  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\windows\system32\DRIVERS\srv.sys
13:34:38.0362 0x22c0  srv - ok
13:34:38.0471 0x22c0  [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
13:34:38.0483 0x22c0  srv2 - ok
13:34:38.0504 0x22c0  [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
13:34:38.0507 0x22c0  srvnet - ok
13:34:38.0580 0x22c0  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
13:34:38.0592 0x22c0  SSDPSRV - ok
13:34:38.0617 0x22c0  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\windows\system32\sstpsvc.dll
13:34:38.0620 0x22c0  SstpSvc - ok
13:34:38.0700 0x22c0  [ 97F839E8AEC48EE271509BF4BC764C24, 7B9B791E987ADC8991C128CD52CB253F295E41DF502BF8933DF388994E84560D ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
13:34:38.0704 0x22c0  STacSV - ok
13:34:38.0734 0x22c0  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\windows\system32\drivers\stexstor.sys
13:34:38.0735 0x22c0  stexstor - ok
13:34:38.0799 0x22c0  [ 7E89F65EB250463EE8665CFE19566FC3, 45849BAFA62E72A97103C5F02962D346D3F79DE9DB07297D1073FF355A506D9C ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
13:34:38.0806 0x22c0  STHDA - ok
13:34:38.0843 0x22c0  [ F38F79114380246B6D40CD53FB2CA28D, 5F4001F6D97903DCBB2399B3AC36329A515823D44CDEE784613F2976398DB950 ] StillCam        C:\windows\System32\drivers\serscan.sys
13:34:38.0844 0x22c0  StillCam - ok
13:34:38.0894 0x22c0  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\windows\System32\wiaservc.dll
13:34:38.0907 0x22c0  stisvc - ok
13:34:38.0940 0x22c0  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\windows\system32\drivers\storahci.sys
13:34:38.0942 0x22c0  storahci - ok
13:34:38.0959 0x22c0  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
13:34:38.0960 0x22c0  storflt - ok
13:34:38.0978 0x22c0  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\windows\system32\storsvc.dll
13:34:38.0980 0x22c0  StorSvc - ok
13:34:38.0989 0x22c0  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\windows\system32\drivers\storvsc.sys
13:34:38.0990 0x22c0  storvsc - ok
13:34:39.0007 0x22c0  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\windows\system32\svsvc.dll
13:34:39.0010 0x22c0  svsvc - ok
13:34:39.0027 0x22c0  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\windows\System32\drivers\swenum.sys
13:34:39.0028 0x22c0  swenum - ok
13:34:39.0050 0x22c0  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\windows\System32\swprv.dll
13:34:39.0059 0x22c0  swprv - ok
13:34:39.0110 0x22c0  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\windows\system32\sysmain.dll
13:34:39.0127 0x22c0  SysMain - ok
13:34:39.0185 0x22c0  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
13:34:39.0195 0x22c0  SystemEventsBroker - ok
13:34:39.0237 0x22c0  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\windows\System32\TabSvc.dll
13:34:39.0244 0x22c0  TabletInputService - ok
13:34:39.0297 0x22c0  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\windows\System32\tapisrv.dll
13:34:39.0310 0x22c0  TapiSrv - ok
13:34:39.0452 0x22c0  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
13:34:39.0475 0x22c0  Tcpip - ok
13:34:39.0532 0x22c0  [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
13:34:39.0556 0x22c0  TCPIP6 - ok
13:34:39.0601 0x22c0  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
13:34:39.0602 0x22c0  tcpipreg - ok
13:34:39.0635 0x22c0  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
13:34:39.0636 0x22c0  tdx - ok
13:34:39.0658 0x22c0  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\windows\System32\drivers\terminpt.sys
13:34:39.0659 0x22c0  terminpt - ok
13:34:39.0752 0x22c0  [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService     C:\windows\System32\termsrv.dll
13:34:39.0773 0x22c0  TermService - ok
13:34:39.0802 0x22c0  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\windows\system32\themeservice.dll
13:34:39.0805 0x22c0  Themes - ok
13:34:39.0830 0x22c0  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\windows\system32\mmcss.dll
13:34:39.0833 0x22c0  THREADORDER - ok
13:34:39.0881 0x22c0  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
13:34:39.0885 0x22c0  TimeBroker - ok
13:34:39.0927 0x22c0  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\windows\system32\drivers\tpm.sys
13:34:39.0932 0x22c0  TPM - ok
13:34:39.0965 0x22c0  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\windows\System32\trkwks.dll
13:34:39.0970 0x22c0  TrkWks - ok
13:34:40.0054 0x22c0  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:34:40.0057 0x22c0  TrustedInstaller - ok
13:34:40.0085 0x22c0  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
13:34:40.0087 0x22c0  TsUsbFlt - ok
13:34:40.0108 0x22c0  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
13:34:40.0109 0x22c0  TsUsbGD - ok
13:34:40.0133 0x22c0  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
13:34:40.0136 0x22c0  tunnel - ok
13:34:40.0163 0x22c0  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\windows\system32\drivers\uagp35.sys
13:34:40.0165 0x22c0  uagp35 - ok
13:34:40.0184 0x22c0  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
13:34:40.0186 0x22c0  UASPStor - ok
13:34:40.0232 0x22c0  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
13:34:40.0234 0x22c0  UCX01000 - ok
13:34:40.0282 0x22c0  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
13:34:40.0286 0x22c0  udfs - ok
13:34:40.0334 0x22c0  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\windows\system32\UI0Detect.exe
13:34:40.0337 0x22c0  UI0Detect - ok
13:34:40.0356 0x22c0  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
13:34:40.0357 0x22c0  uliagpkx - ok
13:34:40.0378 0x22c0  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\windows\System32\drivers\umbus.sys
13:34:40.0379 0x22c0  umbus - ok
13:34:40.0399 0x22c0  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\windows\System32\drivers\umpass.sys
13:34:40.0400 0x22c0  UmPass - ok
13:34:40.0446 0x22c0  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\windows\System32\umrdp.dll
13:34:40.0451 0x22c0  UmRdpService - ok
13:34:40.0507 0x22c0  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:34:40.0517 0x22c0  UNS - ok
13:34:40.0542 0x22c0  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\windows\System32\upnphost.dll
13:34:40.0552 0x22c0  upnphost - ok
13:34:40.0592 0x22c0  [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64       C:\windows\System32\Drivers\usbaapl64.sys
13:34:40.0593 0x22c0  USBAAPL64 - ok
13:34:40.0622 0x22c0  [ 9E9F21FF91D7ECC0BCCB94D3FE52A959, 85461393D62ED939F6741C2D0A90C8AB34F4415173223BB4CFC119715D10E7A7 ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
13:34:40.0624 0x22c0  usbaudio - ok
13:34:40.0654 0x22c0  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
13:34:40.0656 0x22c0  usbccgp - ok
13:34:40.0673 0x22c0  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\windows\System32\drivers\usbcir.sys
13:34:40.0675 0x22c0  usbcir - ok
13:34:40.0687 0x22c0  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\windows\System32\drivers\usbehci.sys
13:34:40.0689 0x22c0  usbehci - ok
13:34:40.0764 0x22c0  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\windows\System32\drivers\usbhub.sys
13:34:40.0780 0x22c0  usbhub - ok
13:34:40.0838 0x22c0  [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
13:34:40.0850 0x22c0  USBHUB3 - ok
13:34:40.0872 0x22c0  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\windows\System32\drivers\usbohci.sys
13:34:40.0873 0x22c0  usbohci - ok
13:34:40.0902 0x22c0  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\windows\System32\drivers\usbprint.sys
13:34:40.0902 0x22c0  usbprint - ok
13:34:40.0938 0x22c0  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
13:34:40.0939 0x22c0  USBSTOR - ok
13:34:40.0966 0x22c0  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
13:34:40.0967 0x22c0  usbuhci - ok
13:34:41.0027 0x22c0  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
13:34:41.0036 0x22c0  USBXHCI - ok
13:34:41.0065 0x22c0  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\windows\system32\lsass.exe
13:34:41.0069 0x22c0  VaultSvc - ok
13:34:41.0209 0x22c0  VBoxAswDrv - ok
13:34:41.0260 0x22c0  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
13:34:41.0262 0x22c0  vdrvroot - ok
