Trojaner-Board - Browser leitet stendig auf falsche Java-Seiten um

Okey :(

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014

Ran by Rena (administrator) on RENA-PC on 15-03-2014 21:20:10

Running from C:\Users\Rena\Downloads\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(AMD) C:\windows\system32\atiesrxx.exe

(AMD) C:\windows\system32\atieclxx.exe

(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe

(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe

(Wacom Technology, Corp.) C:\windows\system32\Wacom_Tablet.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Wacom Technology, Corp.) C:\windows\system32\WTablet\Wacom_TabletUser.exe

(Wacom Technology, Corp.) C:\windows\system32\Wacom_Tablet.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe

(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe

(xwidget.com) C:\Program Files (x86)\XWidget\xwidget.exe

(Akamai Technologies, Inc.) C:\Users\Rena\AppData\Local\Akamai\netsession_win.exe

(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Akamai Technologies, Inc.) C:\Users\Rena\AppData\Local\Akamai\netsession_win.exe

(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe

(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe

(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\windows\system32\wbem\WMIADAP.EXE

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2741544 2011-04-08] (Synaptics Incorporated)

HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-11-05] (Lenovo)

HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2011-11-05] (Lenovo (Beijing) Limited)

HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-11-05] (Lenovo(beijing) Limited)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-02-18] (Intel Corporation)

HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-24] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)

HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)

HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)

HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)

HKLM-x32\...\Run: [VeriFaceManager] - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-11-05] (Lenovo)

HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)

HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-595379271-2033000612-2640346619-1000\...\Run: [xwidget] - C:\Program Files (x86)\XWidget\xwidget.exe [1811968 2013-06-09] (xwidget.com)

HKU\S-1-5-21-595379271-2033000612-2640346619-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Rena\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)

HKU\S-1-5-21-595379271-2033000612-2640346619-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)

HKU\S-1-5-21-595379271-2033000612-2640346619-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

SSODL-x32: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - DefaultScope value is missing.

BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 

FireFox:

========

FF ProfilePath: C:\Users\Rena\AppData\Roaming\Mozilla\Firefox\Profiles\3rvmdikx.default

FF DefaultSearchEngine: Bing 

FF SearchEngineOrder.3: Bing 

FF SelectedSearchEngine: Bing 

FF Homepage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071113

FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=071113&q=

FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()

FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-03]

FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com

FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-06-18]

FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com

FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-06-18]

FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com

FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-06-18]

FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com

FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-06-18]

FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com

FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-06-18]
 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com/

CHR RestoreOnStartup: "hxxp://www.google.com"

CHR Extension: (No Name) - C:\Users\Rena\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2012-10-28]

CHR Extension: (ProxMate - unblock the Internet!) - C:\Users\Rena\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm [2012-10-04]

CHR Extension: (chrometheme) - C:\Users\Rena\AppData\Local\Google\Chrome\User Data\Default\Extensions\kijbcbkfimhkfmjmidhgifobolpmnggc [2012-06-19]

CHR Extension: (ScrewAds - Block, Skip, Remove YouTube Ads) - C:\Users\Rena\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbnjoljpgkhiaicaejkdcjbfjknipnc [2012-11-19]

CHR Extension: (FastestChrome - Browse Faster) - C:\Users\Rena\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2013-06-24]

CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Rena\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2013-06-24]

CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-10-25]

CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-10-25]

CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-10-25]

CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-10-25]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]

CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Rena\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2014-03-03]

CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-10-25]
 

==================== Services (Whitelisted) =================
 

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)

R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953632 2010-12-14] (Broadcom Corporation.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)

R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)

R2 TabletServiceWacom; C:\windows\system32\Wacom_Tablet.exe [6245744 2010-03-09] (Wacom Technology, Corp.)
 

==================== Drivers (Whitelisted) ====================
 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-10] (Kaspersky Lab ZAO)

U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-06-18] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-09] (Kaspersky Lab ZAO)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-10] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)

R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-18] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-06-18] (Kaspersky Lab ZAO)

R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

S3 mcdevice; C:\Windows\System32\DRIVERS\mcdevice.sys [334400 2011-05-19] (ShiningMorning Inc.)

