Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 04.08.2015, 06:59   #1
orhanzo
 
Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit - Standard

Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit



Hallo liebe Trojaner-Board Community!

Seit nun 2 Tagen ca spinnt mein PC. Mein Browser ist immer langsamer geworden bis ich überhaupt nicht mehr im Internet surfen konnte.
Daraufhin habe ich in der Systemwiederherstellung eine Woche zurückgespult.

Ich hatte extreme Schwankungen bei Speedtests. Manchmal ist er hängen geblieben und hat gar nicht funktioniert. Einige male hat er das erreicht für was ich zahle 125/12,5 mbit/s.
Jedoch auch 125 down und 0,1 Up oder 20 down 1 up waren der Fall.

Im Spiel (League of Legends) habe ich auch erst seit 2 Tagen massive Probleme mit meiner Latenz und habe ständig Disconnects. Wenn ichs neustarten will funktioniert willkürlich (manchmal gleich manchmal gar nicht).
Wobei die Disconnects eigentlich fast immer wieder kommen.

Mir kommt es so vor als wird der Zustand immer schlimmer und schlimmer.

Die Suche mit Kasperky hat keine Ergebnisse gebracht.

Adwcleaner auch keine Funde.

Logfiles:

Mbam

Code:
ATTFilter
Abgelaufene Zeit: 7 Min., 54 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 1
PUP.Optional.Proinstall, C:\Users\Ibrahim\Downloads\GhostMouseAutoClickerSetup-37999292.exe, In Quarantäne, [e88bde263259bf77d9ba9201be43bd43], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
durchgeführt von Ibrahim (Administrator) auf PC (04-08-2015 07:20:59)
Gestartet von C:\Users\Ibrahim\Downloads
Geladene Profile: Ibrahim & postgres (Verfügbare Profile: Ibrahim & postgres)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Entropia Tracker) C:\Users\Ibrahim\AppData\Local\Apps\2.0\X4BO9JD3.19D\AQ5EN8BO.B6O\entr..tion_67e48c3a2893e7a3_0008.0003_6433b85113fc2172\Entropia Tracker Suite.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.250\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.34\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.153\deploy\LolClient.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254464 2014-10-20] (Razer Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2431583191-4286240723-2257015007-1001\...\Run: [GoogleChromeAutoLaunch_A752B9523338A8D2D47F144E00B0239D] => D:\Google\Chrome\Application\chrome.exe [915784 2015-01-09] (Google Inc.)
HKU\S-1-5-21-2431583191-4286240723-2257015007-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-2431583191-4286240723-2257015007-1001\...\Run: [MurGee.com Auto Clicker] => C:\Users\Ibrahim\AppData\Roaming\Auto Clicker\AutoClicker.exe [120304 2015-03-29] (MurGee.com)
HKU\S-1-5-21-2431583191-4286240723-2257015007-1001\...\Run: [Entropia Tracker Suite] => C:\Users\Ibrahim\AppData\Local\Apps\2.0\X4BO9JD3.19D\AQ5EN8BO.B6O\entr..tion_67e48c3a2893e7a3_0008.0003_6433b85113fc2172\Entropia Tracker Suite.exe [245248 2015-06-11] (Entropia Tracker)
HKU\S-1-5-21-2431583191-4286240723-2257015007-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-2431583191-4286240723-2257015007-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hitech-gamer.com/
HKU\S-1-5-21-2431583191-4286240723-2257015007-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.hitech-gamer.com/
URLSearchHook: [S-1-5-21-2431583191-4286240723-2257015007-1006] ACHTUNG ==> Standard URLSearchHook fehlt
SearchScopes: HKLM -> {61CFDC68-4ACC-4310-8EE4-7BF84C54BB97} URL = hxxp://www.google.com/
SearchScopes: HKLM-x32 -> {61CFDC68-4ACC-4310-8EE4-7BF84C54BB97} URL = hxxp://www.google.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2431583191-4286240723-2257015007-1001 -> DefaultScope {61CFDC68-4ACC-4310-8EE4-7BF84C54BB97} URL = hxxp://www.google.com/
SearchScopes: HKU\S-1-5-21-2431583191-4286240723-2257015007-1001 -> {61CFDC68-4ACC-4310-8EE4-7BF84C54BB97} URL = hxxp://www.google.com/
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-01-16] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-21] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-21] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-01-16] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-21] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-21] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-05-28] (Kaspersky Lab ZAO)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ED5A56CF-7645-42B4-AB56-6FA3BBF58E32}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Ibrahim\AppData\Roaming\Mozilla\Firefox\Profiles\uj57y9ss.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-16] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: YouTube™ Flash® Player - C:\Users\Ibrahim\AppData\Roaming\Mozilla\Firefox\Profiles\uj57y9ss.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2015-05-17]
FF Extension: SmartVideo For YouTube - C:\Users\Ibrahim\AppData\Roaming\Mozilla\Firefox\Profiles\uj57y9ss.default\Extensions\mytube@ashishmishra.in.xpi [2015-02-24]
FF Extension: Adblock Plus - C:\Users\Ibrahim\AppData\Roaming\Mozilla\Firefox\Profiles\uj57y9ss.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-15]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2015-01-14]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-01-14]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2015-01-14]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2015-01-14]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2015-01-14]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-01-16]

Chrome: 
=======
CHR Profile: C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-16]
CHR Extension: (Google Docs) - C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-16]
CHR Extension: (Google Drive) - C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-16]
CHR Extension: (Kaspersky Protection) - C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2015-01-16]
CHR Extension: (YouTube) - C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-16]
CHR Extension: (Google Search) - C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-16]
CHR Extension: (Google Sheets) - C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-16]
CHR Extension: (AdBlock) - C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-16]
CHR Extension: (Virtual Keyboard) - C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2015-01-16]
CHR Extension: (Google Wallet) - C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-16]
CHR Extension: (Gmail) - C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-16]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2014-05-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [112640 2014-09-15] () [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2014-05-28] (Kaspersky Lab ZAO)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [367616 2014-10-20] (Razer Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [293088 2014-09-16] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 ArvoFltr; C:\Windows\system32\drivers\ArvoFltr.sys [15872 2009-05-06] (ROCCAT Development, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-05-28] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-05-28] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-05-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-05-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-05-28] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [77680 2015-08-04] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-05-28] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 GPU-Z; \??\C:\Users\Ibrahim\AppData\Local\Temp\GPU-Z.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-04 07:20 - 2015-08-04 07:21 - 00024067 _____ C:\Users\Ibrahim\Downloads\FRST.txt
2015-08-04 07:20 - 2015-08-04 07:21 - 00000000 ____D C:\FRST
2015-08-04 07:20 - 2015-08-04 07:20 - 02169856 _____ (Farbar) C:\Users\Ibrahim\Downloads\FRST64.exe
2015-08-04 06:21 - 2015-08-04 07:20 - 00164186 _____ C:\Users\Ibrahim\Desktop\external.txt
2015-08-04 06:19 - 2015-08-04 06:20 - 00001897 _____ C:\Users\Ibrahim\Desktop\ping.txt
2015-08-04 06:07 - 2015-08-04 06:07 - 00000364 _____ C:\Windows\PFRO.log
2015-08-04 06:07 - 2015-08-04 06:07 - 00000116 _____ C:\Windows\setupact.log
2015-08-04 06:07 - 2015-08-04 06:07 - 00000000 _____ C:\Windows\setuperr.log
2015-08-04 05:53 - 2015-08-04 05:54 - 00123310 _____ C:\Users\Ibrahim\Documents\cc_20150804_055352.reg
2015-08-04 05:52 - 2015-08-04 05:52 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-08-04 05:51 - 2015-08-04 05:51 - 05375464 _____ (Piriform Ltd) C:\Users\Ibrahim\Downloads\ccsetup508_slim.exe
2015-08-04 05:51 - 2015-08-04 05:51 - 00000840 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-08-04 05:51 - 2015-08-04 05:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-04 05:51 - 2015-08-04 05:51 - 00000000 ____D C:\Program Files\CCleaner
2015-08-04 05:40 - 2015-08-04 06:45 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-04 05:40 - 2015-08-04 05:40 - 00001124 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-04 05:40 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-04 05:40 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-04 05:40 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-04 05:36 - 2015-08-04 05:37 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Ibrahim\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-04 04:07 - 2015-08-04 04:07 - 00000231 _____ C:\ProgramData\SYSTEM_CLEANER_HISTORY.xml
2015-08-04 04:06 - 2015-08-04 04:11 - 00000000 ____D C:\ProgramData\Backup
2015-08-04 04:03 - 2015-08-04 04:17 - 00000000 ____D C:\Program Files (x86)\RegInOut System Utilities
2015-08-04 04:03 - 2015-08-04 04:03 - 00000000 ____D C:\ProgramData\RegInOut
2015-08-04 03:12 - 2015-08-04 03:12 - 00001359 _____ C:\Users\Ibrahim\Desktop\JRT.txt
2015-08-04 02:57 - 2015-08-04 02:57 - 04971741 _____ (CheeseSoft Inc. ) C:\Users\Ibrahim\Downloads\RegistryEasy.exe.part
2015-08-04 02:54 - 2015-08-04 05:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-04 02:54 - 2015-08-04 05:40 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-04 02:54 - 2015-08-04 02:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-04 02:42 - 2015-08-04 02:42 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-07-29 22:26 - 2015-08-04 04:19 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-25 01:00 - 2015-07-25 01:00 - 00000812 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-07-25 00:59 - 2015-08-04 04:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-07-21 11:07 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 11:07 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 11:07 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 11:07 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-15 09:22 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 09:22 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 09:22 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 09:22 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 09:22 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 09:22 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 09:22 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 09:22 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 09:15 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 09:15 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 09:15 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 09:15 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 09:15 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 09:15 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 09:15 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 09:15 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 09:15 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 09:15 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 09:15 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 09:15 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 09:15 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 09:15 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 09:15 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 09:15 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 09:14 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 09:14 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 09:14 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 09:14 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 09:14 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 09:14 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 09:14 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 09:14 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 09:14 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 09:14 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 09:14 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 09:14 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 09:14 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 09:14 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 09:14 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 09:14 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 09:14 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 09:14 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 09:14 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 09:14 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 09:14 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 09:14 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 09:14 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 09:14 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-15 09:14 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-15 09:14 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-15 09:14 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-15 09:14 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 09:14 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-15 09:14 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-15 09:14 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-15 09:13 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 09:13 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 09:13 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 09:13 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 09:13 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 09:13 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 09:13 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 09:13 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 09:13 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-15 09:13 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-15 09:13 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-15 09:13 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-15 09:13 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-15 09:13 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-15 09:13 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-15 09:12 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 09:12 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 09:12 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 09:12 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 09:12 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-15 09:12 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-15 09:10 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 09:10 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 09:10 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 09:10 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 09:10 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 09:10 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 09:10 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 09:10 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 09:10 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 09:10 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 09:10 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 09:10 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 09:10 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 09:10 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 09:10 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 09:10 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 09:10 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 09:10 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 09:10 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 09:10 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 09:10 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 09:10 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 09:10 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 09:10 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 09:10 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 09:10 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 09:10 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 09:10 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 09:10 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 09:10 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 09:10 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 09:10 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 09:10 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 09:02 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 09:02 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 09:02 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 09:02 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 09:02 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-15 09:02 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-15 09:02 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-15 09:02 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-15 09:02 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-15 09:01 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 09:01 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-15 09:01 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 09:01 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 09:01 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-12 20:29 - 2015-07-12 20:29 - 00100122 _____ C:\Users\Ibrahim\Downloads\bewerbung aes.zip
2015-07-12 17:42 - 2015-07-12 17:42 - 00078356 _____ C:\Users\Ibrahim\Downloads\Bewerbung APG.zip
2015-07-12 16:56 - 2015-07-12 16:56 - 00140487 _____ C:\Users\Ibrahim\Downloads\lebenslauf(1).zip
2015-07-12 16:56 - 2015-07-12 16:56 - 00077864 _____ C:\Users\Ibrahim\Downloads\bewerbungsschreiben.zip
2015-07-12 16:53 - 2015-07-12 16:53 - 00303615 _____ C:\Users\Ibrahim\Downloads\Lebenslauf+Motivationsschreiben.zip
2015-07-10 19:28 - 2015-08-01 04:16 - 00000000 ___HD C:\$Windows.~BT
2015-07-10 15:23 - 2015-08-04 05:42 - 00000000 ____D C:\AdwCleaner
2015-07-10 15:22 - 2015-07-10 15:22 - 02248704 _____ C:\Users\Ibrahim\Downloads\adwcleaner_4.208.exe
2015-07-09 15:56 - 2015-07-09 15:56 - 00339659 _____ C:\Users\Ibrahim\Downloads\motivationsschreiben.zip
2015-07-09 15:56 - 2015-07-09 15:56 - 00140175 _____ C:\Users\Ibrahim\Downloads\Lebenslauf.zip
2015-07-09 15:42 - 2015-07-31 02:17 - 00000000 ____D C:\Users\Ibrahim\Desktop\Bewerbung
2015-07-09 14:34 - 2015-07-09 14:53 - 00000000 ____D C:\Users\Ibrahim\Desktop\Bilder

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-04 07:09 - 2015-01-14 10:33 - 01181937 _____ C:\Windows\WindowsUpdate.log
2015-08-04 07:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-04 07:08 - 2015-01-14 10:38 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2431583191-4286240723-2257015007-1001
2015-08-04 07:00 - 2015-01-16 16:55 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-04 07:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-04 06:40 - 2015-01-14 11:15 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-08-04 06:38 - 2015-01-15 11:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-04 06:20 - 2015-01-20 05:54 - 00000000 ____D C:\Users\Ibrahim\AppData\Roaming\ClassicShell
2015-08-04 06:13 - 2015-01-14 10:32 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-04 06:13 - 2013-08-23 01:24 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-08-04 06:13 - 2013-08-23 01:24 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-08-04 06:09 - 2015-01-15 11:01 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-08-04 06:07 - 2015-05-30 22:06 - 00000000 ____D C:\Users\Ibrahim\Documents\Entropia Tracker
2015-08-04 06:07 - 2015-01-16 16:55 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-04 06:07 - 2015-01-14 11:04 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-08-04 06:07 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-04 06:07 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-04 05:53 - 2015-06-19 23:45 - 00000000 ____D C:\Windows\Minidump
2015-08-04 05:53 - 2015-03-30 19:17 - 00000000 ____D C:\Users\Ibrahim\AppData\Roaming\TS3Client
2015-08-04 05:53 - 2015-01-14 10:26 - 00000000 ____D C:\Windows\Panther
2015-08-04 05:43 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-08-04 04:38 - 2014-05-28 17:38 - 00077680 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwfp.sys
2015-08-04 04:22 - 2015-04-05 21:23 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-08-04 04:22 - 2015-04-05 21:23 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-04 04:22 - 2015-03-05 00:33 - 00000000 ____D C:\Program Files\Bonjour
2015-08-04 04:22 - 2015-03-01 20:21 - 00000000 ____D C:\Users\postgres
2015-08-04 04:22 - 2015-01-19 06:58 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-04 04:22 - 2015-01-19 06:58 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-04 04:22 - 2015-01-14 10:33 - 00000000 ____D C:\Users\Ibrahim
2015-08-04 04:22 - 2013-08-22 17:36 - 00000000 __RSD C:\Windows\Media
2015-08-04 04:22 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-08-04 04:22 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-08-04 04:22 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\WinMetadata
2015-08-04 04:22 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-04 04:22 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-04 04:22 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-04 04:21 - 2015-06-12 15:01 - 00000000 ____D C:\Battle.net
2015-08-04 04:21 - 2015-03-30 14:21 - 00000000 ____D C:\Users\Ibrahim\Documents\Heroes of the Storm
2015-08-04 04:21 - 2015-03-05 00:33 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-04 04:21 - 2015-02-22 02:52 - 00000000 ____D C:\Program Files (x86)\KeyTweak
2015-08-04 04:21 - 2015-01-17 03:01 - 00000000 ____D C:\Users\Ibrahim\AppData\Roaming\Battle.net
2015-08-04 04:21 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration
2015-08-04 04:21 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-04 04:21 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\servicing
2015-08-04 04:20 - 2015-05-20 22:05 - 00000000 ____D C:\Users\Public\entropia universe
2015-08-04 04:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppCompat
2015-08-04 04:20 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\Sysprep
2015-08-04 01:27 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-03 21:53 - 2015-01-17 03:01 - 00000000 ____D C:\Users\Ibrahim\AppData\Local\Battle.net
2015-07-29 07:22 - 2015-05-20 22:29 - 00000000 ____D C:\Users\Ibrahim\Documents\Entropia Universe
2015-07-28 10:11 - 2015-01-14 10:44 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{287458AA-0860-45B1-9622-78AAFF9A2964}
2015-07-21 14:28 - 2013-08-22 16:44 - 00338016 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 14:28 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI(284)
2015-07-16 01:38 - 2015-01-15 11:02 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 14:38 - 2015-01-16 18:05 - 00000000 ____D C:\Windows\system32\MRT
2015-07-13 23:10 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-10 15:34 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI(265)
2015-07-09 11:00 - 2015-05-17 19:48 - 00000000 ____D C:\ProgramData\Riot Games
2015-07-07 18:10 - 2015-02-15 15:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-07 18:10 - 2015-02-15 15:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-07 14:16 - 2015-05-20 22:29 - 00000000 ____D C:\Program Files (x86)\Entropia Universe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-04 17:54 - 2015-05-04 22:54 - 0000000 _____ () C:\Users\Ibrahim\AppData\Roaming\ADF8F0174DAB4265999B9336FFF72A2D.dat
2015-01-14 15:04 - 2015-01-14 15:04 - 1065984 _____ () C:\Users\Ibrahim\AppData\Local\file__0.localstorage
2015-01-14 10:47 - 2015-01-14 10:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-04 04:07 - 2015-08-04 04:07 - 0000231 _____ () C:\ProgramData\SYSTEM_CLEANER_HISTORY.xml