13:34:41.0325 0x22c0  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\windows\System32\vds.exe
13:34:41.0338 0x22c0  vds - ok
13:34:41.0359 0x22c0  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
13:34:41.0361 0x22c0  VerifierExt - ok
13:34:41.0412 0x22c0  [ D4051AA2ACD38AABF9DEC24B8A331EB1, 377D5DD98E4E09F3CCC330852F9FD9E4CC2069AE1A1C1AFBC90002FE3101708B ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
13:34:41.0420 0x22c0  vhdmp - ok
13:34:41.0444 0x22c0  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\windows\system32\drivers\viaide.sys
13:34:41.0445 0x22c0  viaide - ok
13:34:41.0479 0x22c0  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\windows\system32\drivers\vmbus.sys
13:34:41.0481 0x22c0  vmbus - ok
13:34:41.0498 0x22c0  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
13:34:41.0499 0x22c0  VMBusHID - ok
13:34:41.0532 0x22c0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\windows\System32\ICSvc.dll
13:34:41.0538 0x22c0  vmicheartbeat - ok
13:34:41.0549 0x22c0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\windows\System32\ICSvc.dll
13:34:41.0555 0x22c0  vmickvpexchange - ok
13:34:41.0577 0x22c0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\windows\System32\ICSvc.dll
13:34:41.0582 0x22c0  vmicrdv - ok
13:34:41.0619 0x22c0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\windows\System32\ICSvc.dll
13:34:41.0624 0x22c0  vmicshutdown - ok
13:34:41.0635 0x22c0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\windows\System32\ICSvc.dll
13:34:41.0640 0x22c0  vmictimesync - ok
13:34:41.0670 0x22c0  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\windows\System32\ICSvc.dll
13:34:41.0675 0x22c0  vmicvss - ok
13:34:41.0690 0x22c0  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\windows\system32\drivers\volmgr.sys
13:34:41.0691 0x22c0  volmgr - ok
13:34:41.0715 0x22c0  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
13:34:41.0719 0x22c0  volmgrx - ok
13:34:41.0764 0x22c0  [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap         C:\windows\system32\drivers\volsnap.sys
13:34:41.0768 0x22c0  volsnap - ok
13:34:41.0809 0x22c0  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\windows\System32\drivers\vpci.sys
13:34:41.0811 0x22c0  vpci - ok
13:34:41.0852 0x22c0  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
13:34:41.0854 0x22c0  vsmraid - ok
13:34:41.0948 0x22c0  [ FE37051171F3B90B18037FDBAC5B9D76, F220D71512E059F298F3CD958D69BE7225A8E8D492387347E75A0E615159782A ] VSS             C:\windows\system32\vssvc.exe
13:34:41.0966 0x22c0  VSS - ok
13:34:42.0003 0x22c0  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
13:34:42.0007 0x22c0  VSTXRAID - ok
13:34:42.0034 0x22c0  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
13:34:42.0035 0x22c0  vwifibus - ok
13:34:42.0059 0x22c0  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
13:34:42.0061 0x22c0  vwififlt - ok
13:34:42.0073 0x22c0  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
13:34:42.0074 0x22c0  vwifimp - ok
13:34:42.0134 0x22c0  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\windows\system32\w32time.dll
13:34:42.0140 0x22c0  W32Time - ok
13:34:42.0161 0x22c0  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\windows\System32\drivers\wacompen.sys
13:34:42.0162 0x22c0  WacomPen - ok
13:34:42.0195 0x22c0  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
13:34:42.0197 0x22c0  Wanarp - ok
13:34:42.0207 0x22c0  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
13:34:42.0209 0x22c0  Wanarpv6 - ok
13:34:42.0259 0x22c0  [ 901CC968412F8155B08D7ABE0171166A, D05A8E3D4D159546394E902C618D0583FE497B51C8F1C86D8E3B9E046819DD53 ] WAS             C:\windows\system32\inetsrv\iisw3adm.dll
13:34:42.0264 0x22c0  WAS - ok
13:34:42.0440 0x22c0  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\windows\system32\wbengine.exe
13:34:42.0460 0x22c0  wbengine - ok
13:34:42.0487 0x22c0  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
13:34:42.0493 0x22c0  WbioSrvc - ok
13:34:42.0548 0x22c0  [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc          C:\windows\System32\wcmsvc.dll
13:34:42.0560 0x22c0  Wcmsvc - ok
13:34:42.0610 0x22c0  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\windows\System32\wcncsvc.dll
13:34:42.0621 0x22c0  wcncsvc - ok
13:34:42.0659 0x22c0  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
13:34:42.0664 0x22c0  WcsPlugInService - ok
13:34:42.0710 0x22c0  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\windows\system32\drivers\wd.sys
13:34:42.0712 0x22c0  Wd - ok
13:34:42.0753 0x22c0  [ 5A416C253D2C50327928ABC4A1D8A0F2, A3A41F3E6229D86F85F68062BBEA38290FB78B3D3F0D8DF3B6C01FF5B93A9F16 ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
13:34:42.0755 0x22c0  WdBoot - ok
13:34:42.0824 0x22c0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
13:34:42.0836 0x22c0  Wdf01000 - ok
13:34:42.0864 0x22c0  [ 6FBA6CD2348DEC440D0C6D511C55F3FE, 0CB50B57D9C6E56B20FA8777540E2C8C5702753758075DA4C310A7B2B2F8A352 ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
13:34:42.0868 0x22c0  WdFilter - ok
13:34:42.0891 0x22c0  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\windows\system32\wdi.dll
13:34:42.0894 0x22c0  WdiServiceHost - ok
13:34:42.0903 0x22c0  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\windows\system32\wdi.dll
13:34:42.0906 0x22c0  WdiSystemHost - ok
13:34:42.0955 0x22c0  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\windows\System32\webclnt.dll
13:34:42.0967 0x22c0  WebClient - ok
13:34:42.0998 0x22c0  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\windows\system32\wecsvc.dll
13:34:43.0003 0x22c0  Wecsvc - ok
13:34:43.0032 0x22c0  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\windows\System32\wercplsupport.dll
13:34:43.0036 0x22c0  wercplsupport - ok
13:34:43.0079 0x22c0  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\windows\System32\WerSvc.dll
13:34:43.0083 0x22c0  WerSvc - ok
13:34:43.0122 0x22c0  [ 8FDA12E934C7BB7CC317F90FC70DC4FC, AA0DA063BCE5692DFD46F0AAE07727B38D4AA87A9BAEBAFF137F9CAAF2808EC0 ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
13:34:43.0124 0x22c0  WFPLWFS - ok
13:34:43.0137 0x22c0  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\windows\System32\wiarpc.dll
13:34:43.0141 0x22c0  WiaRpc - ok
13:34:43.0168 0x22c0  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
13:34:43.0169 0x22c0  WIMMount - ok
13:34:43.0210 0x22c0  WinDefend - ok
13:34:43.0282 0x22c0  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
13:34:43.0292 0x22c0  WinHttpAutoProxySvc - ok
13:34:43.0462 0x22c0  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
13:34:43.0469 0x22c0  Winmgmt - ok
13:34:43.0778 0x22c0  [ 89DA335401D956F2696E35A38817BE19, D5A8D5C0BE285564AB0DF1B4594FE612359C72BE3B64063C3460BB73AA34F413 ] WinRM           C:\windows\system32\WsmSvc.dll
13:34:43.0812 0x22c0  WinRM - ok
13:34:43.0858 0x22c0  [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
13:34:43.0859 0x22c0  WinUsb - ok
13:34:43.0974 0x22c0  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\windows\System32\wlansvc.dll
13:34:43.0991 0x22c0  WlanSvc - ok
13:34:44.0157 0x22c0  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\windows\system32\wlidsvc.dll
13:34:44.0180 0x22c0  wlidsvc - ok
13:34:44.0211 0x22c0  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
13:34:44.0211 0x22c0  WmiAcpi - ok
13:34:44.0257 0x22c0  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
13:34:44.0260 0x22c0  wmiApSrv - ok
13:34:44.0300 0x22c0  WMPNetworkSvc - ok
13:34:44.0335 0x22c0  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
13:34:44.0336 0x22c0  wpcfltr - ok
13:34:44.0362 0x22c0  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\windows\System32\wpcsvc.dll
13:34:44.0365 0x22c0  WPCSvc - ok
13:34:44.0388 0x22c0  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
13:34:44.0391 0x22c0  WPDBusEnum - ok
13:34:44.0410 0x22c0  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
13:34:44.0411 0x22c0  WpdUpFltr - ok
13:34:44.0443 0x22c0  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
13:34:44.0444 0x22c0  ws2ifsl - ok
13:34:44.0474 0x22c0  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\windows\System32\wscsvc.dll
13:34:44.0477 0x22c0  wscsvc - ok
13:34:44.0484 0x22c0  WSearch - ok