S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)

R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)

S3 AVFSFilter; system32\DRIVERS\avfsfilter.sys [X]

U3 BcmSqlStartupSvc; 

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

U2 CLKMSVC10_3A60B698; 

U2 CLKMSVC10_C3B3B687; 

U2 DriverService; 

S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]

U2 iATAgentService; 

U2 idealife Update Service; 

U3 IGRS; 

U2 IviRegMgr; 

S3 MFE_RR; \??\C:\Users\Rena\AppData\Local\Temp\mfe_rr.sys [X]

U2 nvUpdatusService; 

U2 Oasis2Service; 

U2 PCCarerService; 

S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [X]

U2 ReadyComm.DirectRouter; 

U2 RichVideo; 

U2 RtLedService; 

U2 SeaPort; 

U2 SoftwareService; 

U3 SQLWriter; 

U2 Stereo Service; 
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-03-15 21:19 - 2014-03-15 21:20 - 00000000 ____D () C:\FRST

2014-03-15 12:53 - 2014-03-15 12:53 - 00000000 __SHD () C:\windows\SysWOW64\AI_RecycleBin

2014-03-15 00:09 - 2014-03-15 00:09 - 00380416 _____ () C:\Users\Rena\Downloads\rgy6ti4h.exe

2014-03-14 23:44 - 2014-03-14 23:44 - 00000000 ____D () C:\Users\Rena\Downloads\tdsskiller

2014-03-14 23:43 - 2014-03-14 23:43 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Rena\Downloads\tdsskiller.exe

2014-03-14 23:01 - 2014-03-14 23:01 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-03-14 23:01 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys

2014-03-13 19:52 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll

2014-03-13 19:51 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-03-13 19:51 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-03-13 19:51 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

2014-03-13 19:51 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll

2014-03-13 19:51 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll

2014-03-13 19:50 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-03-13 19:50 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-03-13 19:50 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-03-13 19:50 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-03-13 19:50 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-03-13 19:50 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-03-13 19:50 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-03-13 19:50 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2014-03-13 19:50 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-03-13 19:50 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-03-13 19:50 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-03-13 19:50 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-03-13 19:50 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe

2014-03-13 19:50 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-03-13 19:50 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-03-13 19:50 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-03-13 19:50 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-03-13 19:50 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-03-13 19:50 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-03-13 19:50 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-03-13 19:50 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-03-13 19:50 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-03-13 19:50 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2014-03-13 19:50 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-03-13 19:50 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-03-13 19:50 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-03-13 19:50 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-03-13 19:50 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-03-13 19:50 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-03-13 19:50 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-03-13 19:50 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-03-13 19:50 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-03-13 19:50 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-03-13 19:50 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-03-13 19:50 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-03-13 19:50 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-03-13 19:50 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-03-13 19:50 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-03-13 19:47 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll

2014-03-13 19:47 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll

2014-03-13 19:46 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll

2014-03-13 19:46 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll

2014-03-10 22:57 - 2014-03-11 19:29 - 00000000 ____D () C:\Program Files (x86)\DMO

2014-03-10 21:45 - 2014-03-10 22:39 - 760347378 _____ () C:\Users\Rena\Downloads\DMO_Install_20130409.exe

2014-03-07 23:24 - 2014-03-07 23:24 - 00007600 _____ () C:\Users\Rena\AppData\Local\Resmon.ResmonCfg

2014-03-07 20:42 - 2014-03-07 21:22 - 02206190 _____ () C:\Users\Rena\Documents\AutoSave_Unbenannt.skp

2014-03-06 21:10 - 2014-03-06 21:11 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4

2014-03-06 20:46 - 2014-03-06 20:46 - 00001075 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-03-06 20:46 - 2014-03-06 20:46 - 00000000 ____D () C:\ProgramData\Mozilla

2014-03-06 20:46 - 2014-03-06 20:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-03-06 20:33 - 2014-03-06 20:33 - 00000000 ____D () C:\Users\Rena\AppData\Local\Secunia PSI

2014-03-06 20:33 - 2014-03-06 20:33 - 00000000 ____D () C:\Program Files (x86)\Secunia

2014-03-06 20:31 - 2014-03-06 20:32 - 05329480 _____ (Secunia) C:\Users\Rena\Downloads\PSISetup_3.0.0.9016.exe

2014-03-06 20:05 - 2014-03-06 20:06 - 00001396 _____ () C:\DelFix.txt

2014-03-06 19:06 - 2014-03-06 19:06 - 00002725 _____ () C:\Users\Rena\AppData\Local\recently-used.xbel

2014-02-27 19:41 - 2014-02-27 19:41 - 00000000 ____D () C:\Users\Rena\AppData\Local\Skype