==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-27 20:23

==================== Ende von log ============================
         

Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von Ibrahim (2015-08-04 07:21:20)
Gestartet von C:\Users\Ibrahim\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2431583191-4286240723-2257015007-500 - Administrator - Disabled)
Gast (S-1-5-21-2431583191-4286240723-2257015007-501 - Limited - Disabled)
Ibrahim (S-1-5-21-2431583191-4286240723-2257015007-1001 - Administrator - Enabled) => C:\Users\Ibrahim
postgres (S-1-5-21-2431583191-4286240723-2257015007-1006 - Limited - Enabled) => C:\Users\postgres

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auto Clicker v1.9 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 1.9 - MurGee.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Entropia Tracker Suite (HKU\S-1-5-21-2431583191-4286240723-2257015007-1001\...\cc766f23e758523a) (Version: 8.3.3.22 - Entropia Tracker)
Entropia Universe (HKLM-x32\...\Entropia Universe) (Version: 15.2.3.128490 - MindArk PE AB)
Free YouTube Download version 3.2.55.301 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.55.301 - DVDVideoSoft Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version:  - )
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
KeyTweak - Keyboard Remapper (remove only) (HKLM-x32\...\KeyTweak) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
PTFB Pro 4.7.1.1 (HKLM-x32\...\AFE37E47-37E7-435a-A665-729806B98AEF_is1) (Version:  - Technology Lighthouse)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.23.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E5}) (Version: 19.0.11293 - WinZip Computing, S.L. )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

15-07-2015 14:36:13 Windows Update
21-07-2015 11:23:05 Windows Update
28-07-2015 10:47:23 Windows Update
04-08-2015 00:39:42 Wiederherstellungsvorgang

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {18650692-2B05-4B92-B983-3902443F3361} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {36904DB1-76F2-4E13-8427-048DF4FD9C07} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-16] (Adobe Systems Incorporated)
Task: {52135AC7-59B3-4E6D-B713-8A42CD9A1018} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {6A915F64-9C75-4993-95F8-A906049C1DF2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {C35346CA-8361-460C-BFBC-40929D6A0DC1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {C8075971-6AB5-4AA4-8330-20600F14B1AE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-09-15 19:13 - 2014-09-15 19:13 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 08:08 - 2014-02-11 08:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 08:08 - 2014-02-11 08:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-09-15 19:09 - 2014-09-15 19:09 - 00112640 _____ () C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-15 19:13 - 2014-09-15 19:13 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-01-21 16:54 - 2015-05-17 19:48 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-07-22 13:39 - 2015-07-22 13:39 - 02354168 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.250\deploy\LoLLauncher.exe
2015-07-22 13:39 - 2015-07-22 13:39 - 03985912 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.34\deploy\LoLPatcher.exe
2015-08-04 04:48 - 2015-08-04 04:48 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.153\deploy\LolClient.exe
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2015-03-01 20:20 - 2014-02-18 10:11 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2015-03-01 20:20 - 2012-08-14 15:19 - 00999424 _____ () c:\postgreSQL\bin\libxml2.dll
2015-07-22 13:39 - 2015-07-22 13:39 - 01715704 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.34\deploy\RiotLauncher.dll
2015-08-04 04:48 - 2015-08-04 04:48 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.153\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2431583191-4286240723-2257015007-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ibrahim\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "RzWizard"
HKU\S-1-5-21-2431583191-4286240723-2257015007-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2431583191-4286240723-2257015007-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9752E280-EC17-4D05-8B28-A030A935FD8F}] => (Allow) D:\Battle.net\Hearthstone\Hearthstone.exe
FirewallRules: [{7AF3E587-2BEF-4DC2-A8AA-57210F81D887}] => (Allow) D:\Battle.net\Hearthstone\Hearthstone.exe
FirewallRules: [{DA48935F-5982-4967-BBE0-6A9B6B28895C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{53089BC9-D75A-4613-9CFB-5F6B059E3436}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{424E5C42-0886-496E-BA61-E34EACAC8567}] => (Allow) LPort=5432
FirewallRules: [{B75564FB-EAB5-44D1-9D83-90259BEF7D0C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B7409DBD-6716-4B4C-B299-BA80C085A1D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{85D9C3E6-8532-4254-8762-9E96A6FAF518}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{68E053C5-08E5-486B-88EA-B4B2D55350A7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{48C2B7D0-6434-488B-AC79-3CD9143570B5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{6B3306EC-849F-4184-A3E9-1A325FDCE7C5}] => (Allow) C:\Battle.net\Battle.net.exe
FirewallRules: [{A989A1C1-C0EA-45F8-A016-F615D572BA2E}] => (Allow) C:\Battle.net\Battle.net.exe
FirewallRules: [{EFF5D401-4E07-4E68-962F-C5E2D7BA4912}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.153\deploy
FirewallRules: [{684EABD3-5D12-4B86-8BAE-EB12566AC9D1}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.250\deploy
FirewallRules: [{9ABDAE83-3E21-48BD-800F-CA788B3C82AF}] => (Allow) C:\Riot Games\League of Legends
FirewallRules: [{5F59DEE7-217A-4BD6-BA5E-D66235AC02A6}] => (Allow) C:\Riot Games\League of Legends\RADS\system

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: High Definition Audio Bus
Description: High Definition Audio Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: AMD
Service: HDAudBus
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/04/2015 07:08:37 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (08/04/2015 06:20:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsMpEng.exe, Version: 4.7.205.0, Zeitstempel: 0x54cb5aeb
Name des fehlerhaften Moduls: mpengine.dll, Version: 1.1.9700.0, Zeitstempel: 0x51d28fcb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000005615b7
ID des fehlerhaften Prozesses: 0x1e38
Startzeit der fehlerhaften Anwendung: 0xMsMpEng.exe0
Pfad der fehlerhaften Anwendung: MsMpEng.exe1
Pfad des fehlerhaften Moduls: MsMpEng.exe2
Berichtskennung: MsMpEng.exe3
Vollständiger Name des fehlerhaften Pakets: MsMpEng.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsMpEng.exe5

Error: (08/04/2015 06:09:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "39.0.2171.99,language="*",type="win32",version="39.0.2171.99"1".
Die abhängige Assemblierung "39.0.2171.99,language="*",type="win32",version="39.0.2171.99"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/04/2015 06:09:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsMpEng.exe, Version: 4.7.205.0, Zeitstempel: 0x54cb5aeb
Name des fehlerhaften Moduls: mpengine.dll, Version: 1.1.9700.0, Zeitstempel: 0x51d28fcb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000005615b7
ID des fehlerhaften Prozesses: 0x1e3c
Startzeit der fehlerhaften Anwendung: 0xMsMpEng.exe0
Pfad der fehlerhaften Anwendung: MsMpEng.exe1
Pfad des fehlerhaften Moduls: MsMpEng.exe2
Berichtskennung: MsMpEng.exe3
Vollständiger Name des fehlerhaften Pakets: MsMpEng.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsMpEng.exe5

Error: (08/04/2015 06:08:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17924, Zeitstempel: 0x55959290
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003d85e
ID des fehlerhaften Prozesses: 0x1854
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3
Vollständiger Name des fehlerhaften Pakets: GWXUX.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GWXUX.exe5

Error: (08/04/2015 06:07:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsMpEng.exe, Version: 4.7.205.0, Zeitstempel: 0x54cb5aeb
Name des fehlerhaften Moduls: mpengine.dll, Version: 1.1.9700.0, Zeitstempel: 0x51d28fcb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000005615b7
ID des fehlerhaften Prozesses: 0xafc
Startzeit der fehlerhaften Anwendung: 0xMsMpEng.exe0
Pfad der fehlerhaften Anwendung: MsMpEng.exe1
Pfad des fehlerhaften Moduls: MsMpEng.exe2
Berichtskennung: MsMpEng.exe3
Vollständiger Name des fehlerhaften Pakets: MsMpEng.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsMpEng.exe5

Error: (08/04/2015 06:07:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "39.0.2171.99,language="*",type="win32",version="39.0.2171.99"1".
Die abhängige Assemblierung "39.0.2171.99,language="*",type="win32",version="39.0.2171.99"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/04/2015 06:07:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "39.0.2171.99,language="*",type="win32",version="39.0.2171.99"1".
Die abhängige Assemblierung "39.0.2171.99,language="*",type="win32",version="39.0.2171.99"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/04/2015 06:07:34 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-08-04 06:07:34 CESTFATAL:  the database system is starting up

Error: (08/04/2015 05:57:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsMpEng.exe, Version: 4.7.205.0, Zeitstempel: 0x54cb5aeb
Name des fehlerhaften Moduls: mpengine.dll, Version: 1.1.9700.0, Zeitstempel: 0x51d28fcb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000005615b7
ID des fehlerhaften Prozesses: 0x10f4
Startzeit der fehlerhaften Anwendung: 0xMsMpEng.exe0
Pfad der fehlerhaften Anwendung: MsMpEng.exe1
Pfad des fehlerhaften Moduls: MsMpEng.exe2
Berichtskennung: MsMpEng.exe3
Vollständiger Name des fehlerhaften Pakets: MsMpEng.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsMpEng.exe5


Systemfehler:
=============
Error: (08/04/2015 07:09:19 AM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/04/2015 07:08:49 AM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (08/04/2015 07:08:34 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070057 fehlgeschlagen: Microsoft.Reader

Error: (08/04/2015 06:20:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (08/04/2015 06:09:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/04/2015 06:07:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/04/2015 06:07:25 AM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x12

Error: (08/04/2015 05:57:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (08/04/2015 05:56:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/04/2015 05:45:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (08/04/2015 07:08:37 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WiederherstellungFalscher Parameter. (0x80070057)

Error: (08/04/2015 06:20:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.9700.051d28fcbc000000500000000005615b71e3801d0ce6b71136befC:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\mpengine.dll160ee42d-3a60-11e5-82a3-d8cb8a158164

Error: (08/04/2015 06:09:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: 39.0.2171.99,language="*",type="win32",version="39.0.2171.99"D:\Google\Chrome\Application\chrome.exe

Error: (08/04/2015 06:09:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.9700.051d28fcbc000000500000000005615b71e3c01d0ce6b44167f0fC:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\mpengine.dll8aee093c-3a5e-11e5-82a3-d8cb8a158164

Error: (08/04/2015 06:08:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.1792455959290ntdll.dll6.3.9600.17736550f4336c0000005000000000003d85e185401d0ce6b28c882b2C:\Windows\System32\GWX\GWXUX.exeC:\Windows\SYSTEM32\ntdll.dll69ec098a-3a5e-11e5-82a3-d8cb8a158164

Error: (08/04/2015 06:07:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.9700.051d28fcbc000000500000000005615b7afc01d0ce6b16f2ef4fC:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\mpengine.dll5df0e526-3a5e-11e5-82a3-d8cb8a158164

Error: (08/04/2015 06:07:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: 39.0.2171.99,language="*",type="win32",version="39.0.2171.99"D:\Google\Chrome\Application\chrome.exe

Error: (08/04/2015 06:07:43 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: 39.0.2171.99,language="*",type="win32",version="39.0.2171.99"D:\Google\Chrome\Application\chrome.exe

Error: (08/04/2015 06:07:34 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-08-04 06:07:34 CESTFATAL:  the database system is starting up

Error: (08/04/2015 05:57:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.9700.051d28fcbc000000500000000005615b710f401d0ce69a3a932f8C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\mpengine.dllfb398773-3a5c-11e5-82a2-d8cb8a158164


==================== Speicherinformationen =========================== 

Processor: AMD FX(tm)-6300 Six-Core Processor 
Percentage of memory in use: 20%
Total physical RAM: 16347.95 MB
Available physical RAM: 13034.49 MB
Total Virtual: 18779.95 MB
Available Virtual: 14833.78 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:111.27 GB) (Free:43.64 GB) NTFS
Drive d: (Daten) (Fixed) (Total:929.37 GB) (Free:891.62 GB) NTFS
Drive e: (HI-TECH Treiber) (Fixed) (Total:2.02 GB) (Free:1.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== Ende von log ============================
         


Vielen Dank das ich euch die Zeit nimmt!

Alt 04.08.2015, 07:58   #2
orhanzo
 
Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit - Standard

Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit



Gmer:

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-04 07:32:17
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000029 Crucial_CT120M500SSD1 rev.MU05 111,79GB
Running: Gmer-19357.exe; Driver: C:\Users\Ibrahim\AppData\Local\Temp\pgldapow.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\Windows\System32\win32k.sys!W32pServiceTable                                                                                                              fffff96000213600 15 bytes [00, 96, F2, 01, 00, 6A, 6C, ...]
.text   C:\Windows\System32\win32k.sys!W32pServiceTable + 16                                                                                                         fffff96000213610 11 bytes [00, D7, FB, FF, 00, 7B, D1, ...]