13:34:44.0606 0x22c0  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\windows\System32\WSService.dll
13:34:44.0634 0x22c0  WSService - ok
13:34:44.0900 0x22c0  [ C5B45464B98F211FE58AEE62CFF21F05, A0AB6142F35707102B75C9C29A749C7EB12CB6F5E85E6BA67C5B961AF7EB3BE8 ] wuauserv        C:\windows\system32\wuaueng.dll
13:34:44.0938 0x22c0  wuauserv - ok
13:34:44.0972 0x22c0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
13:34:44.0974 0x22c0  WudfPf - ok
13:34:45.0007 0x22c0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
13:34:45.0009 0x22c0  WUDFRd - ok
13:34:45.0031 0x22c0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
13:34:45.0035 0x22c0  wudfsvc - ok
13:34:45.0046 0x22c0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
13:34:45.0048 0x22c0  WUDFWpdFs - ok
13:34:45.0065 0x22c0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
13:34:45.0067 0x22c0  WUDFWpdMtp - ok
13:34:45.0125 0x22c0  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\windows\System32\wwansvc.dll
13:34:45.0141 0x22c0  WwanSvc - ok
13:34:45.0169 0x22c0  ================ Scan global ===============================
13:34:45.0209 0x22c0  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\windows\system32\basesrv.dll
13:34:45.0232 0x22c0  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\windows\system32\winsrv.dll
13:34:45.0259 0x22c0  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\windows\system32\sxssrv.dll
13:34:45.0284 0x22c0  [ B6AEF1771CCA54B67DA4932753F74124, 83A353CAC6111C16EB880345E7D89DC9D56F0A3C79F854A4BB7DBABF7270C29F ] C:\windows\system32\services.exe
13:34:45.0291 0x22c0  [ Global ] - ok
13:34:45.0292 0x22c0  ================ Scan MBR ==================================
13:34:45.0306 0x22c0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:34:45.0317 0x22c0  \Device\Harddisk0\DR0 - ok
13:34:45.0318 0x22c0  ================ Scan VBR ==================================
13:34:45.0321 0x22c0  [ 36D5C98962745F35CC55B36A48BBEFBF ] \Device\Harddisk0\DR0\Partition1
13:34:45.0371 0x22c0  \Device\Harddisk0\DR0\Partition1 - ok
13:34:45.0381 0x22c0  [ 0CEC52DD76835EA0C696771235B75171 ] \Device\Harddisk0\DR0\Partition2
13:34:45.0432 0x22c0  \Device\Harddisk0\DR0\Partition2 - ok
13:34:45.0445 0x22c0  [ 7D4B560A7CFC88364DB6B6DBC55CAE70 ] \Device\Harddisk0\DR0\Partition3
13:34:45.0446 0x22c0  \Device\Harddisk0\DR0\Partition3 - ok
13:34:45.0466 0x22c0  [ D03002DD977159F500A3D2220140CFB5 ] \Device\Harddisk0\DR0\Partition4
13:34:45.0545 0x22c0  \Device\Harddisk0\DR0\Partition4 - ok
13:34:45.0581 0x22c0  [ B7221BE3E4FCACBC1D021C80858C5AAF ] \Device\Harddisk0\DR0\Partition5
13:34:45.0636 0x22c0  \Device\Harddisk0\DR0\Partition5 - ok
13:34:45.0667 0x22c0  [ 21FA2730E96401AC3336B7407B6FCF25 ] \Device\Harddisk0\DR0\Partition6
13:34:45.0689 0x22c0  \Device\Harddisk0\DR0\Partition6 - ok
13:34:45.0690 0x22c0  ================ Scan generic autorun ======================
13:34:45.0725 0x22c0  [ 49BD5663071AA799AC0B1E6B48EB9257, 39364B7E08C87545B4E48264509D73800FE5B0A76E34E0B169DA489895820B22 ] C:\Program Files\IDT\WDM\beats64.exe
13:34:45.0727 0x22c0  BeatsOSDApp - ok
13:34:45.0862 0x22c0  [ 94BFCE236D6340011721470E394056E3, 42A7808F6C53C268354E9E47F0689FE2B4717F61E97CBAA0ABF33E0275B908EF ] C:\Program Files\IDT\WDM\sttray64.exe
13:34:45.0877 0x22c0  SysTrayApp - ok
13:34:46.0409 0x22c0  [ 1539331FFDB2D977BFF14F5737F5063E, 29C6CDEDA01D406BEE2B6E06CC42491A9EA89E45751D92DB4A2E9C017527B44A ] C:\Program Files\Logitech Gaming Software\LCore.exe
13:34:46.0493 0x22c0  Launch LCore - ok
13:34:46.0530 0x22c0  [ C89FAB42CD5FD672506031D941529A74, EAB2BC06BBA552A9506F9E1B537E95AC0A839616764C0F9D5ADCD7527DC7AA4B ] C:\windows\SYSTEM32\WerFault.exe
13:34:46.0539 0x22c0  *WerKernelReporting - ok
13:34:46.0619 0x22c0  [ BDF02FD9CE2760046F7021D73E795FDE, 5A505A88F88C1D142C1509BE7A2492A0EA51F92D91B683EF53DFE192BF03A8B3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:34:46.0636 0x22c0  StartCCC - ok
13:34:46.0738 0x22c0  [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
13:34:46.0741 0x22c0  CLMLServer_For_P2G8 - ok
13:34:46.0816 0x22c0  [ B35B97FC934A9A7D02232094128CD636, 08F9E36F7DB86325986712210DF1B235DAC4F76FB599D2756E863A9FAFEBD57B ] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
13:34:46.0829 0x22c0  CLVirtualDrive - ok
13:34:47.0066 0x22c0  [ 82E9ECACEA799EDD4FD554E14A1838F3, E9E99D387C0204671F36317B812FA97D277B3BC1F7281B907040963C685968E4 ] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
13:34:47.0087 0x22c0  BATINDICATOR - ok
13:34:47.0149 0x22c0  [ F0DC5AFA79FB54A6B5425735E3FFBBE2, 16D161C4D54FC49E6C175FC0292D78AA37131CF11290135829DF1447C6B52BB4 ] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe
13:34:47.0163 0x22c0  BATINDICATORHL - ok
13:34:47.0376 0x22c0  [ 547DD95D50865FD628FEF018B9B2E878, 62305BD8EB58505E9669C47D2BECB20E004C8078BAC4B3B44C3141D4839981DC ] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
13:34:47.0402 0x22c0  OSDTool - ok
13:34:47.0480 0x22c0  [ C26B09276755E0698B31CF0BAE0BF182, A95B567626C0573DF0F136818AA7E487BC4995552E9B7A041437539E49B99473 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:34:47.0482 0x22c0  APSDaemon - ok
13:34:47.0561 0x22c0  [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
13:34:47.0565 0x22c0  iTunesHelper - ok
13:34:48.0039 0x22c0  [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
13:34:48.0153 0x22c0  AvastUI.exe - ok
13:34:48.0339 0x22c0  [ 8AC10EC7431ABCB52A74CC9236907EB7, 40C1354165EDE1503D078C1274A9BA0B02C80B2628EB8BF663A23A87760B9C17 ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
13:34:48.0358 0x22c0  CanonQuickMenu - ok
13:34:48.0456 0x22c0  [ 6B53177248AC5327FFB5CB2D5C500C94, 2F03DA955BF63BDCA979B76B263FBE4EB1BA2A76476EF0D9145E66CAB781C67C ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
13:34:48.0468 0x22c0  IJNetworkScannerSelectorEX - ok
13:34:48.0471 0x22c0  GrpConv - ok
13:34:48.0549 0x22c0  [ 9DECF401AE4CB834D89957BDBF484068, 084056EAA068F88B6168566F14D315F2AD35F2202B18CFC5F88A466C154210A3 ] C:\Program Files\AVAST Software\Avast\setup\emupdate\0a5626b7-54ff-490c-9d25-22eeb56b74c5.exe
13:34:48.0559 0x22c0  20150107 - ok
13:34:48.0570 0x22c0  Report - ok
13:34:48.0690 0x22c0  [ D213F06AE294341F3503FD74E22E7DDA, 57CD0D08BADAA0CAB4FA7BB2ABEEF1AADCB87A798937696B9E3431C1B793B869 ] C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
13:34:48.0700 0x22c0  SkyDrive - ok
13:34:48.0734 0x22c0  [ BF93A2F9901E9B3DFCA8A7982F4A9868, 858A5766A2DE54A6908A2CA30DD5983790B8C63614A455292613B129877223E9 ] C:\windows\system32\cmd.exe
13:34:48.0740 0x22c0  Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64 - ok
13:34:48.0762 0x22c0  [ BF93A2F9901E9B3DFCA8A7982F4A9868, 858A5766A2DE54A6908A2CA30DD5983790B8C63614A455292613B129877223E9 ] C:\windows\system32\cmd.exe
13:34:48.0768 0x22c0  Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828 - ok
13:34:48.0793 0x22c0  [ BF93A2F9901E9B3DFCA8A7982F4A9868, 858A5766A2DE54A6908A2CA30DD5983790B8C63614A455292613B129877223E9 ] C:\windows\system32\cmd.exe
13:34:48.0797 0x22c0  Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64 - ok
13:34:48.0810 0x22c0  [ BF93A2F9901E9B3DFCA8A7982F4A9868, 858A5766A2DE54A6908A2CA30DD5983790B8C63614A455292613B129877223E9 ] C:\windows\system32\cmd.exe
13:34:48.0814 0x22c0  Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314 - ok
13:34:48.0815 0x22c0  Waiting for KSN requests completion. In queue: 58
13:34:49.0815 0x22c0  Waiting for KSN requests completion. In queue: 58
13:34:50.0816 0x22c0  Waiting for KSN requests completion. In queue: 58
13:34:51.0880 0x22c0  AV detected via SS2: Emsisoft Internet Security, C:\PROGRAM FILES (X86)\EMSISOFT INTERNET SECURITY\a2start.exe ( 9.0.0.5066 ), 0x40010 ( disabled : outofdate )
13:34:51.0889 0x22c0  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
13:34:51.0892 0x22c0  FW detected via SS2: Emsisoft Internet Security, C:\PROGRAM FILES (X86)\EMSISOFT INTERNET SECURITY\a2start.exe ( 9.0.0.5066 ), 0x40010 ( disabled )
13:34:51.0918 0x22c0  Win FW state via NFP2: enabled
13:34:54.0308 0x22c0  ============================================================
13:34:54.0308 0x22c0  Scan finished
13:34:54.0308 0x22c0  ============================================================
13:34:54.0318 0x0628  Detected object count: 0
13:34:54.0318 0x0628  Actual detected object count: 0
         