2014-02-25 21:44 - 2014-02-25 21:44 - 00000624 _____ () C:\Users\Rena\Desktop\JRT.txt

2014-02-24 16:55 - 2014-03-06 20:03 - 00000000 ____D () C:\windows\erdnt

2014-02-23 19:36 - 2014-02-23 19:36 - 00924536 _____ () C:\windows\Minidump\022314-21543-01.dmp

2014-02-23 02:07 - 2014-02-23 02:09 - 16532765 _____ () C:\Users\Rena\Downloads\[1.7] Dokucraft_TSC_Light.zip

2014-02-21 15:54 - 2014-02-21 15:54 - 00000000 ____D () C:\Users\Rena\AppData\Roaming\Oracle

2014-02-14 17:24 - 2014-02-14 17:24 - 00675988 _____ () C:\Users\Rena\Downloads\Minecraft.exe

2014-02-13 17:04 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2014-02-13 17:04 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2014-02-13 16:39 - 2014-01-01 00:05 - 00420008 _____ () C:\windows\SysWOW64\locale.nls

2014-02-13 16:39 - 2014-01-01 00:04 - 00420008 _____ () C:\windows\system32\locale.nls

2014-02-13 16:39 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll

2014-02-13 16:39 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll

2014-02-13 16:39 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll

2014-02-13 16:39 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll

2014-02-13 16:37 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll

2014-02-13 16:37 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll

2014-02-13 16:37 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll

2014-02-13 16:37 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll

2014-02-13 16:37 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll

2014-02-13 16:37 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe

2014-02-13 16:37 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe

2014-02-13 16:37 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe

2014-02-13 16:37 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe

2014-02-13 16:37 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll

2014-02-13 16:37 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll

2014-02-13 16:37 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll

2014-02-13 16:37 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll

2014-02-13 16:37 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll

2014-02-13 16:37 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe

2014-02-13 16:37 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe

2014-02-13 16:37 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe

2014-02-13 16:37 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe

2014-02-13 16:36 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll

2014-02-13 16:36 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll

2014-02-13 16:36 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll

2014-02-13 16:36 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
 

==================== One Month Modified Files and Folders =======
 

2014-03-15 21:20 - 2014-03-15 21:19 - 00000000 ____D () C:\FRST

2014-03-15 21:19 - 2011-11-05 18:58 - 01700626 _____ () C:\windows\WindowsUpdate.log

2014-03-15 21:18 - 2013-06-13 21:11 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-03-15 21:16 - 2013-11-01 22:35 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-03-15 21:16 - 2012-06-18 19:29 - 00000000 ____D () C:\Users\Rena\AppData\Roaming\Skype

2014-03-15 21:16 - 2011-11-05 19:39 - 00000000 ____D () C:\ProgramData\VeriFace

2014-03-15 21:15 - 2013-06-18 23:41 - 01025991 _____ () C:\FaceProv.log

2014-03-15 21:15 - 2013-06-15 21:58 - 00025884 _____ () C:\windows\setupact.log

2014-03-15 21:15 - 2012-06-20 12:20 - 00000000 ____D () C:\Users\Rena\AppData\Roaming\WTablet

2014-03-15 21:15 - 2011-11-05 19:46 - 00534346 _____ () C:\windows\system32\fastboot.set

2014-03-15 21:15 - 2011-11-05 19:33 - 00001194 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-03-15 21:15 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-03-15 14:46 - 2011-11-05 19:33 - 00001198 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-03-15 12:53 - 2014-03-15 12:53 - 00000000 __SHD () C:\windows\SysWOW64\AI_RecycleBin

2014-03-15 12:26 - 2009-07-14 05:45 - 00021280 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-03-15 12:26 - 2009-07-14 05:45 - 00021280 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-03-15 12:24 - 2009-07-14 06:13 - 00006250 _____ () C:\windows\system32\PerfStringBackup.INI

2014-03-15 10:42 - 2013-06-16 16:57 - 00114000 _____ () C:\windows\PFRO.log

2014-03-15 00:09 - 2014-03-15 00:09 - 00380416 _____ () C:\Users\Rena\Downloads\rgy6ti4h.exe

2014-03-14 23:44 - 2014-03-14 23:44 - 00000000 ____D () C:\Users\Rena\Downloads\tdsskiller

2014-03-14 23:43 - 2014-03-14 23:43 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Rena\Downloads\tdsskiller.exe