---- User code sections - GMER 2.1 ----

.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlDecompressBuffer + 132                                             00007ffcb4fc4b04 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlPrefixString + 316                                                 00007ffcb4fc4f2c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!TpAllocIoCompletion + 710                                             00007ffcb4fc5206 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlWaitForWnfMetaNotification + 479                                   00007ffcb4fc53ff 8 bytes {JMP 0xffffffffffffffee}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlUserThreadStart + 911                                              00007ffcb4fc579f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!TpAllocWork + 420                                                     00007ffcb4fc5954 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlWaitOnAddress + 657                                                00007ffcb4fc5ef1 8 bytes {JMP 0xffffffffffffff9e}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlUnsubscribeWnfNotificationWaitForCompletion + 78                   00007ffcb4fc5f4e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlWakeAddressAll + 399                                               00007ffcb4fc60ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlUnsubscribeWnfStateChangeNotification + 977                        00007ffcb4fc64d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!TpSimpleTryPost + 310                                                 00007ffcb4fc6616 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!TpSimpleTryPost + 491                                                 00007ffcb4fc66cb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlReportSilentProcessExit + 359                                      00007ffcb4fc8397 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!LdrFindEntryForAddress + 67                                           00007ffcb4fc8a13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!LdrFindEntryForAddress + 864                                          00007ffcb4fc8d30 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!LdrGetDllHandleByName + 143                                           00007ffcb4fc8e9f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!LdrInitializeThunk + 510                                              00007ffcb4fc90ae 8 bytes {JMP 0xffffffffffffff96}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!LdrInitializeThunk + 715                                              00007ffcb4fc917b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlQueueWorkItem + 772                                                00007ffcb4fc9d14 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!LdrAddRefDll + 685                                                    00007ffcb4fc9fcd 8 bytes {JMP 0xffffffffffffffaf}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 352                                               00007ffcb4fcaae0 8 bytes {JMP 0xffffffffffffffcd}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 488                                               00007ffcb4fcab68 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                          * 3
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlGetVersion + 565                                                   00007ffcb4fcb2e5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlGetNtProductType + 78                                              00007ffcb4fcb33e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll + 311                                                    00007ffcb4fcc4d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll + 528                                                    00007ffcb4fcc5b0 8 bytes {JMP 0xffffffffffffffc7}
.text   ...                                                                                                                                                          * 2
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlAllocateActivationContextStack + 579                               00007ffcb4fcd0d3 8 bytes {JMP 0xffffffffffffffef}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlFreeThreadActivationContextStack + 47                              00007ffcb4fcd10f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlProcessFlsData + 495                                               00007ffcb4fcd57f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlDetectHeapLeaks + 43                                               00007ffcb4fcd6eb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlDetectHeapLeaks + 456                                              00007ffcb4fcd888 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseWait + 180                                                   00007ffcb4fcd944 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlRegisterWait + 596                                                 00007ffcb4fcdba4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!TpAllocWait + 424                                                     00007ffcb4fcdd58 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!TpSetWaitEx + 771                                                     00007ffcb4fce073 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!TpSetWaitEx + 948                                                     00007ffcb4fce124 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!EtwRegisterTraceGuidsA + 48                                           00007ffcb4fce160 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlRandomEx + 756                                                     00007ffcb4fceb74 8 bytes {JMP 0xffffffffffffffd0}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteFunctionTable + 371                                          00007ffcb4fcfe63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlAddFunctionTable + 556                                             00007ffcb4fd009c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlProtectHeap + 171                                                  00007ffcb4fd015b 8 bytes [70, 6C, 68, FF, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlInitializeCriticalSectionEx + 744                                  00007ffcb4fd1438 8 bytes [40, 6C, 68, FF, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!EtwRegisterTraceGuidsW + 214                                          00007ffcb4fd15e6 8 bytes [30, 6C, 68, FF, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!EtwNotificationRegister + 567                                         00007ffcb4fd1877 8 bytes [20, 6C, 68, FF, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlDllShutdownInProgress + 429                                        00007ffcb4fd1a2d 8 bytes [10, 6C, 68, FF, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!RtlRunOnceExecuteOnce + 213                                           00007ffcb4fd1c35 8 bytes [00, 6C, 68, FF, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                00007ffcb5041290 8 bytes {JMP QWORD [RIP-0x6fe5e]}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                                              00007ffcb5041410 8 bytes {JMP QWORD [RIP-0x6fe30]}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                    00007ffcb5041440 8 bytes {JMP QWORD [RIP-0x712eb]}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                  00007ffcb5041560 8 bytes {JMP QWORD [RIP-0x70c1e]}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                                      00007ffcb5041610 8 bytes {JMP QWORD [RIP-0x71122]}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                                      00007ffcb5041cd0 8 bytes {JMP QWORD [RIP-0x700a1]}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                                    00007ffcb5041fd0 8 bytes {JMP QWORD [RIP-0x705a9]}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                                    00007ffcb5042850 8 bytes {JMP QWORD [RIP-0x70fdf]}
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\system32\wow64cpu.dll!CpuSetContext + 438                                                00000000776913f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\system32\wow64cpu.dll!CpuGetContext + 387                                                0000000077691583 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\system32\wow64cpu.dll!CpuSetInstructionPointer + 49                                      0000000077691621 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\system32\wow64cpu.dll!CpuProcessInit + 68                                                0000000077691674 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\system32\wow64cpu.dll!CpuGetStackPointer + 23                                            00000000776916d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 9                                        00000000776916e9 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 71                                       0000000077691727 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                          * 7
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\system32\wow64cpu.dll!CpuFlushInstructionCache + 16                                      00000000776925d0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\system32\wow64cpu.dll!CpuInitializeStartupContext + 308                                  0000000077692714 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\system32\wow64cpu.dll!CpuResetToConsistentState + 529                                    0000000077692961 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\firefox.exe[6208] C:\Windows\system32\wow64cpu.dll!CpuProcessTerm + 595                                               0000000077692bd3 8 bytes [DC, 6A, 68, FF, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlDecompressBuffer + 132                                    00007ffcb4fc4b04 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlPrefixString + 316                                        00007ffcb4fc4f2c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!TpAllocIoCompletion + 710                                    00007ffcb4fc5206 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlWaitForWnfMetaNotification + 479                          00007ffcb4fc53ff 8 bytes {JMP 0xffffffffffffffee}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlUserThreadStart + 911                                     00007ffcb4fc579f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!TpAllocWork + 420                                            00007ffcb4fc5954 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlWaitOnAddress + 657                                       00007ffcb4fc5ef1 8 bytes {JMP 0xffffffffffffff9e}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlUnsubscribeWnfNotificationWaitForCompletion + 78          00007ffcb4fc5f4e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlWakeAddressAll + 399                                      00007ffcb4fc60ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlUnsubscribeWnfStateChangeNotification + 977               00007ffcb4fc64d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!TpSimpleTryPost + 310                                        00007ffcb4fc6616 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!TpSimpleTryPost + 491                                        00007ffcb4fc66cb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlReportSilentProcessExit + 359                             00007ffcb4fc8397 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!LdrFindEntryForAddress + 67                                  00007ffcb4fc8a13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!LdrFindEntryForAddress + 864                                 00007ffcb4fc8d30 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!LdrGetDllHandleByName + 143                                  00007ffcb4fc8e9f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!LdrInitializeThunk + 510                                     00007ffcb4fc90ae 8 bytes {JMP 0xffffffffffffff96}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!LdrInitializeThunk + 715                                     00007ffcb4fc917b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlQueueWorkItem + 772                                       00007ffcb4fc9d14 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!LdrAddRefDll + 685                                           00007ffcb4fc9fcd 8 bytes {JMP 0xffffffffffffffaf}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 352                                      00007ffcb4fcaae0 8 bytes {JMP 0xffffffffffffffcd}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 488                                      00007ffcb4fcab68 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                          * 3
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlGetVersion + 565                                          00007ffcb4fcb2e5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlGetNtProductType + 78                                     00007ffcb4fcb33e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll + 311                                           00007ffcb4fcc4d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll + 528                                           00007ffcb4fcc5b0 8 bytes {JMP 0xffffffffffffffc7}
.text   ...                                                                                                                                                          * 2
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlAllocateActivationContextStack + 579                      00007ffcb4fcd0d3 8 bytes {JMP 0xffffffffffffffef}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlFreeThreadActivationContextStack + 47                     00007ffcb4fcd10f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlProcessFlsData + 495                                      00007ffcb4fcd57f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlDetectHeapLeaks + 43                                      00007ffcb4fcd6eb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlDetectHeapLeaks + 456                                     00007ffcb4fcd888 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseWait + 180                                          00007ffcb4fcd944 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlRegisterWait + 596                                        00007ffcb4fcdba4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!TpAllocWait + 424                                            00007ffcb4fcdd58 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!TpSetWaitEx + 771                                            00007ffcb4fce073 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!TpSetWaitEx + 948                                            00007ffcb4fce124 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!EtwRegisterTraceGuidsA + 48                                  00007ffcb4fce160 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlRandomEx + 756                                            00007ffcb4fceb74 8 bytes {JMP 0xffffffffffffffd0}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteFunctionTable + 371                                 00007ffcb4fcfe63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlAddFunctionTable + 556                                    00007ffcb4fd009c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlProtectHeap + 171                                         00007ffcb4fd015b 8 bytes [70, 6C, B5, FF, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlInitializeCriticalSectionEx + 744                         00007ffcb4fd1438 8 bytes [40, 6C, B5, FF, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!EtwRegisterTraceGuidsW + 214                                 00007ffcb4fd15e6 8 bytes [30, 6C, B5, FF, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!EtwNotificationRegister + 567                                00007ffcb4fd1877 8 bytes [20, 6C, B5, FF, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlDllShutdownInProgress + 429                               00007ffcb4fd1a2d 8 bytes [10, 6C, B5, FF, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!RtlRunOnceExecuteOnce + 213                                  00007ffcb4fd1c35 8 bytes [00, 6C, B5, FF, 00, 00, 00, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                       00007ffcb5041290 8 bytes {JMP QWORD [RIP-0x6fe5e]}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                                     00007ffcb5041410 8 bytes {JMP QWORD [RIP-0x6fe30]}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                           00007ffcb5041440 8 bytes {JMP QWORD [RIP-0x712eb]}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                         00007ffcb5041560 8 bytes {JMP QWORD [RIP-0x70c1e]}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                             00007ffcb5041610 8 bytes {JMP QWORD [RIP-0x71122]}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                             00007ffcb5041cd0 8 bytes {JMP QWORD [RIP-0x700a1]}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                           00007ffcb5041fd0 8 bytes {JMP QWORD [RIP-0x705a9]}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                           00007ffcb5042850 8 bytes {JMP QWORD [RIP-0x70fdf]}
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\system32\wow64cpu.dll!CpuSetContext + 438                                       00000000776913f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\system32\wow64cpu.dll!CpuGetContext + 387                                       0000000077691583 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\system32\wow64cpu.dll!CpuSetInstructionPointer + 49                             0000000077691621 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\system32\wow64cpu.dll!CpuProcessInit + 68                                       0000000077691674 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\system32\wow64cpu.dll!CpuGetStackPointer + 23                                   00000000776916d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 9                               00000000776916e9 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 71                              0000000077691727 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                          * 7
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\system32\wow64cpu.dll!CpuFlushInstructionCache + 16                             00000000776925d0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\system32\wow64cpu.dll!CpuInitializeStartupContext + 308                         0000000077692714 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\system32\wow64cpu.dll!CpuResetToConsistentState + 529                           0000000077692961 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe[7712] C:\Windows\system32\wow64cpu.dll!CpuProcessTerm + 595                                      0000000077692bd3 8 bytes [DC, 6A, B5, FF, 00, 00, 00, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlDecompressBuffer + 132                            00007ffcb4fc4b04 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlPrefixString + 316                                00007ffcb4fc4f2c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!TpAllocIoCompletion + 710                            00007ffcb4fc5206 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlWaitForWnfMetaNotification + 479                  00007ffcb4fc53ff 8 bytes {JMP 0xffffffffffffffee}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlUserThreadStart + 911                             00007ffcb4fc579f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!TpAllocWork + 420                                    00007ffcb4fc5954 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlWaitOnAddress + 657                               00007ffcb4fc5ef1 8 bytes {JMP 0xffffffffffffff9e}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlUnsubscribeWnfNotificationWaitForCompletion + 78  00007ffcb4fc5f4e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlWakeAddressAll + 399                              00007ffcb4fc60ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlUnsubscribeWnfStateChangeNotification + 977       00007ffcb4fc64d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!TpSimpleTryPost + 310                                00007ffcb4fc6616 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!TpSimpleTryPost + 491                                00007ffcb4fc66cb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlReportSilentProcessExit + 359                     00007ffcb4fc8397 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!LdrFindEntryForAddress + 67                          00007ffcb4fc8a13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!LdrFindEntryForAddress + 864                         00007ffcb4fc8d30 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!LdrGetDllHandleByName + 143                          00007ffcb4fc8e9f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!LdrInitializeThunk + 510                             00007ffcb4fc90ae 8 bytes {JMP 0xffffffffffffff96}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!LdrInitializeThunk + 715                             00007ffcb4fc917b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlQueueWorkItem + 772                               00007ffcb4fc9d14 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!LdrAddRefDll + 685                                   00007ffcb4fc9fcd 8 bytes {JMP 0xffffffffffffffaf}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 352                              00007ffcb4fcaae0 8 bytes {JMP 0xffffffffffffffcd}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 488                              00007ffcb4fcab68 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                          * 3
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlGetVersion + 565                                  00007ffcb4fcb2e5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlGetNtProductType + 78                             00007ffcb4fcb33e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll + 311                                   00007ffcb4fcc4d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll + 528                                   00007ffcb4fcc5b0 8 bytes {JMP 0xffffffffffffffc7}
.text   ...                                                                                                                                                          * 2
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlAllocateActivationContextStack + 579              00007ffcb4fcd0d3 8 bytes {JMP 0xffffffffffffffef}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlFreeThreadActivationContextStack + 47             00007ffcb4fcd10f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlProcessFlsData + 495                              00007ffcb4fcd57f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlDetectHeapLeaks + 43                              00007ffcb4fcd6eb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlDetectHeapLeaks + 456                             00007ffcb4fcd888 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseWait + 180                                  00007ffcb4fcd944 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlRegisterWait + 596                                00007ffcb4fcdba4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!TpAllocWait + 424                                    00007ffcb4fcdd58 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!TpSetWaitEx + 771                                    00007ffcb4fce073 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!TpSetWaitEx + 948                                    00007ffcb4fce124 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!EtwRegisterTraceGuidsA + 48                          00007ffcb4fce160 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlRandomEx + 756                                    00007ffcb4fceb74 8 bytes {JMP 0xffffffffffffffd0}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteFunctionTable + 371                         00007ffcb4fcfe63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlAddFunctionTable + 556                            00007ffcb4fd009c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlProtectHeap + 171                                 00007ffcb4fd015b 8 bytes [70, 6C, 44, FF, 00, 00, 00, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlInitializeCriticalSectionEx + 744                 00007ffcb4fd1438 8 bytes [40, 6C, 44, FF, 00, 00, 00, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!EtwRegisterTraceGuidsW + 214                         00007ffcb4fd15e6 8 bytes [30, 6C, 44, FF, 00, 00, 00, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!EtwNotificationRegister + 567                        00007ffcb4fd1877 8 bytes [20, 6C, 44, FF, 00, 00, 00, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlDllShutdownInProgress + 429                       00007ffcb4fd1a2d 8 bytes [10, 6C, 44, FF, 00, 00, 00, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!RtlRunOnceExecuteOnce + 213                          00007ffcb4fd1c35 8 bytes [00, 6C, 44, FF, 00, 00, 00, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                               00007ffcb5041290 8 bytes {JMP QWORD [RIP-0x6fe5e]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                             00007ffcb5041410 8 bytes {JMP QWORD [RIP-0x6fe30]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                   00007ffcb5041440 8 bytes {JMP QWORD [RIP-0x712eb]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                 00007ffcb5041560 8 bytes {JMP QWORD [RIP-0x70c1e]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                     00007ffcb5041610 8 bytes {JMP QWORD [RIP-0x71122]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                     00007ffcb5041cd0 8 bytes {JMP QWORD [RIP-0x700a1]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                   00007ffcb5041fd0 8 bytes {JMP QWORD [RIP-0x705a9]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                   00007ffcb5042850 8 bytes {JMP QWORD [RIP-0x70fdf]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\system32\wow64cpu.dll!CpuSetContext + 438                               00000000776913f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\system32\wow64cpu.dll!CpuGetContext + 387                               0000000077691583 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\system32\wow64cpu.dll!CpuSetInstructionPointer + 49                     0000000077691621 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\system32\wow64cpu.dll!CpuProcessInit + 68                               0000000077691674 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\system32\wow64cpu.dll!CpuGetStackPointer + 23                           00000000776916d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 9                       00000000776916e9 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 71                      0000000077691727 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                          * 7
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\system32\wow64cpu.dll!CpuFlushInstructionCache + 16                     00000000776925d0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\system32\wow64cpu.dll!CpuInitializeStartupContext + 308                 0000000077692714 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\system32\wow64cpu.dll!CpuResetToConsistentState + 529                   0000000077692961 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8000] C:\Windows\system32\wow64cpu.dll!CpuProcessTerm + 595                              0000000077692bd3 8 bytes [DC, 6A, 44, FF, 00, 00, 00, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlDecompressBuffer + 132                            00007ffcb4fc4b04 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlPrefixString + 316                                00007ffcb4fc4f2c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!TpAllocIoCompletion + 710                            00007ffcb4fc5206 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlWaitForWnfMetaNotification + 479                  00007ffcb4fc53ff 8 bytes {JMP 0xffffffffffffffee}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlUserThreadStart + 911                             00007ffcb4fc579f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!TpAllocWork + 420                                    00007ffcb4fc5954 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlWaitOnAddress + 657                               00007ffcb4fc5ef1 8 bytes {JMP 0xffffffffffffff9e}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlUnsubscribeWnfNotificationWaitForCompletion + 78  00007ffcb4fc5f4e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlWakeAddressAll + 399                              00007ffcb4fc60ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlUnsubscribeWnfStateChangeNotification + 977       00007ffcb4fc64d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!TpSimpleTryPost + 310                                00007ffcb4fc6616 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!TpSimpleTryPost + 491                                00007ffcb4fc66cb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlReportSilentProcessExit + 359                     00007ffcb4fc8397 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!LdrFindEntryForAddress + 67                          00007ffcb4fc8a13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!LdrFindEntryForAddress + 864                         00007ffcb4fc8d30 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!LdrGetDllHandleByName + 143                          00007ffcb4fc8e9f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!LdrInitializeThunk + 510                             00007ffcb4fc90ae 8 bytes {JMP 0xffffffffffffff96}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!LdrInitializeThunk + 715                             00007ffcb4fc917b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlQueueWorkItem + 772                               00007ffcb4fc9d14 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!LdrAddRefDll + 685                                   00007ffcb4fc9fcd 8 bytes {JMP 0xffffffffffffffaf}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 352                              00007ffcb4fcaae0 8 bytes {JMP 0xffffffffffffffcd}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 488                              00007ffcb4fcab68 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                          * 3
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlGetVersion + 565                                  00007ffcb4fcb2e5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlGetNtProductType + 78                             00007ffcb4fcb33e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll + 311                                   00007ffcb4fcc4d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll + 528                                   00007ffcb4fcc5b0 8 bytes {JMP 0xffffffffffffffc7}
.text   ...                                                                                                                                                          * 2
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlAllocateActivationContextStack + 579              00007ffcb4fcd0d3 8 bytes {JMP 0xffffffffffffffef}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlFreeThreadActivationContextStack + 47             00007ffcb4fcd10f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlProcessFlsData + 495                              00007ffcb4fcd57f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlDetectHeapLeaks + 43                              00007ffcb4fcd6eb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlDetectHeapLeaks + 456                             00007ffcb4fcd888 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseWait + 180                                  00007ffcb4fcd944 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlRegisterWait + 596                                00007ffcb4fcdba4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!TpAllocWait + 424                                    00007ffcb4fcdd58 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!TpSetWaitEx + 771                                    00007ffcb4fce073 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!TpSetWaitEx + 948                                    00007ffcb4fce124 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!EtwRegisterTraceGuidsA + 48                          00007ffcb4fce160 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlRandomEx + 756                                    00007ffcb4fceb74 8 bytes {JMP 0xffffffffffffffd0}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteFunctionTable + 371                         00007ffcb4fcfe63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlAddFunctionTable + 556                            00007ffcb4fd009c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlProtectHeap + 171                                 00007ffcb4fd015b 8 bytes [70, 6C, 56, FE, 00, 00, 00, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlInitializeCriticalSectionEx + 744                 00007ffcb4fd1438 8 bytes [40, 6C, 56, FE, 00, 00, 00, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!EtwRegisterTraceGuidsW + 214                         00007ffcb4fd15e6 8 bytes [30, 6C, 56, FE, 00, 00, 00, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!EtwNotificationRegister + 567                        00007ffcb4fd1877 8 bytes [20, 6C, 56, FE, 00, 00, 00, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlDllShutdownInProgress + 429                       00007ffcb4fd1a2d 8 bytes [10, 6C, 56, FE, 00, 00, 00, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!RtlRunOnceExecuteOnce + 213                          00007ffcb4fd1c35 8 bytes [00, 6C, 56, FE, 00, 00, 00, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                               00007ffcb5041290 8 bytes {JMP QWORD [RIP-0x6fe5e]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                             00007ffcb5041410 8 bytes {JMP QWORD [RIP-0x6fe30]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                   00007ffcb5041440 8 bytes {JMP QWORD [RIP-0x712eb]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                 00007ffcb5041560 8 bytes {JMP QWORD [RIP-0x70c1e]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                     00007ffcb5041610 8 bytes {JMP QWORD [RIP-0x71122]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                     00007ffcb5041cd0 8 bytes {JMP QWORD [RIP-0x700a1]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                   00007ffcb5041fd0 8 bytes {JMP QWORD [RIP-0x705a9]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                   00007ffcb5042850 8 bytes {JMP QWORD [RIP-0x70fdf]}
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\system32\wow64cpu.dll!CpuSetContext + 438                               00000000776913f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\system32\wow64cpu.dll!CpuGetContext + 387                               0000000077691583 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\system32\wow64cpu.dll!CpuSetInstructionPointer + 49                     0000000077691621 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\system32\wow64cpu.dll!CpuProcessInit + 68                               0000000077691674 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\system32\wow64cpu.dll!CpuGetStackPointer + 23                           00000000776916d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 9                       00000000776916e9 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 71                      0000000077691727 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                          * 7
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\system32\wow64cpu.dll!CpuFlushInstructionCache + 16                     00000000776925d0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\system32\wow64cpu.dll!CpuInitializeStartupContext + 308                 0000000077692714 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\system32\wow64cpu.dll!CpuResetToConsistentState + 529                   0000000077692961 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe[8120] C:\Windows\system32\wow64cpu.dll!CpuProcessTerm + 595                              0000000077692bd3 8 bytes [DC, 6A, 56, FE, 00, 00, 00, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlDecompressBuffer + 132                                                      00007ffcb4fc4b04 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlPrefixString + 316                                                          00007ffcb4fc4f2c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!TpAllocIoCompletion + 710                                                      00007ffcb4fc5206 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlWaitForWnfMetaNotification + 479                                            00007ffcb4fc53ff 8 bytes {JMP 0xffffffffffffffee}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlUserThreadStart + 911                                                       00007ffcb4fc579f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!TpAllocWork + 420                                                              00007ffcb4fc5954 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlWaitOnAddress + 657                                                         00007ffcb4fc5ef1 8 bytes {JMP 0xffffffffffffff9e}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlUnsubscribeWnfNotificationWaitForCompletion + 78                            00007ffcb4fc5f4e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlWakeAddressAll + 399                                                        00007ffcb4fc60ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlUnsubscribeWnfStateChangeNotification + 977                                 00007ffcb4fc64d1 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!TpSimpleTryPost + 310                                                          00007ffcb4fc6616 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!TpSimpleTryPost + 491                                                          00007ffcb4fc66cb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlReportSilentProcessExit + 359                                               00007ffcb4fc8397 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!LdrFindEntryForAddress + 67                                                    00007ffcb4fc8a13 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!LdrFindEntryForAddress + 864                                                   00007ffcb4fc8d30 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!LdrGetDllHandleByName + 143                                                    00007ffcb4fc8e9f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!LdrInitializeThunk + 510                                                       00007ffcb4fc90ae 8 bytes {JMP 0xffffffffffffff96}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!LdrInitializeThunk + 715                                                       00007ffcb4fc917b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlQueueWorkItem + 772                                                         00007ffcb4fc9d14 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!LdrAddRefDll + 685                                                             00007ffcb4fc9fcd 8 bytes {JMP 0xffffffffffffffaf}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 352                                                        00007ffcb4fcaae0 8 bytes {JMP 0xffffffffffffffcd}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!SbSelectProcedure + 488                                                        00007ffcb4fcab68 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                          * 3
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlGetVersion + 565                                                            00007ffcb4fcb2e5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlGetNtProductType + 78                                                       00007ffcb4fcb33e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll + 311                                                             00007ffcb4fcc4d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll + 528                                                             00007ffcb4fcc5b0 8 bytes {JMP 0xffffffffffffffc7}
.text   ...                                                                                                                                                          * 2
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlAllocateActivationContextStack + 579                                        00007ffcb4fcd0d3 8 bytes {JMP 0xffffffffffffffef}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlFreeThreadActivationContextStack + 47                                       00007ffcb4fcd10f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlProcessFlsData + 495                                                        00007ffcb4fcd57f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlDetectHeapLeaks + 43                                                        00007ffcb4fcd6eb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlDetectHeapLeaks + 456                                                       00007ffcb4fcd888 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseWait + 180                                                            00007ffcb4fcd944 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlRegisterWait + 596                                                          00007ffcb4fcdba4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!TpAllocWait + 424                                                              00007ffcb4fcdd58 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!TpSetWaitEx + 771                                                              00007ffcb4fce073 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!TpSetWaitEx + 948                                                              00007ffcb4fce124 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!EtwRegisterTraceGuidsA + 48                                                    00007ffcb4fce160 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlRandomEx + 756                                                              00007ffcb4fceb74 8 bytes {JMP 0xffffffffffffffd0}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteFunctionTable + 371                                                   00007ffcb4fcfe63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlAddFunctionTable + 556                                                      00007ffcb4fd009c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlProtectHeap + 171                                                           00007ffcb4fd015b 8 bytes [70, 6C, F8, 7F, 00, 00, 00, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlInitializeCriticalSectionEx + 744                                           00007ffcb4fd1438 8 bytes [40, 6C, F8, 7F, 00, 00, 00, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!EtwRegisterTraceGuidsW + 214                                                   00007ffcb4fd15e6 8 bytes [30, 6C, F8, 7F, 00, 00, 00, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!EtwNotificationRegister + 567                                                  00007ffcb4fd1877 8 bytes [20, 6C, F8, 7F, 00, 00, 00, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlDllShutdownInProgress + 429                                                 00007ffcb4fd1a2d 8 bytes [10, 6C, F8, 7F, 00, 00, 00, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!RtlRunOnceExecuteOnce + 213                                                    00007ffcb4fd1c35 8 bytes [00, 6C, F8, 7F, 00, 00, 00, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                         00007ffcb5041290 8 bytes {JMP QWORD [RIP-0x6fe5e]}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                                                       00007ffcb5041410 8 bytes {JMP QWORD [RIP-0x6fe30]}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                             00007ffcb5041440 8 bytes {JMP QWORD [RIP-0x712eb]}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                           00007ffcb5041560 8 bytes {JMP QWORD [RIP-0x70c1e]}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                                               00007ffcb5041610 8 bytes {JMP QWORD [RIP-0x71122]}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                                               00007ffcb5041cd0 8 bytes {JMP QWORD [RIP-0x700a1]}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                                             00007ffcb5041fd0 8 bytes {JMP QWORD [RIP-0x705a9]}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                                             00007ffcb5042850 8 bytes {JMP QWORD [RIP-0x70fdf]}
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\system32\wow64cpu.dll!CpuSetContext + 438                                                         00000000776913f6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\system32\wow64cpu.dll!CpuGetContext + 387                                                         0000000077691583 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\system32\wow64cpu.dll!CpuSetInstructionPointer + 49                                               0000000077691621 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\system32\wow64cpu.dll!CpuProcessInit + 68                                                         0000000077691674 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\system32\wow64cpu.dll!CpuGetStackPointer + 23                                                     00000000776916d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 9                                                 00000000776916e9 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 71                                                0000000077691727 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   ...                                                                                                                                                          * 7
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\system32\wow64cpu.dll!CpuFlushInstructionCache + 16                                               00000000776925d0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\system32\wow64cpu.dll!CpuInitializeStartupContext + 308                                           0000000077692714 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\system32\wow64cpu.dll!CpuResetToConsistentState + 529                                             0000000077692961 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text   C:\Users\Ibrahim\Downloads\Gmer-19357.exe[6660] C:\Windows\system32\wow64cpu.dll!CpuProcessTerm + 595                                                        0000000077692bd3 8 bytes [DC, 6A, F8, 7F, 00, 00, 00, ...]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\system32\csrss.exe [704:7472]                                                                                                                     fffff960008642d0
Thread  C:\Windows\system32\csrss.exe [704:8104]                                                                                                                     fffff960008642d0