__________________
Gruss
R4BBIT

9 von 10 Personen mögen Bier...die 10. lügt

Alt 05.06.2015, 12:39   #8
M-K-D-B
/// TB-Ausbilder
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?



Servus,


Zitat:
HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S2].txt
Wie ich sehe, hast du selber schon Tools laufen lassen, ohne ein Wort davon zu sagen... was ihr ehrlich gesagt nicht gerade toll finde.


Dann poste doch bitte mal folgende Logdateien:
C:\AdwCleaner\AdwCleaner[S1].txt
C:\AdwCleaner\AdwCleaner[S2].txt

Poste außerdem bitte alle anderen Logdateien von Tools, die du in den letzten 3 Tagen ausgeführt hast.




Mehrere Anti-Virus-Programme

Code:
ATTFilter
Avast
Emsisoft
         
Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Ausserdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere über Systemsteuerung => Software.
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast.

Alt 05.06.2015, 13:38   #9
R4BBIT
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?



Hallo Matthias,

Dass der AdwCleaner noch drauf ist, wusste ich gar nicht. Ich dachte den habe ich eigentlich deinstalliert. Also nach meiner letzten "Behandlung"...
Und die beiden Logs die da anscheinend noch sein sollten, sind da nicht ^^
In den letzten Tagen hatte ich eigentlich nie ein Tool am laufen...

Das mit Emsisoft/Avast ist so ne Sache: Aktiv momentan bei mir ist Avast. Das mit Emsisoft war erst mal die Trial-Version und die Voll-Version habe ich bis jetzt noch nicht gekauft (hatte ich aber eigentlich vor). Also das Programm läuft bei mir nicht aktiv...für das wäre dann vorerst Avast.
__________________
Gruss
R4BBIT

9 von 10 Personen mögen Bier...die 10. lügt

Alt 05.06.2015, 16:33   #10
M-K-D-B
/// TB-Ausbilder
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?



Servus,



Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


Alt 06.06.2015, 19:00   #11
R4BBIT
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?



Hab dir hier das Combofix-Log:

Code:
ATTFilter
ComboFix 15-05-31.01 - AdminFabian 06.06.2015  19:45:42.1.8 - x64
Microsoft Windows 8  6.2.9200.0.1252.41.1031.18.16324.14425 [GMT 2:00]
ausgeführt von:: c:\users\Fabian.PC_Fabian\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Emsisoft Internet Security *Disabled/Outdated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
FW: Emsisoft Internet Security *Disabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Emsisoft Internet Security *Disabled/Outdated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\AdminFabian\AppData\Local\assembly\tmp
c:\users\Fabian.PC_Fabian\AppData\Local\assembly\tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-05-06 bis 2015-06-06  ))))))))))))))))))))))))))))))
.
.
2015-06-06 17:54 . 2015-06-06 17:54	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-06-06 17:54 . 2015-06-06 17:54	--------	d-----w-	c:\users\AdminFabian\AppData\Local\temp
2015-06-04 16:01 . 2015-04-30 13:07	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-04 16:01 . 2015-04-30 13:07	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-06-04 15:16 . 2015-04-13 05:32	417280	----a-w-	c:\windows\system32\services.exe
2015-06-04 15:16 . 2015-03-12 05:31	1688576	----a-w-	c:\windows\system32\wevtsvc.dll
2015-06-04 15:16 . 2015-04-13 05:30	1280512	----a-w-	c:\windows\system32\FntCache.dll
2015-06-04 15:16 . 2015-04-13 05:30	1839616	----a-w-	c:\windows\system32\DWrite.dll
2015-06-04 15:16 . 2015-04-13 04:05	1416192	----a-w-	c:\windows\SysWow64\DWrite.dll
2015-06-04 15:16 . 2015-04-13 03:25	4063744	----a-w-	c:\windows\system32\win32k.sys
2015-06-04 15:12 . 2015-04-07 23:20	1624064	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2015-06-04 15:12 . 2015-04-07 23:20	1312768	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2015-06-04 15:12 . 2015-04-07 23:20	1278464	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-06-04 15:12 . 2015-04-07 23:43	1032192	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2015-06-04 15:12 . 2015-04-07 23:43	1413632	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2015-06-04 15:12 . 2015-04-07 23:21	2190336	----a-w-	c:\program files\Windows Journal\Journal.exe
2015-06-04 15:12 . 2015-04-07 23:20	627712	----a-w-	c:\program files\Windows Journal\MSPVWCTL.DLL
2015-06-04 15:12 . 2015-04-07 23:20	1325056	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2015-06-04 15:12 . 2015-04-07 23:20	881152	----a-w-	c:\program files\Windows Journal\InkSeg.dll
2015-06-04 15:12 . 2015-04-21 13:52	19291136	----a-w-	c:\windows\system32\mshtml.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-04 16:02 . 2013-02-02 17:33	140425016	----a-w-	c:\windows\system32\MRT.exe
2015-05-05 17:49 . 2015-04-19 10:37	177632	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-05 17:49 . 2015-04-19 10:37	792032	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-22 16:20 . 2015-04-22 16:20	364472	----a-w-	c:\windows\system32\aswBoot.exe
2015-04-22 16:20 . 2014-04-24 19:48	29168	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2015-04-22 16:20 . 2014-02-14 18:58	137288	----a-w-	c:\windows\system32\drivers\aswStm.sys
2015-04-22 16:20 . 2013-04-25 18:02	65736	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2015-04-22 16:20 . 2013-04-25 18:02	272248	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2015-04-22 16:20 . 2013-02-06 20:21	93528	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2015-04-22 16:20 . 2013-02-06 20:21	442264	----a-w-	c:\windows\system32\drivers\aswSP.sys
2015-04-22 16:20 . 2013-02-06 20:21	89944	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2015-04-22 16:20 . 2015-04-22 16:20	43112	----a-w-	c:\windows\avastSS.scr
2015-04-22 16:19 . 2013-02-06 20:21	1047320	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2015-04-08 17:42 . 2014-04-10 15:46	348672	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2015-04-08 17:42 . 2013-03-02 16:47	348672	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2015-04-08 17:42 . 2014-04-10 15:46	291088	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2015-03-23 22:17 . 2015-03-31 18:10	135800	----a-w-	c:\windows\system32\drivers\epp64.sys
2015-03-23 05:19 . 2015-04-16 18:09	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-03-23 05:17 . 2015-04-16 18:09	769024	----a-w-	c:\windows\system32\invagent.dll
2015-03-23 05:17 . 2015-04-16 18:09	419328	----a-w-	c:\windows\system32\devinv.dll
2015-03-23 05:17 . 2015-04-16 18:09	957440	----a-w-	c:\windows\system32\appraiser.dll
2015-03-23 05:17 . 2015-04-16 18:09	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-03-23 05:17 . 2015-04-16 18:09	30720	----a-w-	c:\windows\system32\acmigration.dll
2015-03-22 22:04 . 2015-04-16 18:09	1111552	----a-w-	c:\windows\system32\aeinv.dll
2015-03-17 07:00 . 2015-04-16 18:09	6971712	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-03-17 06:52 . 2015-04-16 18:09	1822696	----a-w-	c:\windows\system32\ntdll.dll
2015-03-17 04:45 . 2015-04-16 18:09	1409496	----a-w-	c:\windows\SysWow64\ntdll.dll
2015-03-14 08:07 . 2015-04-16 18:09	1120256	----a-w-	c:\windows\system32\msctf.dll
2015-03-14 06:33 . 2015-04-16 18:09	891904	----a-w-	c:\windows\SysWow64\msctf.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 642728]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-02 491120]
"BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe" [2011-12-14 2068992]
"BATINDICATORHL"="c:\program files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe" [2010-07-23 557056]
"OSDTool"="c:\program files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe" [2012-06-13 2101248]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-11 5515496]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2013-05-02 1282120]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2013-02-19 453736]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2015-01-06 585536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
"20150107"="c:\program files\AVAST Software\Avast\setup\emupdate\0a5626b7-54ff-490c-9d25-22eeb56b74c5.exe" [2015-05-25 183232]
.
c:\users\Fabian.PC_Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
An OneNote senden.lnk - c:\program files\Microsoft Office 15\root\office15\onenotem.exe /tsr [2013-2-6 158808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"SoftwareSASGeneration"= 1 (0x1)
"EnableSecureUIAPath"= 1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\System32\drivers\WUDFRd.sys;c:\windows\SYSNATIVE\drivers\WUDFRd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 epp64;epp64;c:\windows\system32\DRIVERS\epp64.sys;c:\windows\SYSNATIVE\DRIVERS\epp64.sys [x]
S1 fwwfp;Emsisoft Firewall WFP Filter;c:\program files (x86)\Emsisoft Internet Security\fwwfp764.sys;c:\program files (x86)\Emsisoft Internet Security\fwwfp764.sys [x]
S2 a2AntiMalware;Emsisoft Protection Service;c:\program files (x86)\Emsisoft Internet Security\a2service.exe;c:\program files (x86)\Emsisoft Internet Security\a2service.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPConnectedRemote;HP Connected Remote Service;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe;c:\program files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 OfficeSvc;Microsoft Office-Dienst;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]
S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 fwndis;Emsisoft Firewall NDIS driver;c:\windows\system32\DRIVERS\fwndis64.sys;c:\windows\SYSNATIVE\DRIVERS\fwndis64.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 rzendpt;rzendpt;c:\windows\System32\drivers\rzendpt.sys;c:\windows\SYSNATIVE\drivers\rzendpt.sys [x]
S3 rzudd;Razer Mouse Driver;c:\windows\System32\drivers\rzudd.sys;c:\windows\SYSNATIVE\drivers\rzudd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost	REG_MULTI_SZ   	apphostsvc
iissvcs	REG_MULTI_SZ   	w3svc was
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-02-06 20:06	2323040	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-02-06 20:06	2323040	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-02-06 20:06	2323040	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-22 16:20	722400	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-08-09 37888]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-08-09 1425408]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-11-14 8292120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"="c:\windows\SYSTEM32\WerFault.exe" [2013-07-09 439488]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
AddRemove-{FF27F674-821E-4BA2-985B-DDF539C2CD03} - c:\program files (x86)\InstallShield Installation Information\{FF27F674-821E-4BA2-985B-DDF539C2CD03}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
@SACL=(02 0000)
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@SACL=(02 0000)
@="\"c:\\windows\\System32\\Macromed\\Flash\\FlashUtil_ActiveX.exe\""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@SACL=(02 0000)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@SACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@SACL=(02 0000)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
@SACL=(02 0000)
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@SACL=(02 0000)
@="\"c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil_ActiveX.exe\""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@SACL=(02 0000)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Control]
@SACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage]
@SACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Implemented Categories]
@SACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@SACL=(02 0000)
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@SACL=(02 0000)
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@SACL=(02 0000)
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Programmable]
@SACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@SACL=(02 0000)
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@SACL=(02 0000)
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@SACL=(02 0000)
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@SACL=(02 0000)
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Control]
@SACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@SACL=(02 0000)
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@SACL=(02 0000)
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Programmable]
@SACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@SACL=(02 0000)
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@SACL=(02 0000)
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@SACL=(02 0000)
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@SACL=(02 0000)
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@SACL=(02 0000)
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@SACL=(02 0000)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
@SACL=
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
@SACL=
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2015-06-06  19:58:49
ComboFix-quarantined-files.txt  2015-06-06 17:58
.
Vor Suchlauf: 14 Verzeichnis(se), 874'403'938'304 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 874'211'188'736 Bytes frei
.
- - End Of File - - A71A4EDA1344F74C0963FC0E5FCB4563
         