---- EOF - GMER 2.1 ----
         
adwcleaner habe ich vor einem Monat ca benutzt und hier ist der Log.

wenn ich jetzt suche habe ich keine Funde.

Code:
ATTFilter
# AdwCleaner v4.208 - Bericht erstellt 10/07/2015 um 15:23:18
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-10.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Ibrahim - PC
# Gestarted von : C:\Users\Ibrahim\Downloads\adwcleaner_4.208.exe
# Option : Suchlauf

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Ibrahim\AppData\Roaming\Mozilla\Firefox\Profiles\uj57y9ss.default\user.js
Ordner Gefunden : C:\Users\Ibrahim\AppData\Roaming\RHEng

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v39.0 (x86 de)


-\\ Google Chrome v39.0.2171.99

[C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPB19A5DA2-93CE-4F7F-9155-BCB5F2F9D10A&q={searchTerms}&SSPV=
[C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPB19A5DA2-93CE-4F7F-9155-BCB5F2F9D10A&q={searchTerms}&SSPV=
[C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10263&locale=de_AT&apn_uid=70bc7904-fb3b-4000-8e6d-003b808e46ef&apn_ptnrs=%5EAGU&apn_sauid=F5DBEF0E-9B90-4600-826F-3E5D7B6E3040&apn_dtid=%5EYYYYYY%5EYY%5EAT&q={searchTerms}
[C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gefunden [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=110823&tt=3612_7&babsrc=SP_ss&mntrId=bc6b19f8000000000000001e8c9f56a0
[C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gefunden [Homepage] : hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPB19A5DA2-93CE-4F7F-9155-BCB5F2F9D10A&SSPV=
[C:\Users\Ibrahim\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gefunden [Startup_URLs] : hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPB19A5DA2-93CE-4F7F-9155-BCB5F2F9D10A&SSPV=

*************************

AdwCleaner[R0].txt - [3736 Bytes] - [10/07/2015 15:23:18]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3795 Bytes] ##########
         
__________________


Alt 04.08.2015, 08:04   #3
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit - Standard

Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
__________________

Alt 04.08.2015, 10:34   #4
orhanzo
 
Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit - Standard

Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit



Hi bin dabei!
Eset Scan ist auch schon fertig hier der Log.

Code:
ATTFilter
C:\AdwCleaner\Quarantine\C\Users\Ibrahim\AppData\Roaming\RHEng\CE02FEA7646642D38936CB27088E2B00\WWE_1.2.0.53.exe.vir	Win32/Wajam.K evtl. unerwünschte Anwendung
C:\Users\Ibrahim\Downloads\KeyTweak - CHIP-Installer.exe	Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\Ibrahim\Downloads\RegistryEasy.exe.part	Variante von Win32/Adware.RegistryEasy Anwendung
C:\Users\Ibrahim\Downloads\wz190gev-64.msi	Variante von Win32/Systweak.L evtl. unerwünschte Anwendung
C:\Windows\Installer\14561f38.msi	Variante von Win32/Systweak.L evtl. unerwünschte Anwendung
         