Der Desktop war jetzt weg und die Menüleiste von Windows auch. Werde jetzt den PC mal neu starten und dann nochmals berichten, ob Alles wieder i.O. ist!

-> Alles wieder ok
__________________
Gruss
R4BBIT

9 von 10 Personen mögen Bier...die 10. lügt

Geändert von R4BBIT (06.06.2015 um 19:05 Uhr) Grund: Update

Alt 06.06.2015, 21:01   #12
M-K-D-B
/// TB-Ausbilder
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?



Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.
  • Starte die sc-cleaner.exe mit einem Doppelclick.
  • Bestätige die Meldung Shortcut Cleaner Finished am Ende des Suchlaufs mit Ok.
  • Eine Logdatei wird sich öffnen (sc-cleaner.txt).
  • Poste mir den Inhalt mit deiner nächsten Antwort.





Schritt 5
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die Logdatei von Shortcut-Cleaner,
  • die beiden neuen Logdateien von FRST.

Alt 07.06.2015, 10:33   #13
R4BBIT
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?



AdwCleaner:

Code:
ATTFilter
# AdwCleaner v4.206 - Bericht erstellt 07/06/2015 um 10:48:54
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-05.1 [Server]
# Betriebssystem : Windows 8  (x64)
# Benutzername : AdminFabian - PC_FABIAN
# Gestarted von : C:\Users\Fabian.PC_Fabian\Desktop\AdwCleaner_4.206.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v10.0.9200.17267


*************************

AdwCleaner[R0].txt - [757 Bytes] - [30/04/2015 19:57:02]
AdwCleaner[R1].txt - [799 Bytes] - [07/06/2015 10:47:16]
AdwCleaner[S0].txt - [720 Bytes] - [07/06/2015 10:48:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [778  Bytes] ##########
         
MBAM:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 07.06.2015
Suchlauf-Zeit: 10:54:32
Logdatei: 
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.07.01
Rootkit Datenbank: v2015.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: AdminFabian

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 442878
Verstrichene Zeit: 9 Min, 25 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
JRT:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.9 (06.06.2015:1)
OS: Windows 8 x64
Ran by AdminFabian on 07.06.2015 at 11:09:37.19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Users\AdminFabian\AppData\Roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\search.lnk
Successfully deleted: [File] C:\Users\AdminFabian\desktop\search.lnk



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.06.2015 at 11:20:51.48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Shortcut-Cleaner:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.9 (06.06.2015:1)
OS: Windows 8 x64
Ran by AdminFabian on 07.06.2015 at 11:09:37.19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Users\AdminFabian\AppData\Roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\search.lnk
Successfully deleted: [File] C:\Users\AdminFabian\desktop\search.lnk