tdsskiller log - 1 fund

Code:
ATTFilter
09:27:16.0945 0x0c84  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
09:27:16.0945 0x0c84  UEFI system
09:27:33.0413 0x0c84  ============================================================
09:27:33.0414 0x0c84  Current date / time: 2015/08/04 09:27:33.0413
09:27:33.0414 0x0c84  SystemInfo:
09:27:33.0414 0x0c84  
09:27:33.0414 0x0c84  OS Version: 6.3.9600 ServicePack: 0.0
09:27:33.0414 0x0c84  Product type: Workstation
09:27:33.0414 0x0c84  ComputerName: PC
09:27:33.0414 0x0c84  UserName: Ibrahim
09:27:33.0414 0x0c84  Windows directory: C:\Windows
09:27:33.0414 0x0c84  System windows directory: C:\Windows
09:27:33.0414 0x0c84  Running under WOW64
09:27:33.0414 0x0c84  Processor architecture: Intel x64
09:27:33.0414 0x0c84  Number of processors: 6
09:27:33.0414 0x0c84  Page size: 0x1000
09:27:33.0414 0x0c84  Boot type: Normal boot
09:27:33.0414 0x0c84  ============================================================
09:27:33.0611 0x0c84  KLMD registered as C:\Windows\system32\drivers\92547745.sys
09:27:33.0752 0x0c84  System UUID: {059D065D-B994-D122-F25C-51CF06CAF7D4}
09:27:34.0288 0x0c84  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:27:34.0288 0x0c84  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:27:34.0293 0x0c84  ============================================================
09:27:34.0293 0x0c84  \Device\Harddisk0\DR0:
09:27:34.0293 0x0c84  GPT partitions:
09:27:34.0294 0x0c84  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {62629690-986A-48F7-A960-14B4DD4AC0F1}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
09:27:34.0294 0x0c84  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {0F817CFB-6F26-4A58-94B0-4A64C42D337D}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x31800
09:27:34.0294 0x0c84  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {C82E861B-082F-4E4C-BC42-091CC31C00F1}, Name: Microsoft reserved partition, StartLBA 0xC8000, BlocksNum 0x40000
09:27:34.0294 0x0c84  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A0BE0C06-5DB2-4023-BFBD-CFB37408D753}, Name: Basic data partition, StartLBA 0x108000, BlocksNum 0xDE8C000
09:27:34.0294 0x0c84  MBR partitions:
09:27:34.0294 0x0c84  \Device\Harddisk1\DR1:
09:27:34.0294 0x0c84  GPT partitions:
09:27:34.0294 0x0c84  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {09500D3E-6569-458B-AF1E-943AA41A76C3}, Name: Microsoft reserved partition, StartLBA 0x800, BlocksNum 0x40000
09:27:34.0294 0x0c84  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8DDB3EEC-A635-4CEC-9A2B-ACA1C1877352}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x742BB800
09:27:34.0294 0x0c84  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {449E58C9-4783-4200-AF43-1420A08D1F2D}, Name: Basic data partition, StartLBA 0x742FC000, BlocksNum 0x40A800
09:27:34.0294 0x0c84  MBR partitions:
09:27:34.0294 0x0c84  ============================================================
09:27:34.0296 0x0c84  C: <-> \Device\Harddisk0\DR0\Partition4
09:27:34.0337 0x0c84  E: <-> \Device\Harddisk1\DR1\Partition3
09:27:34.0389 0x0c84  D: <-> \Device\Harddisk1\DR1\Partition2
09:27:34.0389 0x0c84  ============================================================
09:27:34.0389 0x0c84  Initialize success
09:27:34.0389 0x0c84  ============================================================
09:27:55.0924 0x06fc  ============================================================
09:27:55.0924 0x06fc  Scan started
09:27:55.0924 0x06fc  Mode: Manual; SigCheck; TDLFS; 
09:27:55.0924 0x06fc  ============================================================
09:27:55.0924 0x06fc  KSN ping started
09:28:18.0389 0x06fc  KSN ping finished: true
09:28:20.0648 0x06fc  ================ Scan system memory ========================
09:28:20.0648 0x06fc  System memory - ok
09:28:20.0648 0x06fc  ================ Scan services =============================
09:28:20.0706 0x06fc  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
09:28:20.0768 0x06fc  1394ohci - ok
09:28:20.0778 0x06fc  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
09:28:20.0790 0x06fc  3ware - ok
09:28:20.0808 0x06fc  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:28:20.0830 0x06fc  ACPI - ok
09:28:20.0837 0x06fc  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
09:28:20.0848 0x06fc  acpiex - ok
09:28:20.0853 0x06fc  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
09:28:20.0863 0x06fc  acpipagr - ok
09:28:20.0868 0x06fc  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
09:28:20.0880 0x06fc  AcpiPmi - ok
09:28:20.0884 0x06fc  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
09:28:20.0897 0x06fc  acpitime - ok
09:28:20.0902 0x06fc  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:28:20.0912 0x06fc  AdobeARMservice - ok
09:28:20.0949 0x06fc  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:28:20.0960 0x06fc  AdobeFlashPlayerUpdateSvc - ok
09:28:20.0981 0x06fc  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
09:28:21.0007 0x06fc  ADP80XX - ok
09:28:21.0018 0x06fc  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:28:21.0035 0x06fc  AeLookupSvc - ok
09:28:21.0050 0x06fc  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
09:28:21.0072 0x06fc  AFD - ok
09:28:21.0079 0x06fc  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
09:28:21.0089 0x06fc  agp440 - ok
09:28:21.0095 0x06fc  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
09:28:21.0107 0x06fc  ahcache - ok
09:28:21.0113 0x06fc  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
09:28:21.0126 0x06fc  ALG - ok
09:28:21.0135 0x06fc  [ F17B1902DFCED1C24DB57492A7896FF8, 966AB1A072A8AF98D7EDD2A388D919B50FC41A06E1C51B04B2C2F54F1BA7F0D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:28:21.0157 0x06fc  AMD External Events Utility - ok
09:28:21.0160 0x06fc  AMD FUEL Service - ok
09:28:21.0169 0x06fc  [ 6190A6BBDCE4BEB0E2B3943862C64842, C84765DDECFF03E59D1AA672E1936031C3E3375284D52875341DF6C414AA6383 ] amdacpksd       C:\Windows\system32\drivers\amdacpksd.sys
09:28:21.0190 0x06fc  amdacpksd - ok
09:28:21.0196 0x06fc  [ CFD407510AD5E14B8F9EE617FCDF0214, D1A9B17B0393A33E96ACE7EF65160C6A9833838681F68450987158CCEA33B050 ] amdacpusrsvc    C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
09:28:21.0203 0x06fc  amdacpusrsvc - detected UnsignedFile.Multi.Generic ( 1 )
09:28:24.0787 0x06fc  Detect skipped due to KSN trusted
09:28:24.0787 0x06fc  amdacpusrsvc - ok
09:28:24.0794 0x06fc  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
09:28:24.0806 0x06fc  AmdK8 - ok
09:28:24.0811 0x06fc  [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd        C:\Windows\system32\drivers\amdkmafd.sys
09:28:24.0819 0x06fc  amdkmafd - ok
09:28:25.0136 0x06fc  [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
09:28:25.0457 0x06fc  amdkmdag - ok
09:28:25.0502 0x06fc  [ AF6B384E03D15471EDCEDDDEBAA363B2, 2D8CFA26D69A8FF0FAC6EBA2E5A62977B21ECBA0C65458072FEC4A886B3EDD73 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
09:28:25.0526 0x06fc  amdkmdap - ok
09:28:25.0533 0x06fc  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
09:28:25.0546 0x06fc  AmdPPM - ok
09:28:25.0552 0x06fc  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:28:25.0562 0x06fc  amdsata - ok
09:28:25.0570 0x06fc  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:28:25.0585 0x06fc  amdsbs - ok
09:28:25.0589 0x06fc  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:28:25.0599 0x06fc  amdxata - ok
09:28:25.0603 0x06fc  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
09:28:25.0610 0x06fc  AODDriver4.3 - ok
09:28:25.0616 0x06fc  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
09:28:25.0628 0x06fc  AppID - ok
09:28:25.0632 0x06fc  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:28:25.0644 0x06fc  AppIDSvc - ok
09:28:25.0650 0x06fc  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
09:28:25.0663 0x06fc  Appinfo - ok
09:28:25.0669 0x06fc  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:28:25.0676 0x06fc  Apple Mobile Device Service - ok
09:28:25.0691 0x06fc  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
09:28:25.0713 0x06fc  AppReadiness - ok
09:28:25.0743 0x06fc  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
09:28:25.0780 0x06fc  AppXSvc - ok
09:28:25.0788 0x06fc  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:28:25.0799 0x06fc  arcsas - ok
09:28:25.0803 0x06fc  [ 6053C47F327C78F7176D2797BBFA8348, B388A427E61D1738FDED108F4AA7B23363DF59EA19442420CC5988C8FA75560A ] ArvoFltr        C:\Windows\system32\drivers\ArvoFltr.sys
09:28:25.0813 0x06fc  ArvoFltr - ok
09:28:25.0817 0x06fc  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:28:25.0826 0x06fc  atapi - ok
09:28:25.0835 0x06fc  [ 8523AA8BD207F937E8C047F8713D4788, EB131C38F51DEDCE2445648CAAE7B7F04F0009EB823A77D1D08B2E9CA8EC9B7D ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWB6.sys
09:28:25.0850 0x06fc  AtiHDAudioService - ok
09:28:25.0858 0x06fc  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
09:28:25.0874 0x06fc  AudioEndpointBuilder - ok
09:28:25.0894 0x06fc  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:28:25.0923 0x06fc  Audiosrv - ok
09:28:25.0936 0x06fc  [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
09:28:25.0948 0x06fc  AVP - ok
09:28:25.0954 0x06fc  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:28:25.0967 0x06fc  AxInstSV - ok
09:28:25.0980 0x06fc  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
09:28:26.0001 0x06fc  b06bdrv - ok
09:28:26.0007 0x06fc  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
09:28:26.0019 0x06fc  BasicDisplay - ok
09:28:26.0024 0x06fc  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
09:28:26.0035 0x06fc  BasicRender - ok
09:28:26.0040 0x06fc  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
09:28:26.0048 0x06fc  bcmfn2 - ok
09:28:26.0057 0x06fc  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\Windows\System32\bdesvc.dll
09:28:26.0076 0x06fc  BDESVC - ok
09:28:26.0081 0x06fc  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
09:28:26.0091 0x06fc  Beep - ok
09:28:26.0111 0x06fc  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\Windows\System32\bfe.dll
09:28:26.0139 0x06fc  BFE - ok
09:28:26.0163 0x06fc  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
09:28:26.0193 0x06fc  BITS - ok
09:28:26.0206 0x06fc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:28:26.0221 0x06fc  Bonjour Service - ok
09:28:26.0227 0x06fc  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:28:26.0239 0x06fc  bowser - ok
09:28:26.0247 0x06fc  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
09:28:26.0264 0x06fc  BrokerInfrastructure - ok
09:28:26.0271 0x06fc  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
09:28:26.0284 0x06fc  Browser - ok
09:28:26.0289 0x06fc  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
09:28:26.0301 0x06fc  BthAvrcpTg - ok
09:28:26.0306 0x06fc  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
09:28:26.0318 0x06fc  BthHFEnum - ok
09:28:26.0323 0x06fc  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
09:28:26.0336 0x06fc  bthhfhid - ok
09:28:26.0347 0x06fc  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
09:28:26.0365 0x06fc  BthHFSrv - ok
09:28:26.0371 0x06fc  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
09:28:26.0384 0x06fc  BTHMODEM - ok
09:28:26.0391 0x06fc  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
09:28:26.0403 0x06fc  bthserv - ok
09:28:26.0432 0x06fc  [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
09:28:26.0467 0x06fc  c2cautoupdatesvc - ok
09:28:26.0504 0x06fc  [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
09:28:26.0546 0x06fc  c2cpnrsvc - ok
09:28:26.0554 0x06fc  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:28:26.0567 0x06fc  cdfs - ok
09:28:26.0576 0x06fc  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
09:28:26.0589 0x06fc  cdrom - ok
09:28:26.0597 0x06fc  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:28:26.0612 0x06fc  CertPropSvc - ok
09:28:26.0617 0x06fc  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
09:28:26.0629 0x06fc  circlass - ok
09:28:26.0640 0x06fc  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
09:28:26.0658 0x06fc  CLFS - ok
09:28:26.0669 0x06fc  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
09:28:26.0680 0x06fc  CmBatt - ok
09:28:26.0694 0x06fc  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\Windows\system32\Drivers\cng.sys
09:28:26.0717 0x06fc  CNG - ok
09:28:26.0723 0x06fc  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
09:28:26.0735 0x06fc  CompositeBus - ok
09:28:26.0739 0x06fc  COMSysApp - ok
09:28:26.0744 0x06fc  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
09:28:26.0757 0x06fc  condrv - ok
09:28:26.0765 0x06fc  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:28:26.0779 0x06fc  CryptSvc - ok
09:28:26.0784 0x06fc  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
09:28:26.0794 0x06fc  dam - ok
09:28:26.0816 0x06fc  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:28:26.0843 0x06fc  DcomLaunch - ok
09:28:26.0858 0x06fc  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
09:28:26.0879 0x06fc  defragsvc - ok
09:28:26.0892 0x06fc  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
09:28:26.0911 0x06fc  DeviceAssociationService - ok
09:28:26.0918 0x06fc  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
09:28:26.0933 0x06fc  DeviceInstall - ok
09:28:26.0944 0x06fc  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
09:28:26.0958 0x06fc  Dfsc - ok
09:28:26.0977 0x06fc  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:28:26.0997 0x06fc  Dhcp - ok
09:28:27.0039 0x06fc  [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack       C:\Windows\system32\diagtrack.dll
09:28:27.0077 0x06fc  DiagTrack - ok
09:28:27.0089 0x06fc  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
09:28:27.0100 0x06fc  disk - ok
09:28:27.0105 0x06fc  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
09:28:27.0116 0x06fc  dmvsc - ok
09:28:27.0124 0x06fc  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:28:27.0141 0x06fc  Dnscache - ok
09:28:27.0161 0x06fc  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:28:27.0186 0x06fc  dot3svc - ok
09:28:27.0199 0x06fc  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
09:28:27.0216 0x06fc  DPS - ok
09:28:27.0222 0x06fc  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:28:27.0231 0x06fc  drmkaud - ok
09:28:27.0242 0x06fc  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
09:28:27.0261 0x06fc  DsmSvc - ok
09:28:27.0305 0x06fc  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:28:27.0354 0x06fc  DXGKrnl - ok
09:28:27.0371 0x06fc  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
09:28:27.0389 0x06fc  Eaphost - ok
09:28:27.0477 0x06fc  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
09:28:27.0565 0x06fc  ebdrv - ok
09:28:27.0579 0x06fc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
09:28:27.0591 0x06fc  EFS - ok
09:28:27.0597 0x06fc  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
09:28:27.0607 0x06fc  EhStorClass - ok
09:28:27.0618 0x06fc  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
09:28:27.0629 0x06fc  EhStorTcgDrv - ok
09:28:27.0636 0x06fc  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
09:28:27.0651 0x06fc  ErrDev - ok
09:28:27.0669 0x06fc  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
09:28:27.0690 0x06fc  EventSystem - ok
09:28:27.0698 0x06fc  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:28:27.0720 0x06fc  exfat - ok
09:28:27.0728 0x06fc  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:28:27.0743 0x06fc  fastfat - ok
09:28:27.0773 0x06fc  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
09:28:27.0800 0x06fc  Fax - ok
09:28:27.0810 0x06fc  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
09:28:27.0823 0x06fc  fdc - ok
09:28:27.0831 0x06fc  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
09:28:27.0845 0x06fc  fdPHost - ok
09:28:27.0850 0x06fc  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:28:27.0867 0x06fc  FDResPub - ok
09:28:27.0884 0x06fc  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
09:28:27.0901 0x06fc  fhsvc - ok
09:28:27.0909 0x06fc  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:28:27.0920 0x06fc  FileInfo - ok
09:28:27.0929 0x06fc  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:28:27.0948 0x06fc  Filetrace - ok
09:28:27.0953 0x06fc  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
09:28:27.0971 0x06fc  flpydisk - ok
09:28:27.0985 0x06fc  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:28:28.0001 0x06fc  FltMgr - ok
09:28:28.0045 0x06fc  [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache       C:\Windows\system32\FntCache.dll
09:28:28.0090 0x06fc  FontCache - ok
09:28:28.0110 0x06fc  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:28:28.0121 0x06fc  FontCache3.0.0.0 - ok
09:28:28.0127 0x06fc  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:28:28.0138 0x06fc  FsDepends - ok
09:28:28.0142 0x06fc  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:28:28.0153 0x06fc  Fs_Rec - ok
09:28:28.0177 0x06fc  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:28:28.0199 0x06fc  fvevol - ok
09:28:28.0205 0x06fc  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
09:28:28.0219 0x06fc  FxPPM - ok
09:28:28.0224 0x06fc  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:28:28.0236 0x06fc  gagp30kx - ok
09:28:28.0241 0x06fc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:28:28.0249 0x06fc  GEARAspiWDM - ok
09:28:28.0255 0x06fc  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
09:28:28.0267 0x06fc  gencounter - ok
09:28:28.0278 0x06fc  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
09:28:28.0290 0x06fc  GPIOClx0101 - ok
09:28:28.0322 0x06fc  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:28:28.0361 0x06fc  gpsvc - ok
09:28:28.0376 0x06fc  GPU-Z - ok
09:28:28.0390 0x06fc  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:28:28.0408 0x06fc  HdAudAddService - ok
09:28:28.0414 0x06fc  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
09:28:28.0425 0x06fc  HDAudBus - ok
09:28:28.0430 0x06fc  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
09:28:28.0441 0x06fc  HidBatt - ok
09:28:28.0448 0x06fc  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
09:28:28.0460 0x06fc  HidBth - ok
09:28:28.0465 0x06fc  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
09:28:28.0477 0x06fc  hidi2c - ok
09:28:28.0481 0x06fc  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
09:28:28.0492 0x06fc  HidIr - ok
09:28:28.0497 0x06fc  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
09:28:28.0509 0x06fc  hidserv - ok
09:28:28.0514 0x06fc  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
09:28:28.0524 0x06fc  HidUsb - ok
09:28:28.0530 0x06fc  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:28:28.0543 0x06fc  hkmsvc - ok
09:28:28.0552 0x06fc  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:28:28.0568 0x06fc  HomeGroupListener - ok
09:28:28.0580 0x06fc  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:28:28.0600 0x06fc  HomeGroupProvider - ok
09:28:28.0605 0x06fc  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:28:28.0614 0x06fc  HpSAMD - ok
09:28:28.0636 0x06fc  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:28:28.0666 0x06fc  HTTP - ok
09:28:28.0671 0x06fc  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:28:28.0680 0x06fc  hwpolicy - ok
09:28:28.0683 0x06fc  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
09:28:28.0694 0x06fc  hyperkbd - ok
09:28:28.0698 0x06fc  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
09:28:28.0709 0x06fc  HyperVideo - ok
09:28:28.0716 0x06fc  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
09:28:28.0728 0x06fc  i8042prt - ok
09:28:28.0732 0x06fc  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
09:28:28.0739 0x06fc  iaLPSSi_GPIO - ok
09:28:28.0745 0x06fc  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
09:28:28.0753 0x06fc  iaLPSSi_I2C - ok
09:28:28.0769 0x06fc  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
09:28:28.0787 0x06fc  iaStorAV - ok
09:28:28.0799 0x06fc  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:28:28.0817 0x06fc  iaStorV - ok
09:28:28.0820 0x06fc  IEEtwCollectorService - ok
09:28:28.0842 0x06fc  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\Windows\System32\ikeext.dll
09:28:28.0873 0x06fc  IKEEXT - ok
09:28:28.0952 0x06fc  [ CC2521C1BE66E922196431B77F765178, 07106F575F715F761E01D3788053CBA6E53DD8390CE79BD4F6FC2BCDDC34C982 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:28:29.0030 0x06fc  IntcAzAudAddService - ok
09:28:29.0039 0x06fc  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:28:29.0048 0x06fc  intelide - ok
09:28:29.0052 0x06fc  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
09:28:29.0062 0x06fc  intelpep - ok
09:28:29.0067 0x06fc  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
09:28:29.0080 0x06fc  intelppm - ok
09:28:29.0085 0x06fc  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:28:29.0100 0x06fc  IpFilterDriver - ok
09:28:29.0120 0x06fc  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:28:29.0149 0x06fc  iphlpsvc - ok
09:28:29.0155 0x06fc  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
09:28:29.0167 0x06fc  IPMIDRV - ok
09:28:29.0173 0x06fc  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:28:29.0186 0x06fc  IPNAT - ok
09:28:29.0201 0x06fc  [ A4857E8B1DEB9740FB5ADEDF05ED69E0, 24FC7A188D32B08CE4F10EEEF17F37C45DB5433158A7A97A07D43F6BEE58DFFC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:28:29.0218 0x06fc  iPod Service - ok
09:28:29.0223 0x06fc  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:28:29.0236 0x06fc  IRENUM - ok
09:28:29.0240 0x06fc  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:28:29.0250 0x06fc  isapnp - ok
09:28:29.0260 0x06fc  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
09:28:29.0275 0x06fc  iScsiPrt - ok
09:28:29.0281 0x06fc  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
09:28:29.0291 0x06fc  kbdclass - ok
09:28:29.0295 0x06fc  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
09:28:29.0307 0x06fc  kbdhid - ok
09:28:29.0311 0x06fc  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
09:28:29.0323 0x06fc  kdnic - ok
09:28:29.0327 0x06fc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
09:28:29.0337 0x06fc  KeyIso - ok
09:28:29.0349 0x06fc  [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
09:28:29.0363 0x06fc  kl1 - ok
09:28:29.0369 0x06fc  [ 2248A9F2B7704271C72E306001C7FBE0, FEC8E10F4FAB332E36C1C5801396174B4CE21186431A2A234CE49695C4674ACA ] klelam          C:\Windows\system32\DRIVERS\klelam.sys
09:28:29.0378 0x06fc  klelam - ok
09:28:29.0394 0x06fc  [ E8D6C80D4E11383CEE269F9C27E6464C, 5E9EAD64AE221AE8BF87730A7FDDF8023805184D12A058A147ECD887FA3D3012 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
09:28:29.0412 0x06fc  KLIF - ok
09:28:29.0417 0x06fc  [ B6822DEFE601629F19E0A2D7F0D623F2, FD71A2AA3FC4698B5436D185E2F2A3EB6A111AE8F35606E1658E2D18CE744F13 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
09:28:29.0424 0x06fc  KLIM6 - ok
09:28:29.0429 0x06fc  [ B45DEC5BD71885E833DF3D837CE7C606, 8A81802122EE6BD791E36F9F27D921C9BC4D5B6604C0A79F9F1D806AD44B9869 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
09:28:29.0436 0x06fc  klkbdflt - ok
09:28:29.0440 0x06fc  [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
09:28:29.0447 0x06fc  klmouflt - ok
09:28:29.0451 0x06fc  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
09:28:29.0458 0x06fc  klpd - ok
09:28:29.0463 0x06fc  [ C66A4C640B7F9606668D35D726D2FF51, B6708A516D55FDDB3C5F018827D4E0B52D2B65D7B0DC33A9AECC301A05A860DE ] klwfp           C:\Windows\system32\DRIVERS\klwfp.sys
09:28:29.0473 0x06fc  klwfp - ok
09:28:29.0480 0x06fc  [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
09:28:29.0490 0x06fc  kneps - ok
09:28:29.0496 0x06fc  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:28:29.0506 0x06fc  KSecDD - ok
09:28:29.0514 0x06fc  [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:28:29.0527 0x06fc  KSecPkg - ok
09:28:29.0531 0x06fc  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:28:29.0544 0x06fc  ksthunk - ok
09:28:29.0554 0x06fc  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:28:29.0573 0x06fc  KtmRm - ok
09:28:29.0584 0x06fc  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:28:29.0602 0x06fc  LanmanServer - ok
09:28:29.0611 0x06fc  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:28:29.0630 0x06fc  LanmanWorkstation - ok
09:28:29.0639 0x06fc  [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
09:28:29.0652 0x06fc  LBTServ - ok
09:28:29.0658 0x06fc  [ 5EA1731968F2FD0E950DDCE6D36C5134, 16C47AA60CB62F206DBF3B4FAF99FCA667E7193178D1B7ECB162FA87C008BAA3 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
09:28:29.0666 0x06fc  LEqdUsb - ok
09:28:29.0679 0x06fc  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
09:28:29.0699 0x06fc  lfsvc - ok
09:28:29.0704 0x06fc  [ 50AC0930F05DFB996F085B49E112E5C9, C5147E92656506981705AFCAA97B7BDAD0929FF39C1666E774BE1BD32FB08387 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
09:28:29.0710 0x06fc  LHidEqd - ok
09:28:29.0715 0x06fc  [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
09:28:29.0722 0x06fc  LHidFilt - ok
09:28:29.0726 0x06fc  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:28:29.0741 0x06fc  lltdio - ok
09:28:29.0751 0x06fc  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:28:29.0768 0x06fc  lltdsvc - ok
09:28:29.0772 0x06fc  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:28:29.0785 0x06fc  lmhosts - ok
09:28:29.0789 0x06fc  [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
09:28:29.0797 0x06fc  LMouFilt - ok
09:28:29.0804 0x06fc  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:28:29.0815 0x06fc  LSI_SAS - ok
09:28:29.0819 0x06fc  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:28:29.0830 0x06fc  LSI_SAS2 - ok
09:28:29.0835 0x06fc  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
09:28:29.0846 0x06fc  LSI_SAS3 - ok
09:28:29.0851 0x06fc  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
09:28:29.0861 0x06fc  LSI_SSS - ok
09:28:29.0879 0x06fc  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
09:28:29.0905 0x06fc  LSM - ok
09:28:29.0912 0x06fc  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:28:29.0924 0x06fc  luafv - ok
09:28:29.0931 0x06fc  [ 0307CF4184F4F22DB75F36ACCCEF7ED1, 32EAC5DADDD70175EA7AD4FC0A8624BECB138B9ED9E66AF74AC4A06EEB3EB4B7 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
09:28:29.0939 0x06fc  mbamchameleon - ok
09:28:29.0943 0x06fc  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
09:28:29.0949 0x06fc  MBAMProtector - ok
09:28:29.0986 0x06fc  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
09:28:30.0024 0x06fc  MBAMScheduler - ok
09:28:30.0050 0x06fc  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
09:28:30.0076 0x06fc  MBAMService - ok
09:28:30.0085 0x06fc  [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
09:28:30.0094 0x06fc  MBAMSwissArmy - ok
09:28:30.0098 0x06fc  [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
09:28:30.0105 0x06fc  MBAMWebAccessControl - ok
09:28:30.0110 0x06fc  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
09:28:30.0120 0x06fc  megasas - ok
09:28:30.0134 0x06fc  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
09:28:30.0155 0x06fc  megasr - ok
09:28:30.0161 0x06fc  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
09:28:30.0174 0x06fc  MMCSS - ok
09:28:30.0179 0x06fc  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
09:28:30.0193 0x06fc  Modem - ok
09:28:30.0198 0x06fc  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
09:28:30.0208 0x06fc  monitor - ok
09:28:30.0214 0x06fc  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
09:28:30.0223 0x06fc  mouclass - ok
09:28:30.0232 0x06fc  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
09:28:30.0243 0x06fc  mouhid - ok
09:28:30.0249 0x06fc  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:28:30.0259 0x06fc  mountmgr - ok
09:28:30.0266 0x06fc  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:28:30.0275 0x06fc  MozillaMaintenance - ok
09:28:30.0281 0x06fc  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:28:30.0293 0x06fc  mpsdrv - ok
09:28:30.0312 0x06fc  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:28:30.0352 0x06fc  MpsSvc - ok
09:28:30.0359 0x06fc  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:28:30.0372 0x06fc  MRxDAV - ok
09:28:30.0383 0x06fc  [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:28:30.0403 0x06fc  mrxsmb - ok
09:28:30.0412 0x06fc  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:28:30.0427 0x06fc  mrxsmb10 - ok
09:28:30.0434 0x06fc  [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:28:30.0463 0x06fc  mrxsmb20 - ok
09:28:30.0468 0x06fc  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
09:28:30.0481 0x06fc  MsBridge - ok
09:28:30.0487 0x06fc  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
09:28:30.0500 0x06fc  MSDTC - ok
09:28:30.0507 0x06fc  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:28:30.0519 0x06fc  Msfs - ok
09:28:30.0524 0x06fc  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
09:28:30.0534 0x06fc  msgpiowin32 - ok
09:28:30.0538 0x06fc  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:28:30.0550 0x06fc  mshidkmdf - ok
09:28:30.0555 0x06fc  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
09:28:30.0569 0x06fc  mshidumdf - ok
09:28:30.0575 0x06fc  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:28:30.0585 0x06fc  msisadrv - ok
09:28:30.0592 0x06fc  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:28:30.0607 0x06fc  MSiSCSI - ok
09:28:30.0610 0x06fc  msiserver - ok
09:28:30.0614 0x06fc  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:28:30.0625 0x06fc  MSKSSRV - ok
09:28:30.0630 0x06fc  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
09:28:30.0641 0x06fc  MsLldp - ok
09:28:30.0645 0x06fc  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:28:30.0656 0x06fc  MSPCLOCK - ok
09:28:30.0660 0x06fc  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:28:30.0671 0x06fc  MSPQM - ok
09:28:30.0681 0x06fc  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:28:30.0698 0x06fc  MsRPC - ok
09:28:30.0704 0x06fc  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
09:28:30.0714 0x06fc  mssmbios - ok
09:28:30.0719 0x06fc  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:28:30.0729 0x06fc  MSTEE - ok
09:28:30.0733 0x06fc  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
09:28:30.0745 0x06fc  MTConfig - ok
09:28:30.0749 0x06fc  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
09:28:30.0760 0x06fc  Mup - ok
09:28:30.0764 0x06fc  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
09:28:30.0774 0x06fc  mvumis - ok
09:28:30.0786 0x06fc  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
09:28:30.0807 0x06fc  napagent - ok
09:28:30.0819 0x06fc  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:28:30.0840 0x06fc  NativeWifiP - ok
09:28:30.0847 0x06fc  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
09:28:30.0862 0x06fc  NcaSvc - ok
09:28:30.0868 0x06fc  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
09:28:30.0882 0x06fc  NcbService - ok
09:28:30.0887 0x06fc  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
09:28:30.0900 0x06fc  NcdAutoSetup - ok
09:28:30.0923 0x06fc  [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:28:30.0958 0x06fc  NDIS - ok
09:28:30.0964 0x06fc  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:28:30.0976 0x06fc  NdisCap - ok
09:28:30.0982 0x06fc  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
09:28:30.0995 0x06fc  NdisImPlatform - ok
09:28:30.0999 0x06fc  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:28:31.0010 0x06fc  NdisTapi - ok
09:28:31.0015 0x06fc  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:28:31.0026 0x06fc  Ndisuio - ok
09:28:31.0031 0x06fc  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
09:28:31.0044 0x06fc  NdisVirtualBus - ok
09:28:31.0051 0x06fc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:28:31.0068 0x06fc  NdisWan - ok
09:28:31.0074 0x06fc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
09:28:31.0090 0x06fc  NdisWanLegacy - ok
09:28:31.0095 0x06fc  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:28:31.0107 0x06fc  NDProxy - ok
09:28:31.0112 0x06fc  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
09:28:31.0125 0x06fc  Ndu - ok
09:28:31.0130 0x06fc  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:28:31.0141 0x06fc  NetBIOS - ok
09:28:31.0150 0x06fc  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:28:31.0166 0x06fc  NetBT - ok
09:28:31.0170 0x06fc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
09:28:31.0181 0x06fc  Netlogon - ok
09:28:31.0189 0x06fc  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
09:28:31.0205 0x06fc  Netman - ok
09:28:31.0219 0x06fc  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
09:28:31.0241 0x06fc  netprofm - ok
09:28:31.0250 0x06fc  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:28:31.0261 0x06fc  NetTcpPortSharing - ok
09:28:31.0267 0x06fc  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
09:28:31.0279 0x06fc  netvsc - ok
09:28:31.0289 0x06fc  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:28:31.0308 0x06fc  NlaSvc - ok
09:28:31.0313 0x06fc  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:28:31.0326 0x06fc  Npfs - ok
09:28:31.0330 0x06fc  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
09:28:31.0341 0x06fc  npsvctrig - ok
09:28:31.0345 0x06fc  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
09:28:31.0357 0x06fc  nsi - ok
09:28:31.0362 0x06fc  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:28:31.0374 0x06fc  nsiproxy - ok
09:28:31.0418 0x06fc  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:28:31.0471 0x06fc  Ntfs - ok
09:28:31.0477 0x06fc  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
09:28:31.0489 0x06fc  Null - ok
09:28:31.0495 0x06fc  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:28:31.0506 0x06fc  nvraid - ok
09:28:31.0513 0x06fc  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:28:31.0525 0x06fc  nvstor - ok
09:28:31.0531 0x06fc  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:28:31.0542 0x06fc  nv_agp - ok
09:28:31.0553 0x06fc  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:28:31.0572 0x06fc  p2pimsvc - ok
09:28:31.0584 0x06fc  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
09:28:31.0604 0x06fc  p2psvc - ok
09:28:31.0610 0x06fc  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
09:28:31.0622 0x06fc  Parport - ok
09:28:31.0627 0x06fc  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:28:31.0638 0x06fc  partmgr - ok
09:28:31.0650 0x06fc  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:28:31.0670 0x06fc  PcaSvc - ok
09:28:31.0681 0x06fc  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
09:28:31.0695 0x06fc  pci - ok
09:28:31.0699 0x06fc  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:28:31.0707 0x06fc  pciide - ok
09:28:31.0714 0x06fc  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:28:31.0725 0x06fc  pcmcia - ok
09:28:31.0729 0x06fc  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:28:31.0739 0x06fc  pcw - ok
09:28:31.0744 0x06fc  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
09:28:31.0755 0x06fc  pdc - ok
09:28:31.0770 0x06fc  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:28:31.0793 0x06fc  PEAUTH - ok
09:28:31.0840 0x06fc  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:28:31.0852 0x06fc  PerfHost - ok
09:28:31.0886 0x06fc  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
09:28:31.0927 0x06fc  pla - ok
09:28:31.0935 0x06fc  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:28:31.0948 0x06fc  PlugPlay - ok
09:28:31.0952 0x06fc  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:28:31.0965 0x06fc  PNRPAutoReg - ok
09:28:31.0974 0x06fc  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:28:31.0992 0x06fc  PNRPsvc - ok
09:28:32.0004 0x06fc  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:28:32.0023 0x06fc  PolicyAgent - ok
09:28:32.0030 0x06fc  [ 4671F353D0DF74C3B0D2D00DE676F56C, 0F75009DD36B2E18212CE855FB7CA7D273E5749D8F2F451655ED81AA5E86BA9F ] postgresql-8.4  c:\postgreSQL\bin\pg_ctl.exe
09:28:32.0036 0x06fc  postgresql-8.4 - detected UnsignedFile.Multi.Generic ( 1 )
09:28:35.0633 0x06fc  Detect skipped due to KSN trusted
09:28:35.0633 0x06fc  postgresql-8.4 - ok
09:28:35.0638 0x06fc  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
09:28:35.0651 0x06fc  Power - ok
09:28:35.0711 0x06fc  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
09:28:35.0773 0x06fc  PrintNotify - ok
09:28:35.0784 0x06fc  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
09:28:35.0797 0x06fc  Processor - ok
09:28:35.0804 0x06fc  [ C8D39A07CAD9EF1C86BD5D7CAC98DA54, 10146D1E023D9BC5B8CBAADE6A70D87A41BDABAA44D812B609C13563DF25527A ] ProfSvc         C:\Windows\system32\profsvc.dll
09:28:35.0820 0x06fc  ProfSvc - ok
09:28:35.0827 0x06fc  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:28:35.0840 0x06fc  Psched - ok
09:28:35.0849 0x06fc  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
09:28:35.0867 0x06fc  QWAVE - ok
09:28:35.0872 0x06fc  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:28:35.0883 0x06fc  QWAVEdrv - ok
09:28:35.0887 0x06fc  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:28:35.0898 0x06fc  RasAcd - ok
09:28:35.0903 0x06fc  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
09:28:35.0917 0x06fc  RasAuto - ok
09:28:35.0931 0x06fc  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
09:28:35.0953 0x06fc  RasMan - ok
09:28:35.0958 0x06fc  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:28:35.0972 0x06fc  RasPppoe - ok
09:28:35.0983 0x06fc  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:28:36.0001 0x06fc  rdbss - ok
09:28:36.0007 0x06fc  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
09:28:36.0017 0x06fc  rdpbus - ok
09:28:36.0024 0x06fc  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
09:28:36.0038 0x06fc  RDPDR - ok
09:28:36.0045 0x06fc  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:28:36.0054 0x06fc  RdpVideoMiniport - ok
09:28:36.0062 0x06fc  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:28:36.0076 0x06fc  rdyboost - ok
09:28:36.0098 0x06fc  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
09:28:36.0127 0x06fc  ReFS - ok
09:28:36.0136 0x06fc  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:28:36.0151 0x06fc  RemoteAccess - ok
09:28:36.0158 0x06fc  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:28:36.0173 0x06fc  RemoteRegistry - ok
09:28:36.0179 0x06fc  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:28:36.0193 0x06fc  RpcEptMapper - ok
09:28:36.0198 0x06fc  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
09:28:36.0209 0x06fc  RpcLocator - ok
09:28:36.0229 0x06fc  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
09:28:36.0255 0x06fc  RpcSs - ok
09:28:36.0261 0x06fc  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:28:36.0275 0x06fc  rspndr - ok
09:28:36.0294 0x06fc  [ D9C5260772FDA64AB729C0B4822F11E3, D52B79C4D30D18AD5DE60EFE68BFAF4221C0F4D226F5067312CE546EDE4E89CE ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
09:28:36.0316 0x06fc  RTL8168 - ok
09:28:36.0327 0x06fc  [ BE374DC1B2B07D7453D3BA15E8B49A46, EF273E9A64115933C371AC22F2BB1E3A47F5350A209F41B4A2A3000ED91E0188 ] RzWizardService C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
09:28:36.0339 0x06fc  RzWizardService - detected UnsignedFile.Multi.Generic ( 1 )
09:28:39.0927 0x06fc  Detect skipped due to KSN trusted
09:28:39.0927 0x06fc  RzWizardService - ok
09:28:39.0932 0x06fc  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
09:28:39.0944 0x06fc  s3cap - ok
09:28:39.0949 0x06fc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
09:28:39.0961 0x06fc  SamSs - ok
09:28:39.0969 0x06fc  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:28:39.0980 0x06fc  sbp2port - ok
09:28:39.0996 0x06fc  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:28:40.0013 0x06fc  SCardSvr - ok
09:28:40.0023 0x06fc  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
09:28:40.0037 0x06fc  ScDeviceEnum - ok
09:28:40.0042 0x06fc  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:28:40.0053 0x06fc  scfilter - ok
09:28:40.0080 0x06fc  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\Windows\system32\schedsvc.dll
09:28:40.0114 0x06fc  Schedule - ok
09:28:40.0122 0x06fc  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:28:40.0136 0x06fc  SCPolicySvc - ok
09:28:40.0145 0x06fc  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
09:28:40.0161 0x06fc  sdbus - ok
09:28:40.0167 0x06fc  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
09:28:40.0177 0x06fc  sdstor - ok
09:28:40.0181 0x06fc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:28:40.0193 0x06fc  secdrv - ok
09:28:40.0198 0x06fc  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
09:28:40.0211 0x06fc  seclogon - ok
09:28:40.0216 0x06fc  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
09:28:40.0230 0x06fc  SENS - ok
09:28:40.0238 0x06fc  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:28:40.0254 0x06fc  SensrSvc - ok
09:28:40.0259 0x06fc  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
09:28:40.0270 0x06fc  SerCx - ok
09:28:40.0276 0x06fc  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
09:28:40.0288 0x06fc  SerCx2 - ok
09:28:40.0292 0x06fc  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
09:28:40.0303 0x06fc  Serenum - ok
09:28:40.0308 0x06fc  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
09:28:40.0321 0x06fc  Serial - ok
09:28:40.0325 0x06fc  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
09:28:40.0336 0x06fc  sermouse - ok
09:28:40.0351 0x06fc  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
09:28:40.0369 0x06fc  SessionEnv - ok
09:28:40.0374 0x06fc  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
09:28:40.0385 0x06fc  sfloppy - ok
09:28:40.0397 0x06fc  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:28:40.0417 0x06fc  SharedAccess - ok
09:28:40.0433 0x06fc  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:28:40.0458 0x06fc  ShellHWDetection - ok
09:28:40.0463 0x06fc  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:28:40.0472 0x06fc  SiSRaid2 - ok
09:28:40.0477 0x06fc  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:28:40.0488 0x06fc  SiSRaid4 - ok
09:28:40.0496 0x06fc  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:28:40.0510 0x06fc  SkypeUpdate - ok