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.06.2015 at 11:20:51.48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by AdminFabian (administrator) on PC_FABIAN on 07-06-2015 11:29:15
Running from C:\Users\Fabian.PC_Fabian\Desktop
Loaded Profiles: AdminFabian & Fabian (Available Profiles: AdminFabian & Fabian)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-07-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe [2068992 2011-12-14] (Hewlett-Packard)
HKLM-x32\...\Run: [BATINDICATORHL] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe [557056 2010-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [OSDTool] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe [2101248 2012-06-13] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2015-01-06] (Razer Inc.)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [439488 2013-07-09] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\0a5626b7-54ff-490c-9d25-22eeb56b74c5.exe [183232 2015-05-25] (AVAST Software)
HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S0].txt
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\Run: [SkyDrive] => C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-12-07] (Microsoft Corporation)
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\RunOnce: [Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\RunOnce: [Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\RunOnce: [Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\RunOnce: [Uninstall C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\MountPoints2: {3c35e8d1-db21-11e2-be85-4c72b97327ec} - "L:\LaunchU3.exe" -a
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\MountPoints2: {75e0df4f-7aae-11e2-be79-4c72b97327ec} - "K:\laucher.exe" 
Startup: C:\Users\Fabian.PC_Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2013-03-02]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/35
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/35
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/35
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/35
HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.janosch-nietlispach.ch/news
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/35
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKLM -> {622E8319-E326-408F-826B-3134D29BE474} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1005 -> {622E8319-E326-408F-826B-3134D29BE474} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1005 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> DefaultScope {F7DD2BAC-CB4E-4503-BA16-78C70DB4B011} URL = https://www.google.ch/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {622E8319-E326-408F-826B-3134D29BE474} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {F7DD2BAC-CB4E-4503-BA16-78C70DB4B011} URL = https://www.google.ch/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2013-02-06] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-22] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2013-02-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2013-02-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2013-02-06] (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKU\S-1-5-21-1392978341-1441607686-3862372307-1005 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2013-02-06] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1392978341-1441607686-3862372307-1006: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-06]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe [5020520 2015-03-24] (Emsisoft GmbH)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-15] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1855064 2012-11-23] (Microsoft Corporation)
S2 PnkBstrA; C:\windows\system32\PnkBstrA.exe [76152 2014-10-03] ()
S2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2015-02-06] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-10] ()
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-22] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-22] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-03] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 epp64; C:\Windows\System32\DRIVERS\epp64.sys [135800 2015-03-24] (Emsisoft GmbH)
R3 fwndis; C:\Windows\system32\DRIVERS\fwndis64.sys [491632 2015-01-01] ()
R1 fwwfp; C:\Program Files (x86)\Emsisoft Internet Security\fwwfp764.sys [414936 2015-01-01] ()
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\windows\system32\drivers\rzpmgrk.sys [37184 2014-12-10] (Razer, Inc.)
R2 rzpnk; C:\windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 11:28 - 2015-06-07 11:29 - 00020056 _____ C:\Users\Fabian.PC_Fabian\Desktop\FRST.txt
2015-06-07 11:27 - 2015-06-07 11:27 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Fabian.PC_Fabian\Desktop\sc-cleaner.exe
2015-06-07 11:27 - 2015-06-07 11:27 - 00001856 _____ C:\Users\AdminFabian\Desktop\sc-cleaner.txt
2015-06-07 11:20 - 2015-06-07 11:22 - 00000804 _____ C:\Users\Fabian.PC_Fabian\Desktop\JRT.txt
2015-06-07 11:09 - 2015-06-07 11:09 - 02942406 _____ (Thisisu) C:\Users\Fabian.PC_Fabian\Desktop\JRT.exe
2015-06-07 11:07 - 2015-06-07 11:08 - 00001193 _____ C:\Users\Fabian.PC_Fabian\Desktop\mbam.txt
2015-06-07 11:05 - 2015-06-07 11:05 - 00001201 _____ C:\Users\AdminFabian\Desktop\mbam.txt
2015-06-07 10:53 - 2015-06-07 10:53 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-07 10:53 - 2015-06-07 10:53 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-07 10:53 - 2015-06-07 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-07 10:53 - 2015-06-07 10:53 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-07 10:53 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-06-07 10:53 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-06-07 10:53 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-06-07 10:52 - 2015-06-07 10:52 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Fabian.PC_Fabian\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-07 10:48 - 2015-06-07 10:48 - 00000857 _____ C:\Users\Fabian.PC_Fabian\Desktop\AdwCleaner[S0].txt
2015-06-07 10:46 - 2015-06-07 10:46 - 02231296 _____ C:\Users\Fabian.PC_Fabian\Desktop\AdwCleaner_4.206.exe
2015-06-06 19:58 - 2015-06-06 19:58 - 00022454 _____ C:\ComboFix.txt
2015-06-06 19:42 - 2015-06-06 19:59 - 00000000 ____D C:\Qoobox
2015-06-06 19:42 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2015-06-06 19:42 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2015-06-06 19:42 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-06-06 19:42 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-06-06 19:42 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-06-06 19:42 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2015-06-06 19:42 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2015-06-06 19:42 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2015-06-06 19:42 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2015-06-06 19:41 - 2015-06-06 19:56 - 00000000 ____D C:\windows\erdnt
2015-06-06 19:41 - 2015-06-06 19:41 - 05628238 ____R (Swearware) C:\Users\Fabian.PC_Fabian\Desktop\ComboFix.exe
2015-06-05 13:33 - 2015-06-07 11:28 - 00035445 _____ C:\Users\Fabian.PC_Fabian\Desktop\Addition.txt
2015-06-05 12:23 - 2015-06-05 12:23 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Fabian.PC_Fabian\Desktop\tdsskiller.exe
2015-06-05 12:20 - 2015-06-05 12:20 - 02108928 _____ (Farbar) C:\Users\Fabian.PC_Fabian\Desktop\FRST64.exe
2015-06-04 18:01 - 2015-04-30 15:07 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-04 18:01 - 2015-04-30 15:07 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-04 17:16 - 2015-04-13 07:32 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-06-04 17:16 - 2015-04-13 07:30 - 01839616 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-06-04 17:16 - 2015-04-13 07:30 - 01280512 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-06-04 17:16 - 2015-04-13 06:05 - 01416192 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-06-04 17:16 - 2015-04-13 05:25 - 04063744 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-06-04 17:16 - 2015-03-12 07:31 - 01688576 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll
2015-06-04 17:12 - 2015-04-21 15:52 - 19291136 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-06-04 17:11 - 2015-05-02 08:28 - 00100184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-06-04 17:11 - 2015-05-02 05:59 - 00318976 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-06-04 17:11 - 2015-05-02 05:36 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-06-04 17:11 - 2015-04-21 16:33 - 14374400 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-06-04 17:11 - 2015-04-21 16:33 - 13771776 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-06-04 17:11 - 2015-04-21 16:33 - 02864640 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-06-04 17:11 - 2015-04-21 16:33 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-06-04 17:11 - 2015-04-21 16:33 - 01763328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-06-04 17:11 - 2015-04-21 16:33 - 01181696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-06-04 17:11 - 2015-04-21 16:33 - 00737280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-06-04 17:11 - 2015-04-21 16:33 - 00690176 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-06-04 17:11 - 2015-04-21 16:33 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-06-04 17:11 - 2015-04-21 16:33 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-06-04 17:11 - 2015-04-21 16:33 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-06-04 17:11 - 2015-04-21 16:33 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-06-04 17:11 - 2015-04-21 16:33 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-06-04 17:11 - 2015-04-21 16:33 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-06-04 17:11 - 2015-04-21 16:32 - 01441280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-06-04 17:11 - 2015-04-21 15:53 - 02237440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-06-04 17:11 - 2015-04-21 15:53 - 01409536 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-06-04 17:11 - 2015-04-21 15:53 - 00601600 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-06-04 17:11 - 2015-04-21 15:52 - 15414784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-06-04 17:11 - 2015-04-21 15:52 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-06-04 17:11 - 2015-04-21 15:52 - 02656768 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-06-04 17:11 - 2015-04-21 15:52 - 01509376 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-06-04 17:11 - 2015-04-21 15:52 - 00949760 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-06-04 17:11 - 2015-04-21 15:52 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-06-04 17:11 - 2015-04-21 15:52 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-06-04 17:11 - 2015-04-21 15:52 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-06-04 17:11 - 2015-04-21 15:52 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-06-04 17:11 - 2015-04-21 15:52 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-06-04 17:11 - 2015-04-18 04:37 - 00361984 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-06-04 17:11 - 2015-04-18 04:34 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-06-04 17:11 - 2015-04-14 00:09 - 00570248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-06-04 17:11 - 2015-04-06 07:36 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\PhotoMetadataHandler.dll
2015-06-04 17:11 - 2015-04-06 06:08 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\PhotoMetadataHandler.dll
2015-06-04 17:11 - 2015-03-14 02:55 - 00410017 _____ C:\windows\system32\ApnDatabase.xml
2015-06-04 17:11 - 2015-03-12 07:31 - 02048000 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-06-04 17:11 - 2015-03-12 07:31 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\WPDShServiceObj.dll
2015-06-04 17:11 - 2015-03-12 05:52 - 01933312 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2015-06-04 17:11 - 2015-03-04 08:41 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-06-04 17:11 - 2015-03-04 08:39 - 00632832 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-06-04 17:11 - 2015-03-04 08:39 - 00204288 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-06-04 17:11 - 2015-03-04 06:53 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2015-06-04 17:11 - 2015-03-04 06:52 - 00676864 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2015-06-04 17:11 - 2015-02-18 09:39 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-06-04 17:11 - 2015-02-18 09:38 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2015-06-03 10:08 - 2015-06-03 10:08 - 00280008 _____ C:\windows\Minidump\060315-21078-01.dmp
2015-06-01 20:46 - 2015-06-01 20:46 - 00280008 _____ C:\windows\Minidump\060115-21750-01.dmp
2015-05-19 17:31 - 2015-05-19 17:31 - 00280008 _____ C:\windows\Minidump\051915-21312-01.dmp
2015-05-19 11:58 - 2015-05-19 11:58 - 00016676 _____ C:\Users\Fabian.PC_Fabian\Desktop\Feedbackfragen Jubla Cham.dat
2015-05-13 20:26 - 2015-05-13 20:26 - 00280008 _____ C:\windows\Minidump\051315-20593-01.dmp
2015-05-12 17:27 - 2015-05-12 17:27 - 00280008 _____ C:\windows\Minidump\051215-17562-01.dmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 11:29 - 2015-04-30 19:45 - 00000000 ____D C:\FRST
2015-06-07 11:16 - 2013-02-05 21:31 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1392978341-1441607686-3862372307-1006
2015-06-07 11:12 - 2015-03-31 20:10 - 00000000 ____D C:\Program Files (x86)\Emsisoft Internet Security
2015-06-07 11:02 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\sru
2015-06-07 11:01 - 2013-02-02 17:50 - 01428639 _____ C:\windows\WindowsUpdate.log
2015-06-07 10:54 - 2012-10-23 19:37 - 00724412 _____ C:\windows\system32\perfh007.dat
2015-06-07 10:54 - 2012-10-23 19:37 - 00163214 _____ C:\windows\system32\perfc007.dat
2015-06-07 10:54 - 2012-07-26 09:28 - 01734152 _____ C:\windows\system32\PerfStringBackup.INI
2015-06-07 10:51 - 2015-04-30 19:57 - 00000000 ____D C:\AdwCleaner
2015-06-07 10:49 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-06-06 20:03 - 2012-08-01 19:02 - 00739102 _____ C:\windows\PFRO.log
2015-06-06 19:55 - 2012-07-26 07:26 - 00000215 _____ C:\windows\system.ini
2015-06-05 19:20 - 2015-03-12 20:24 - 00332744 _____ C:\windows\system32\FNTCACHE.DAT
2015-06-05 18:47 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-05 18:47 - 2012-07-26 07:38 - 00000000 ____D C:\windows\system32\AdvancedInstallers
2015-06-05 18:46 - 2012-07-26 09:59 - 00000000 ____D C:\windows\CbsTemp
2015-06-05 17:46 - 2013-12-09 21:11 - 00000000 ____D C:\Users\Fabian.PC_Fabian\AppData\Roaming\TS3Client
2015-06-05 11:23 - 2015-03-16 21:16 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-05 11:13 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\NDF
2015-06-04 18:04 - 2013-08-11 19:48 - 00000000 ____D C:\windows\system32\MRT
2015-06-04 18:02 - 2013-02-02 19:33 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-06-04 17:17 - 2012-07-26 10:12 - 00000000 ____D C:\windows\AUInstallAgent
2015-06-03 10:08 - 2013-10-31 21:06 - 668381772 _____ C:\windows\MEMORY.DMP
2015-06-03 10:08 - 2013-10-23 21:17 - 00000000 ____D C:\windows\Minidump
2015-05-19 18:04 - 2013-02-16 21:06 - 00549888 ___SH C:\Users\Fabian.PC_Fabian\Desktop\Thumbs.db
2015-05-19 17:32 - 2013-02-06 22:21 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-05-19 12:08 - 2013-02-05 21:25 - 00000000 ____D C:\Users\Fabian.PC_Fabian\AppData\Local\Packages

==================== Files in the root of some directories =======

2013-02-02 18:13 - 2013-02-02 18:13 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Some files in TEMP:
====================
C:\Users\AdminFabian\AppData\Local\temp\Quarantine.exe
C:\Users\AdminFabian\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-04 21:01

==================== End of log ============================
         
--- --- ---


Addition:

[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by AdminFabian at 2015-06-07 11:29:32
Running from C:\Users\Fabian.PC_Fabian\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

AdminFabian (S-1-5-21-1392978341-1441607686-3862372307-1005 - Administrator - Enabled) => C:\Users\AdminFabian
Administrator (S-1-5-21-1392978341-1441607686-3862372307-500 - Administrator - Disabled)
Fabian (S-1-5-21-1392978341-1441607686-3862372307-1006 - Limited - Enabled) => C:\Users\Fabian.PC_Fabian
Gast (S-1-5-21-1392978341-1441607686-3862372307-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1392978341-1441607686-3862372307-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Internet Security (Disabled - Out of date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Internet Security (Disabled - Out of date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Emsisoft Internet Security (Disabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{BF821093-CFD3-EC1B-B357-6817EE34E5C7}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG7100 series Benutzerregistrierung (HKLM-x32\...\Canon MG7100 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Emsisoft Internet Security (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd.)
eTax.zug 2014 nP 1.3.0 (HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\8452-4068-1171-2815) (Version: 1.3.0 - Information Factory AG)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Keyboard (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.5.0.7 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{FF27F674-821E-4BA2-985B-DDF539C2CD03}) (Version: 7.0.33.6 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{86FD8326-909D-45F5-BB61-0619D0D31293}) (Version: 11.50.0011 - Hewlett-Packard Company)
HydraVision (x32 Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4454.1004 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
NWZ-E450 WALKMAN Guide (HKLM-x32\...\{0A6C2811-AD29-473F-8086-F0B401276DEC}) (Version: 2.1.0.17210 - Sony Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4454.1004 - Microsoft Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.0.0 - Ralink)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.)
RecImgManager (HKLM-x32\...\{1ECC3992-5E46-4A3B-823F-4228D5B05A83}) (Version: 2.0.26222 - SlimWare Utilities, Inc.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamSpeak 3 Client (HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Fabian.PC_Fabian\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

04-05-2015 20:58:43 Geplanter Prüfpunkt
04-06-2015 17:03:23 Geplanter Prüfpunkt
06-06-2015 19:42:42 ComboFix created restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2015-03-23 19:52 - 00000855 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E1975F3-5D81-4CA8-8E07-168E2CD1DF5D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2012-08-15] (Hewlett-Packard Company)
Task: {5F63D142-E881-4C1E-A6BB-D4956C70E5A0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-22] (Avast Software s.r.o.)
Task: {611B2DEB-5632-43C5-BA63-01B47A70F7E9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-06-04] (Microsoft Corporation)
Task: {74BEDB4E-487E-4F08-808D-3CD98A22F124} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {E0CF2BA3-882C-4D8E-9580-68B42A1AA8D2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {F6E24018-619A-4763-9815-BEF6CF60CD7C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-15] (Hewlett-Packard Company)
Task: {F7C59E27-327A-406B-8FAB-A1B6132D4BA3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)

==================== Loaded Modules (Whitelisted) ==============

2012-08-29 11:02 - 2012-08-29 11:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-29 11:02 - 2012-08-29 11:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-02-05 23:21 - 2012-11-10 11:28 - 00382544 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-02-05 23:21 - 2012-11-23 19:07 - 00513600 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-02-05 23:21 - 2012-11-23 19:07 - 00607296 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2014-12-10 00:22 - 2014-12-10 00:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2013-02-05 21:26 - 2013-02-05 21:26 - 00120224 _____ () C:\Users\Fabian.PC_Fabian\AppData\Local\assembly\dl3\4N352QBH.B7X\6QC7E4AH.0L4\6719f2df\00af4ffb_c485cd01\HPItunesModule.DLL
2015-04-22 18:20 - 2015-04-22 18:20 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-22 18:20 - 2015-04-22 18:20 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-06 19:44 - 2015-06-06 19:44 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060601\algo.dll
2015-06-07 10:50 - 2015-06-07 10:50 - 02952192 _____ () C:\Program Files\AVAST Software\Avast\defs\15060700\algo.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-22 18:20 - 2015-04-22 18:20 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Fabian.PC_Fabian\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\StartupApproved\Run: => "RESTART_STICKY_NOTES"
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\...\StartupApproved\Run: => "SkyDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FBB1C137-790B-486B-A9C9-27B435B298F9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{293ABFA0-F8E4-4BEE-989D-E9F5BB71FA8D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FF3D2D61-C87A-4D43-9E52-1D6ABDD4012F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3F2898FF-636E-494A-A285-C5E36AF9CFB5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C008179C-4E73-43B3-AE1F-761536965182}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{D559845D-EA90-49AC-AA22-87A9048E0C3F}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{B90066BF-D10D-4365-B161-3D91EABEC775}] => (Allow) C:\Users\AdminFabian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{2DFB5855-1A34-43A2-BA35-A329FC85E85C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{18FCFA59-65A8-4E08-AFF7-D175F3A69EB5}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{5DEA5977-AAE4-4705-9CBE-A522CEDE88E6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{89579F59-EFB0-4DCB-9C86-C2F2213A110A}] => (Allow) LPort=2869
FirewallRules: [{5F8EE66C-73FF-4440-ACC8-26DEF876E66E}] => (Allow) LPort=1900
FirewallRules: [{DB8A88AE-0600-4295-88EC-70C0BC252A00}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{05F57B78-2520-4FA8-AE37-EED4AA648917}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{7E4CE3E0-E0A1-4ADF-BB67-48FEF13A388F}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{EAC1CAEE-90CA-4D75-A471-EF0E268AFF38}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [{EF607449-0DA6-4A67-916B-36757CB05CD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [{E5A994C9-B85E-42E6-BBFB-1BF6E259E16C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [TCP Query User{9A101C02-AFA2-4EE8-9018-012E365F5DE4}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe] => (Block) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe
FirewallRules: [UDP Query User{ED0CF3BB-BC4A-42C6-95CF-60F7B18D1A31}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe] => (Block) C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon future soldier\future soldier dx11.exe
FirewallRules: [TCP Query User{46220C03-5BE5-4E16-87E1-4644B21A49CF}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{FF72C7FF-F4E0-47F5-A1E0-ED12B2EC0FEE}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{2516AA43-DAD4-47EE-9345-8B815227CA08}] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{658CEDA9-859B-4117-8EA9-8DB4A7CE1EB4}] => (Block) C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{25B7CD5D-C18C-429B-B8B9-BE64640530EC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B433DBEC-8EA6-45B9-8863-060CE099D8CC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A8BDCF14-4299-4204-AF95-DC0772D6620B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{56E884CE-DB2E-45A7-A827-87BB7B549121}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4B47B08A-E461-45C5-87F3-0A8F0F53A797}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{CEEF249C-ED01-4EEE-81C3-0C4FF075B9AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FB00654F-36F9-4054-A5FC-D3F89A90DE62}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{397D4BAD-B323-4520-A472-DE71F8919AAF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{6C4BE36F-3A33-479B-95F7-5CE48CC4AFE9}] => (Allow) LPort=53000
FirewallRules: [{065E3887-F668-4AF3-B835-E74C2E44D709}] => (Allow) LPort=52000