09:28:40.0515 0x06fc  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
09:28:40.0526 0x06fc  smphost - ok
09:28:40.0534 0x06fc  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:28:40.0547 0x06fc  SNMPTRAP - ok
09:28:40.0561 0x06fc  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
09:28:40.0579 0x06fc  spaceport - ok
09:28:40.0584 0x06fc  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
09:28:40.0594 0x06fc  SpbCx - ok
09:28:40.0612 0x06fc  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
09:28:40.0640 0x06fc  Spooler - ok
09:28:40.0763 0x06fc  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
09:28:40.0918 0x06fc  sppsvc - ok
09:28:40.0939 0x06fc  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:28:40.0957 0x06fc  srv - ok
09:28:40.0973 0x06fc  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:28:40.0996 0x06fc  srv2 - ok
09:28:41.0005 0x06fc  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:28:41.0020 0x06fc  srvnet - ok
09:28:41.0028 0x06fc  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:28:41.0045 0x06fc  SSDPSRV - ok
09:28:41.0052 0x06fc  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:28:41.0066 0x06fc  SstpSvc - ok
09:28:41.0083 0x06fc  [ AC8B882D658AF3070167F59AE92E5CA3, 7781475B6A49DCE239FEE2B32767A7E58188EF04BC4BB29E04B40DAFD8214E85 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
09:28:41.0104 0x06fc  Steam Client Service - ok
09:28:41.0109 0x06fc  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:28:41.0120 0x06fc  stexstor - ok
09:28:41.0135 0x06fc  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
09:28:41.0159 0x06fc  stisvc - ok
09:28:41.0166 0x06fc  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
09:28:41.0177 0x06fc  storahci - ok
09:28:41.0182 0x06fc  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
09:28:41.0192 0x06fc  storflt - ok
09:28:41.0197 0x06fc  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
09:28:41.0207 0x06fc  stornvme - ok
09:28:41.0211 0x06fc  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
09:28:41.0224 0x06fc  StorSvc - ok
09:28:41.0229 0x06fc  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
09:28:41.0238 0x06fc  storvsc - ok
09:28:41.0242 0x06fc  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
09:28:41.0254 0x06fc  svsvc - ok
09:28:41.0259 0x06fc  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
09:28:41.0267 0x06fc  swenum - ok
09:28:41.0284 0x06fc  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
09:28:41.0310 0x06fc  swprv - ok
09:28:41.0337 0x06fc  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\Windows\system32\sysmain.dll
09:28:41.0371 0x06fc  SysMain - ok
09:28:41.0381 0x06fc  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
09:28:41.0399 0x06fc  SystemEventsBroker - ok
09:28:41.0405 0x06fc  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:28:41.0419 0x06fc  TabletInputService - ok
09:28:41.0429 0x06fc  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:28:41.0446 0x06fc  TapiSrv - ok
09:28:41.0495 0x06fc  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:28:41.0557 0x06fc  Tcpip - ok
09:28:41.0611 0x06fc  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:28:41.0673 0x06fc  TCPIP6 - ok
09:28:41.0683 0x06fc  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:28:41.0694 0x06fc  tcpipreg - ok
09:28:41.0701 0x06fc  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:28:41.0715 0x06fc  tdx - ok
09:28:41.0720 0x06fc  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
09:28:41.0729 0x06fc  terminpt - ok
09:28:41.0753 0x06fc  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
09:28:41.0785 0x06fc  TermService - ok
09:28:41.0791 0x06fc  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
09:28:41.0804 0x06fc  Themes - ok
09:28:41.0809 0x06fc  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
09:28:41.0821 0x06fc  THREADORDER - ok
09:28:41.0829 0x06fc  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
09:28:41.0846 0x06fc  TimeBroker - ok
09:28:41.0854 0x06fc  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
09:28:41.0865 0x06fc  TPM - ok
09:28:41.0871 0x06fc  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
09:28:41.0885 0x06fc  TrkWks - ok
09:28:41.0890 0x06fc  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:28:41.0902 0x06fc  TrustedInstaller - ok
09:28:41.0912 0x06fc  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:28:41.0924 0x06fc  TsUsbFlt - ok
09:28:41.0928 0x06fc  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
09:28:41.0939 0x06fc  TsUsbGD - ok
09:28:41.0946 0x06fc  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:28:41.0962 0x06fc  tunnel - ok
09:28:41.0967 0x06fc  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:28:41.0977 0x06fc  uagp35 - ok
09:28:41.0983 0x06fc  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
09:28:41.0993 0x06fc  UASPStor - ok
09:28:42.0001 0x06fc  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
09:28:42.0014 0x06fc  UCX01000 - ok
09:28:42.0023 0x06fc  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:28:42.0040 0x06fc  udfs - ok
09:28:42.0044 0x06fc  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
09:28:42.0053 0x06fc  UEFI - ok
09:28:42.0060 0x06fc  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:28:42.0073 0x06fc  UI0Detect - ok
09:28:42.0078 0x06fc  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:28:42.0087 0x06fc  uliagpkx - ok
09:28:42.0092 0x06fc  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
09:28:42.0104 0x06fc  umbus - ok
09:28:42.0108 0x06fc  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
09:28:42.0119 0x06fc  UmPass - ok
09:28:42.0128 0x06fc  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:28:42.0147 0x06fc  UmRdpService - ok
09:28:42.0159 0x06fc  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
09:28:42.0181 0x06fc  upnphost - ok
09:28:42.0188 0x06fc  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
09:28:42.0201 0x06fc  usbaudio - ok
09:28:42.0209 0x06fc  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
09:28:42.0221 0x06fc  usbccgp - ok
09:28:42.0226 0x06fc  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
09:28:42.0238 0x06fc  usbcir - ok
09:28:42.0244 0x06fc  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
09:28:42.0255 0x06fc  usbehci - ok
09:28:42.0269 0x06fc  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
09:28:42.0288 0x06fc  usbhub - ok
09:28:42.0303 0x06fc  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
09:28:42.0321 0x06fc  USBHUB3 - ok
09:28:42.0327 0x06fc  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
09:28:42.0339 0x06fc  usbohci - ok
09:28:42.0344 0x06fc  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
09:28:42.0356 0x06fc  usbprint - ok
09:28:42.0365 0x06fc  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
09:28:42.0378 0x06fc  USBSTOR - ok
09:28:42.0383 0x06fc  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
09:28:42.0395 0x06fc  usbuhci - ok
09:28:42.0406 0x06fc  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
09:28:42.0421 0x06fc  USBXHCI - ok
09:28:42.0426 0x06fc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
09:28:42.0437 0x06fc  VaultSvc - ok
09:28:42.0441 0x06fc  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:28:42.0451 0x06fc  vdrvroot - ok
09:28:42.0479 0x06fc  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
09:28:42.0515 0x06fc  vds - ok
09:28:42.0524 0x06fc  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
09:28:42.0537 0x06fc  VerifierExt - ok
09:28:42.0554 0x06fc  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
09:28:42.0574 0x06fc  vhdmp - ok
09:28:42.0580 0x06fc  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:28:42.0588 0x06fc  viaide - ok
09:28:42.0594 0x06fc  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
09:28:42.0604 0x06fc  vmbus - ok
09:28:42.0608 0x06fc  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
09:28:42.0619 0x06fc  VMBusHID - ok
09:28:42.0633 0x06fc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
09:28:42.0655 0x06fc  vmicguestinterface - ok
09:28:42.0667 0x06fc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
09:28:42.0688 0x06fc  vmicheartbeat - ok
09:28:42.0700 0x06fc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
09:28:42.0722 0x06fc  vmickvpexchange - ok
09:28:42.0735 0x06fc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
09:28:42.0755 0x06fc  vmicrdv - ok
09:28:42.0768 0x06fc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
09:28:42.0789 0x06fc  vmicshutdown - ok
09:28:42.0802 0x06fc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
09:28:42.0822 0x06fc  vmictimesync - ok
09:28:42.0835 0x06fc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
09:28:42.0859 0x06fc  vmicvss - ok
09:28:42.0866 0x06fc  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:28:42.0876 0x06fc  volmgr - ok
09:28:42.0887 0x06fc  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:28:42.0904 0x06fc  volmgrx - ok
09:28:42.0916 0x06fc  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:28:42.0931 0x06fc  volsnap - ok
09:28:42.0939 0x06fc  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
09:28:42.0949 0x06fc  vpci - ok
09:28:42.0956 0x06fc  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:28:42.0968 0x06fc  vsmraid - ok
09:28:42.0998 0x06fc  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\Windows\system32\vssvc.exe
09:28:43.0037 0x06fc  VSS - ok
09:28:43.0048 0x06fc  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
09:28:43.0063 0x06fc  VSTXRAID - ok
09:28:43.0068 0x06fc  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
09:28:43.0079 0x06fc  vwifibus - ok
09:28:43.0091 0x06fc  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
09:28:43.0109 0x06fc  W32Time - ok
09:28:43.0115 0x06fc  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
09:28:43.0126 0x06fc  WacomPen - ok
09:28:43.0160 0x06fc  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
09:28:43.0200 0x06fc  wbengine - ok
09:28:43.0214 0x06fc  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:28:43.0235 0x06fc  WbioSrvc - ok
09:28:43.0247 0x06fc  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
09:28:43.0266 0x06fc  Wcmsvc - ok
09:28:43.0280 0x06fc  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:28:43.0300 0x06fc  wcncsvc - ok
09:28:43.0305 0x06fc  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:28:43.0318 0x06fc  WcsPlugInService - ok
09:28:43.0323 0x06fc  [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
09:28:43.0333 0x06fc  WdBoot - ok
09:28:43.0352 0x06fc  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:28:43.0375 0x06fc  Wdf01000 - ok
09:28:43.0385 0x06fc  [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
09:28:43.0399 0x06fc  WdFilter - ok
09:28:43.0405 0x06fc  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:28:43.0420 0x06fc  WdiServiceHost - ok
09:28:43.0425 0x06fc  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:28:43.0440 0x06fc  WdiSystemHost - ok
09:28:43.0446 0x06fc  [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
09:28:43.0458 0x06fc  WdNisDrv - ok
09:28:43.0462 0x06fc  WdNisSvc - ok
09:28:43.0471 0x06fc  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\Windows\System32\webclnt.dll
09:28:43.0487 0x06fc  WebClient - ok
09:28:43.0495 0x06fc  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:28:43.0511 0x06fc  Wecsvc - ok
09:28:43.0516 0x06fc  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
09:28:43.0529 0x06fc  WEPHOSTSVC - ok
09:28:43.0534 0x06fc  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:28:43.0550 0x06fc  wercplsupport - ok
09:28:43.0556 0x06fc  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
09:28:43.0571 0x06fc  WerSvc - ok
09:28:43.0578 0x06fc  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
09:28:43.0589 0x06fc  WFPLWFS - ok
09:28:43.0595 0x06fc  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
09:28:43.0607 0x06fc  WiaRpc - ok
09:28:43.0612 0x06fc  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:28:43.0621 0x06fc  WIMMount - ok
09:28:43.0623 0x06fc  WinDefend - ok
09:28:43.0646 0x06fc  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
09:28:43.0673 0x06fc  WinHttpAutoProxySvc - ok
09:28:43.0685 0x06fc  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:28:43.0700 0x06fc  Winmgmt - ok
09:28:43.0753 0x06fc  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:28:43.0813 0x06fc  WinRM - ok
09:28:43.0827 0x06fc  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\System32\drivers\WinUsb.sys
09:28:43.0840 0x06fc  WinUsb - ok
09:28:43.0872 0x06fc  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
09:28:43.0912 0x06fc  WlanSvc - ok
09:28:43.0949 0x06fc  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
09:28:43.0990 0x06fc  wlidsvc - ok
09:28:43.0997 0x06fc  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
09:28:44.0008 0x06fc  WmiAcpi - ok
09:28:44.0017 0x06fc  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:28:44.0032 0x06fc  wmiApSrv - ok
09:28:44.0035 0x06fc  WMPNetworkSvc - ok
09:28:44.0042 0x06fc  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
09:28:44.0054 0x06fc  Wof - ok
09:28:44.0089 0x06fc  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
09:28:44.0131 0x06fc  workfolderssvc - ok
09:28:44.0138 0x06fc  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
09:28:44.0148 0x06fc  wpcfltr - ok
09:28:44.0152 0x06fc  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:28:44.0165 0x06fc  WPCSvc - ok
09:28:44.0170 0x06fc  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:28:44.0183 0x06fc  WPDBusEnum - ok
09:28:44.0187 0x06fc  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
09:28:44.0196 0x06fc  WpdUpFltr - ok
09:28:44.0201 0x06fc  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:28:44.0214 0x06fc  ws2ifsl - ok
09:28:44.0221 0x06fc  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
09:28:44.0236 0x06fc  wscsvc - ok
09:28:44.0239 0x06fc  WSearch - ok
09:28:44.0307 0x06fc  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
09:28:44.0396 0x06fc  WSService - ok
09:28:44.0472 0x06fc  [ 50CEC061C6D6FD2B9C89BECD08991CCB, 31EB1601426223E712C4E4AA29410EDFC81E020996A402BD3E850A2EAF127286 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:28:44.0550 0x06fc  wuauserv - ok
09:28:44.0563 0x06fc  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:28:44.0576 0x06fc  WudfPf - ok
09:28:44.0585 0x06fc  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
09:28:44.0599 0x06fc  WUDFRd - ok
09:28:44.0606 0x06fc  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\Windows\System32\drivers\WUDFRd.sys
09:28:44.0620 0x06fc  WUDFSensorLP - ok
09:28:44.0626 0x06fc  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:28:44.0640 0x06fc  wudfsvc - ok
09:28:44.0649 0x06fc  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
09:28:44.0663 0x06fc  WUDFWpdFs - ok
09:28:44.0670 0x06fc  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\System32\drivers\WUDFRd.sys
09:28:44.0684 0x06fc  WUDFWpdMtp - ok
09:28:44.0698 0x06fc  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:28:44.0719 0x06fc  WwanSvc - ok
09:28:44.0726 0x06fc  ================ Scan global ===============================
09:28:44.0731 0x06fc  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\Windows\system32\basesrv.dll
09:28:44.0738 0x06fc  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
09:28:44.0746 0x06fc  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
09:28:44.0758 0x06fc  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
09:28:44.0765 0x06fc  [ Global ] - ok
09:28:44.0766 0x06fc  ================ Scan MBR ==================================
09:28:44.0768 0x06fc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:28:44.0787 0x06fc  \Device\Harddisk0\DR0 - ok
09:28:44.0789 0x06fc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
09:28:44.0824 0x06fc  \Device\Harddisk1\DR1 - ok
09:28:44.0825 0x06fc  ================ Scan VBR ==================================
09:28:44.0826 0x06fc  [ 9919289D6928AB5EE96FEA7218FCAE61 ] \Device\Harddisk0\DR0\Partition1
09:28:44.0828 0x06fc  \Device\Harddisk0\DR0\Partition1 - ok
09:28:44.0830 0x06fc  [ 1CEE5141BADAF2783BC95EE0ACEF6513 ] \Device\Harddisk0\DR0\Partition2
09:28:44.0831 0x06fc  \Device\Harddisk0\DR0\Partition2 - ok
09:28:44.0833 0x06fc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
09:28:44.0833 0x06fc  \Device\Harddisk0\DR0\Partition3 - ok
09:28:44.0835 0x06fc  [ 0B25417BCB550912E92233DE7D648CED ] \Device\Harddisk0\DR0\Partition4
09:28:44.0837 0x06fc  \Device\Harddisk0\DR0\Partition4 - ok
09:28:44.0838 0x06fc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
09:28:44.0838 0x06fc  \Device\Harddisk1\DR1\Partition1 - ok
09:28:44.0841 0x06fc  [ 8682DB2BFEA4B35464B719ABD0DF867F ] \Device\Harddisk1\DR1\Partition2
09:28:44.0884 0x06fc  \Device\Harddisk1\DR1\Partition2 - ok
09:28:44.0886 0x06fc  [ 06DF17D5EF1202F2B5879CA223F550B8 ] \Device\Harddisk1\DR1\Partition3
09:28:44.0887 0x06fc  \Device\Harddisk1\DR1\Partition3 - ok
09:28:44.0887 0x06fc  ================ Scan generic autorun ======================
09:28:45.0028 0x06fc  [ E1026B2975D308D43E896A108C92F1BD, 562903C88BC3CBD86E9A813001C72576181F2470286040240BAC92E5BF1F1583 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
09:28:45.0164 0x06fc  RTHDVCPL - ok
09:28:45.0233 0x06fc  [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
09:28:45.0293 0x06fc  EvtMgr6 - ok
09:28:45.0301 0x06fc  [ 690EB331346D7ADFDA18E50042DEA4B4, 0C219D7A5FCD4E0252C815373E67F843DBD7356FAE7AB836C451068B51438FE7 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
09:28:45.0313 0x06fc  Classic Start Menu - detected UnsignedFile.Multi.Generic ( 1 )
09:28:48.0913 0x06fc  Detect skipped due to KSN trusted
09:28:48.0913 0x06fc  Classic Start Menu - ok
09:28:48.0918 0x06fc  [ D0B542256A968DFCB8896C140FCE6047, 3F92A9871B521BCCCDFE6D9BFF88930B26C5DB86F6F6578554A3F2ECC5C5EBA0 ] C:\Program Files\iTunes\iTunesHelper.exe
09:28:48.0926 0x06fc  iTunesHelper - ok
09:28:48.0947 0x06fc  [ 3CD5FD3FED5388DC01A072DB5D06C9CD, BED3D0CE4EF7A8D0FAB8B1E2E519D2B7F9BB81E62F5CBC6C968179FC20956165 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
09:28:48.0967 0x06fc  StartCCC - ok
09:28:48.0988 0x06fc  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
09:28:49.0012 0x06fc  Adobe ARM - ok
09:28:49.0020 0x06fc  [ 1227EC13EB996C1016A577B87B4A5AEC, 072EA1BEF053726E22A804992237210E9D9F4A448A920A64D8CF94B7D210BA2E ] C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe
09:28:49.0029 0x06fc  RzWizard - detected UnsignedFile.Multi.Generic ( 1 )
09:28:52.0614 0x06fc  Detect skipped due to KSN trusted
09:28:52.0614 0x06fc  RzWizard - ok
09:28:52.0656 0x06fc  [ EB2D7C483923060D6CD42B4A294833E6, 2B6498D92A4CA13B56F880BD34506AC6C0A27E055326248ED03D3EEB56C85C1B ] D:\Google\Chrome\Application\chrome.exe
09:28:52.0678 0x06fc  GoogleChromeAutoLaunch_A752B9523338A8D2D47F144E00B0239D - ok
09:28:52.0681 0x06fc  Skype - ok
09:28:52.0687 0x06fc  [ 1F3B8FA4BB95CC4DEC61E04DD93F0E70, EED87D913CE951E2E2C24083A4487B2A7D8B34537BCF713F465CF29D13AEF50C ] C:\Users\Ibrahim\AppData\Roaming\Auto Clicker\AutoClicker.exe
09:28:52.0696 0x06fc  MurGee.com Auto Clicker - ok
09:28:52.0703 0x06fc  [ 8576EC783C671002D5CF21CADEF2CE31, 1EFA0CCF4C103AA198740C662FE473BB1456458DEE70BD04B16CACEB4CE94492 ] C:\Users\Ibrahim\AppData\Local\Apps\2.0\X4BO9JD3.19D\AQ5EN8BO.B6O\entr..tion_67e48c3a2893e7a3_0008.0003_6433b85113fc2172\Entropia Tracker Suite.exe
09:28:52.0711 0x06fc  Entropia Tracker Suite - detected UnsignedFile.Multi.Generic ( 1 )
09:28:56.0489 0x06fc  Entropia Tracker Suite ( UnsignedFile.Multi.Generic ) - warning
09:28:56.0489 0x06fc  Force sending object to P2P due to detect: C:\Users\Ibrahim\AppData\Local\Apps\2.0\X4BO9JD3.19D\AQ5EN8BO.B6O\entr..tion_67e48c3a2893e7a3_0008.0003_6433b85113fc2172\Entropia Tracker Suite.exe
09:28:59.0942 0x06fc  Object send P2P result: true
09:29:12.0459 0x06fc  [ 47DBCC66CF9A3DCEF2D42051431160D3, 5E99CB8333471E80590AED8CA139EF859AD617D1C7BD9406913A86016DCA08F6 ] C:\Program Files\CCleaner\CCleaner64.exe
09:29:12.0615 0x06fc  CCleaner Monitoring - ok
09:29:12.0630 0x06fc  Waiting for KSN requests completion. In queue: 1
09:29:13.0646 0x06fc  Waiting for KSN requests completion. In queue: 1
09:29:14.0646 0x06fc  Waiting for KSN requests completion. In queue: 1
09:29:15.0647 0x06fc  Waiting for KSN requests completion. In queue: 1
09:29:16.0772 0x06fc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x61100 ( enabled : updated )
09:29:16.0772 0x06fc  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x40000 ( disabled : updated )
09:29:16.0772 0x06fc  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x40010 ( disabled )
09:29:16.0819 0x06fc  Win FW state via NFP2: disabled ( trusted )
09:29:29.0164 0x06fc  ============================================================
09:29:29.0164 0x06fc  Scan finished
09:29:29.0164 0x06fc  ============================================================
09:29:29.0164 0x18ec  Detected object count: 1
09:29:29.0164 0x18ec  Actual detected object count: 1
09:30:07.0152 0x18ec  Entropia Tracker Suite ( UnsignedFile.Multi.Generic ) - skipped by user
09:30:07.0152 0x18ec  Entropia Tracker Suite ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Malwarebytes Anti-Rootkit hat keine Funde

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.08.04.01
  rootkit: v2015.08.03.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17905
Ibrahim :: PC [administrator]

04.08.2015 09:26:33
mbar-log-2015-08-04 (09-26-33).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 396311
Time elapsed: 5 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Gibt es eigentlich irgendeine Suchmöglichkeit bei der ich während die Connection so stark schwankt/laggt, die Ursache herrausfinde?

Alt 04.08.2015, 15:29   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit - Standard

Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit



Nee eigentlich nicht wirklich. Malware seh ich keine.


http://support2.microsoft.com/kb/929135/de

Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht.

Diesen dann hier benennen.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.08.2015, 15:57   #6
orhanzo
 
Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit - Standard

Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit



Ok. Ist jetzt ne komische Situation da mein Ping zwar noch immer sehr sehr hoch ist aber es im Moment nicht laggt.
Werde versuchen es einzugrenzen!

Vielen dank für die Hilfe

Alt 05.08.2015, 06:34   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit - Standard

Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit



Ok
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit
.dll, adobe, bonjour, browser, ccsetup, defender, desktop, dnsapi.dll, down, ebanking, explorer, failed, firefox, flash player, homepage, hängen, internet, kaspersky, mozilla, realtek, registry, scan, security, services.exe, software, temp, tracker, usb, windows



Ähnliche Themen: Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit


  1. Windows 8 wird immer langsamer
    Alles rund um Windows - 05.06.2015 (5)
  2. Windows 7 wird immer langsamer
    Log-Analyse und Auswertung - 06.09.2014 (11)
  3. Windows 7: Ständige Disconnects für 3sek-2Min, Avira Update auf Japan..
    Plagegeister aller Art und deren Bekämpfung - 26.04.2014 (9)
  4. Browser wird immer langsamer, Websites melden gehäufte Anfragen
    Log-Analyse und Auswertung - 18.03.2014 (15)
  5. Windows 8 ; immer langsamer, hängt und friert ein
    Log-Analyse und Auswertung - 29.11.2013 (25)
  6. Windows 7: Virenfund per Malwarebytes, PC ab und zu langsamer (Browser)
    Log-Analyse und Auswertung - 17.11.2013 (8)
  7. Windows 7: wird immer langsamer
    Log-Analyse und Auswertung - 01.10.2013 (9)
  8. WinXP SP2 Version 2002; Rechner reagiert langsamer; Seitenaufbau teilweise stark verzögert
    Plagegeister aller Art und deren Bekämpfung - 16.08.2013 (15)
  9. Windows Vista, PC wird immer langsamer, CPU immer hoch, Malwarebytes Anti-Malware Funde
    Log-Analyse und Auswertung - 15.08.2013 (13)
  10. Internetgeschwindigkeit schwankt stark!?
    Plagegeister aller Art und deren Bekämpfung - 02.06.2013 (29)
  11. Windows und Firefox immer langsamer - ein Virus?
    Plagegeister aller Art und deren Bekämpfung - 27.02.2013 (11)
  12. Firefox Browser wird immer Langsamer bzw hängt sich auf
    Plagegeister aller Art und deren Bekämpfung - 29.12.2012 (8)
  13. Schädling, der die Internetgeschwindigkeit stark verringert!
    Plagegeister aller Art und deren Bekämpfung - 16.09.2011 (9)
  14. Browser wird immer langsamer > Trojaner ? könnt ihr mir helfen?
    Log-Analyse und Auswertung - 17.06.2009 (27)
  15. Windows XP - Laptop wird immer langsamer
    Log-Analyse und Auswertung - 18.09.2008 (4)
  16. Mein Windows XP wird immer langsamer
    Log-Analyse und Auswertung - 24.02.2008 (4)
  17. Stark schwankende CPU Auslastung
    Log-Analyse und Auswertung - 16.05.2005 (0)

Zum Thema Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit - Hallo liebe Trojaner-Board Community! Seit nun 2 Tagen ca spinnt mein PC. Mein Browser ist immer langsamer geworden bis ich überhaupt nicht mehr im Internet surfen konnte. Daraufhin habe ich - Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit...
Archiv
Du betrachtest: Windows 8.1 - Browser immer langsamer - Disconnects und stark schwankende Internetgeschwindigkeit auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.