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/07/2015 11:19:18 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Der Wert von "First Counter" unter dem Schlüssel "usbperf\Performance" kann nicht gelesen werden. Statuscodes wurden in den Daten zurückgegeben.

Error: (06/07/2015 11:17:03 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: usbhubC:\windows\system32\usbperf.dll8

Error: (06/07/2015 11:17:03 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Der Wert von "First Counter" unter dem Schlüssel "usbperf\Performance" kann nicht gelesen werden. Statuscodes wurden in den Daten zurückgegeben.

Error: (06/07/2015 11:17:03 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: RemoteAccessC:\Windows\System32\rasctrs.dll8

Error: (06/07/2015 11:17:03 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (06/07/2015 10:50:17 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz   konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet.   0x0.

Error: (06/07/2015 10:50:15 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (06/07/2015 10:50:11 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Error: (06/06/2015 08:04:23 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz   konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet.   0x0.

Error: (06/06/2015 08:04:22 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog


System errors:
=============
Error: (06/07/2015 11:12:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/07/2015 11:12:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/07/2015 11:12:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Support Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/07/2015 11:12:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/07/2015 11:12:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/07/2015 11:12:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/07/2015 11:12:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/07/2015 11:12:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/07/2015 11:12:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/07/2015 11:12:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (06/07/2015 11:19:18 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: 

Error: (06/07/2015 11:17:03 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: usbhubC:\windows\system32\usbperf.dll8

Error: (06/07/2015 11:17:03 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: 

Error: (06/07/2015 11:17:03 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: RemoteAccessC:\Windows\System32\rasctrs.dll8

Error: (06/07/2015 11:17:03 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (06/07/2015 10:50:17 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet.   0x0

Error: (06/07/2015 10:50:15 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog

Error: (06/07/2015 10:50:11 AM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: 

Error: (06/06/2015 08:04:23 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet.   0x0

Error: (06/06/2015 08:04:22 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


CodeIntegrity Errors:
===================================
  Date: 2015-06-04 16:58:14.038
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-04 16:58:10.789
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-04 16:58:09.252
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-04 16:58:07.802
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-04 16:58:00.266
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:24.467
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:22.008
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:20.557
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:19.329
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.

  Date: 2015-06-01 22:19:18.112
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Emsisoft Internet Security\a2hooks64.dll with signing level Unsigned while the system requires signing level 6 or better to load.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 18%
Total physical RAM: 16323.54 MB
Available physical RAM: 13283.27 MB
Total Pagefile: 32707.54 MB
Available Pagefile: 29591.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1000.11 GB) (Free:814.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.98 GB) (Free:1.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive j: (Daten) (Fixed) (Total:849.45 GB) (Free:742.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 0ABD2367)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---
__________________
Gruss
R4BBIT

9 von 10 Personen mögen Bier...die 10. lügt

Alt 07.06.2015, 11:25   #14
M-K-D-B
/// TB-Ausbilder
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?



Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
RemoveProxy:
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset






Schritt 3
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck.

Alt 08.06.2015, 18:44   #15
R4BBIT
 
PC hängt wiedermal...Kann das jemand anschauen? - Standard

PC hängt wiedermal...Kann das jemand anschauen?



Hier mal die Fixlog:

Code:
ATTFilter
Fix result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by AdminFabian at 2015-06-08 18:35:26 Run:1
Running from C:\Users\Fabian.PC_Fabian\Desktop
Loaded Profiles: AdminFabian & Fabian (Available Profiles: AdminFabian & Fabian)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CloseProcesses:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1392978341-1441607686-3862372307-1006 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
RemoveProxy:
EmptyTemp:
end
         
*****************

Processes closed successfully.
C:\windows\system32\GroupPolicy\Machine => moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully.
C:\windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
"HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => key removed successfully
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found. 

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1392978341-1441607686-3862372307-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1392978341-1441607686-3862372307-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

EmptyTemp: => 959.2 MB temporary data Removed.


The system needed a reboot.. 

==== End of Fixlog 18:35:52 ====
         
Und von Eset:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3355f07cb663174ab64ba1cf3ea0ede2
# end=init
# utc_time=2015-06-08 04:40:32
# local_time=2015-06-08 06:40:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 24230
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3355f07cb663174ab64ba1cf3ea0ede2
# end=updated
# utc_time=2015-06-08 04:43:55
# local_time=2015-06-08 06:43:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3355f07cb663174ab64ba1cf3ea0ede2
# engine=24230
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-08 05:29:22
# local_time=2015-06-08 07:29:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 2340132 198208652 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 7679801 35411197 0 0
# scanned=254740
# found=0
# cleaned=0
# scan_time=2727
         


Hier noch der Teil vom SecurityCheck:

Code:
ATTFilter
 Results of screen317's Security Check version 1.002  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Emsisoft Internet Security   
avast! Antivirus             
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
__________________
Gruss
R4BBIT

9 von 10 Personen mögen Bier...die 10. lügt

Antwort

Themen zu PC hängt wiedermal...Kann das jemand anschauen?
anschauen, arten, aufstarten, durchschauen, hängt, inter, interne, leistung, längerem, pc hängt, poste, posten, ziemlich, öfters



Ähnliche Themen: PC hängt wiedermal...Kann das jemand anschauen?


  1. Kann sich jemand diesen Log anschauen?
    Log-Analyse und Auswertung - 09.03.2011 (1)
  2. Kann sich jemand das Logfile anschauen?
    Log-Analyse und Auswertung - 20.02.2009 (7)
  3. Kann jemand mein logfile anschauen?
    Log-Analyse und Auswertung - 07.11.2007 (32)
  4. kann mir das jemand anschauen?
    Log-Analyse und Auswertung - 24.08.2007 (1)
  5. Kann sich das jemand anschauen??
    Log-Analyse und Auswertung - 11.07.2007 (6)
  6. Hallo, kann scih das jemand mal anschauen!
    Log-Analyse und Auswertung - 23.10.2006 (5)
  7. Kann sich jemand das mal anschauen
    Log-Analyse und Auswertung - 30.04.2006 (1)
  8. Kann sich jemand dieses Log anschauen?
    Log-Analyse und Auswertung - 24.04.2006 (2)
  9. Kann sich jemand das anschauen
    Log-Analyse und Auswertung - 25.10.2005 (1)
  10. Kann sich das mal bitte jemand anschauen?
    Log-Analyse und Auswertung - 06.09.2005 (1)
  11. kann sich das mal jemand anschauen
    Log-Analyse und Auswertung - 01.04.2005 (3)
  12. Kann sich das ma jemand anschauen?
    Log-Analyse und Auswertung - 08.03.2005 (5)
  13. kann sich das mal jemand anschauen
    Log-Analyse und Auswertung - 07.03.2005 (2)
  14. Kann sich jemand mal die Logfile anschauen?
    Log-Analyse und Auswertung - 27.02.2005 (2)
  15. Kann sich das mal jemand bitte anschauen
    Log-Analyse und Auswertung - 10.02.2005 (4)
  16. Kann sich das bitte mal jemand anschauen.
    Log-Analyse und Auswertung - 27.01.2005 (9)
  17. Kann sich das bitte jemand anschauen?
    Log-Analyse und Auswertung - 21.10.2004 (2)

Zum Thema PC hängt wiedermal...Kann das jemand anschauen? - Kann mir jemand mal kurz durchschauen, ob da was drauf ist? Irgendwie hängt mein PC seit längerem wieder und die Internetleistung lässt leider seither auch ziemlich nach. Auch beim Aufstarten - PC hängt wiedermal...Kann das jemand anschauen?...
Archiv
Du betrachtest: PC hängt wiedermal...Kann das jemand anschauen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.