2014-03-14 23:01 - 2014-03-14 23:01 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-03-14 23:01 - 2013-06-13 21:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-03-14 22:51 - 2012-08-02 20:13 - 00000000 ____D () C:\Fraps

2014-03-14 22:37 - 2012-09-24 22:04 - 00000434 _____ () C:\windows\system32\Drivers\etc\hosts.ics

2014-03-14 22:02 - 2009-07-14 05:45 - 02383320 _____ () C:\windows\system32\FNTCACHE.DAT

2014-03-14 22:01 - 2013-03-14 21:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-03-14 22:01 - 2013-03-14 21:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-03-13 20:26 - 2013-02-16 17:50 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-03-11 19:29 - 2014-03-10 22:57 - 00000000 ____D () C:\Program Files (x86)\DMO

2014-03-10 23:01 - 2012-06-25 17:27 - 00000000 ____D () C:\Users\Rena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Joymax

2014-03-10 22:39 - 2014-03-10 21:45 - 760347378 _____ () C:\Users\Rena\Downloads\DMO_Install_20130409.exe

2014-03-10 17:49 - 2012-06-18 19:05 - 00000000 ____D () C:\Users\Rena\Documents\Youcam

2014-03-07 23:24 - 2014-03-07 23:24 - 00007600 _____ () C:\Users\Rena\AppData\Local\Resmon.ResmonCfg

2014-03-07 21:22 - 2014-03-07 20:42 - 02206190 _____ () C:\Users\Rena\Documents\AutoSave_Unbenannt.skp

2014-03-07 13:55 - 2012-06-18 06:23 - 00117616 _____ () C:\Users\Rena\AppData\Local\GDIPFONTCACHEV1.DAT

2014-03-06 21:11 - 2014-03-06 21:10 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4

2014-03-06 21:09 - 2012-06-18 06:23 - 00000000 ___RD () C:\Users\Rena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-03-06 20:46 - 2014-03-06 20:46 - 00001075 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-03-06 20:46 - 2014-03-06 20:46 - 00000000 ____D () C:\ProgramData\Mozilla

2014-03-06 20:46 - 2014-03-06 20:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-03-06 20:45 - 2012-08-08 14:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-03-06 20:40 - 2012-06-18 21:26 - 00000000 ____D () C:\ProgramData\Adobe

2014-03-06 20:40 - 2012-06-18 21:26 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-03-06 20:33 - 2014-03-06 20:33 - 00000000 ____D () C:\Users\Rena\AppData\Local\Secunia PSI

2014-03-06 20:33 - 2014-03-06 20:33 - 00000000 ____D () C:\Program Files (x86)\Secunia

2014-03-06 20:32 - 2014-03-06 20:31 - 05329480 _____ (Secunia) C:\Users\Rena\Downloads\PSISetup_3.0.0.9016.exe

2014-03-06 20:06 - 2014-03-06 20:05 - 00001396 _____ () C:\DelFix.txt

2014-03-06 20:05 - 2013-12-31 15:51 - 00000000 ____D () C:\windows\ERUNT

2014-03-06 20:03 - 2014-02-24 16:55 - 00000000 ____D () C:\windows\erdnt

2014-03-06 20:00 - 2012-06-18 06:22 - 00000000 ____D () C:\Users\Rena

2014-03-06 19:30 - 2012-06-19 20:19 - 00000000 ____D () C:\Users\Rena\.gimp-2.8

2014-03-06 19:06 - 2014-03-06 19:06 - 00002725 _____ () C:\Users\Rena\AppData\Local\recently-used.xbel

2014-03-04 17:50 - 2011-11-05 19:33 - 00002183 _____ () C:\Users\Public\Desktop\Internet Browser.lnk

2014-03-01 18:23 - 2012-08-21 12:49 - 00000000 ____D () C:\Users\Rena\AppData\Roaming\.minecraft

2014-03-01 07:05 - 2014-03-13 19:50 - 23133696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-03-01 06:17 - 2014-03-13 19:50 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-03-01 06:16 - 2014-03-13 19:50 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-03-01 05:58 - 2014-03-13 19:51 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-03-01 05:52 - 2014-03-13 19:50 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-03-01 05:51 - 2014-03-13 19:50 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-03-01 05:42 - 2014-03-13 19:50 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-03-01 05:40 - 2014-03-13 19:50 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-03-01 05:37 - 2014-03-13 19:50 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2014-03-01 05:33 - 2014-03-13 19:50 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-03-01 05:33 - 2014-03-13 19:50 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-03-01 05:32 - 2014-03-13 19:50 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-03-01 05:30 - 2014-03-13 19:50 - 17074688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-03-01 05:23 - 2014-03-13 19:50 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe

2014-03-01 05:17 - 2014-03-13 19:50 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-03-01 05:11 - 2014-03-13 19:50 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-03-01 05:02 - 2014-03-13 19:50 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-03-01 04:54 - 2014-03-13 19:50 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-03-01 04:52 - 2014-03-13 19:50 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-03-01 04:51 - 2014-03-13 19:50 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-03-01 04:47 - 2014-03-13 19:50 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-03-01 04:43 - 2014-03-13 19:51 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-03-01 04:43 - 2014-03-13 19:50 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-03-01 04:42 - 2014-03-13 19:50 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-03-01 04:40 - 2014-03-13 19:50 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2014-03-01 04:38 - 2014-03-13 19:50 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-03-01 04:37 - 2014-03-13 19:50 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-03-01 04:35 - 2014-03-13 19:50 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-03-01 04:18 - 2014-03-13 19:50 - 13051904 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-03-01 04:16 - 2014-03-13 19:50 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-03-01 04:14 - 2014-03-13 19:50 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-03-01 04:10 - 2014-03-13 19:50 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-03-01 04:03 - 2014-03-13 19:50 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-03-01 04:00 - 2014-03-13 19:50 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-03-01 03:57 - 2014-03-13 19:50 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-03-01 03:38 - 2014-03-13 19:50 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-03-01 03:32 - 2014-03-13 19:50 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-03-01 03:27 - 2014-03-13 19:50 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-03-01 03:25 - 2014-03-13 19:50 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-03-01 03:25 - 2014-03-13 19:50 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-02-27 19:41 - 2014-02-27 19:41 - 00000000 ____D () C:\Users\Rena\AppData\Local\Skype

2014-02-27 19:40 - 2012-06-18 19:29 - 00000000 ____D () C:\ProgramData\Skype

2014-02-25 21:44 - 2014-02-25 21:44 - 00000624 _____ () C:\Users\Rena\Desktop\JRT.txt

2014-02-24 17:07 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default

2014-02-24 17:06 - 2009-07-14 03:34 - 00000215 _____ () C:\windows\system.ini

2014-02-23 19:36 - 2014-02-23 19:36 - 00924536 _____ () C:\windows\Minidump\022314-21543-01.dmp

2014-02-23 19:36 - 2013-06-30 15:59 - 701251290 _____ () C:\windows\MEMORY.DMP

2014-02-23 19:36 - 2012-06-30 20:53 - 00000000 ____D () C:\windows\Minidump

2014-02-23 02:09 - 2014-02-23 02:07 - 16532765 _____ () C:\Users\Rena\Downloads\[1.7] Dokucraft_TSC_Light.zip

2014-02-21 16:07 - 2012-06-18 20:49 - 00000000 ____D () C:\Program Files (x86)\VideoLAN

2014-02-21 15:54 - 2014-02-21 15:54 - 00000000 ____D () C:\Users\Rena\AppData\Roaming\Oracle

2014-02-16 17:29 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache

2014-02-16 01:55 - 2013-08-04 01:51 - 00000000 ____D () C:\windows\system32\MRT

2014-02-16 01:53 - 2012-09-20 21:12 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2014-02-14 17:24 - 2014-02-14 17:24 - 00675988 _____ () C:\Users\Rena\Downloads\Minecraft.exe

2014-02-13 16:41 - 2011-11-05 19:33 - 00004194 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-02-13 16:41 - 2011-11-05 19:33 - 00003942 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
 

Some content of TEMP:

====================

C:\Users\Rena\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-03-15 14:38
 

==================== End Of Log ============================

--- --- ---

Addition:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014

Ran by Rena at 2014-03-15 21:20:46

Running from C:\Users\Rena\Downloads\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}

AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
 

==================== Installed Programs ======================
 

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30260 - BitTorrent Inc.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden

Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)

Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.110 - Adobe Systems Incorporated)

Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.7.700.224 - Adobe Systems Incorporated)

Adobe Photoshop Lightroom 4 64-bit (HKLM\...\{669A82E0-43E2-4645-8A2E-1A3DE78F8312}) (Version: 4.0.1 - Adobe)

Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)

Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)

Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)

Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)

Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)

ATI Catalyst Install Manager (HKLM\...\{C3E6E2B5-DEB5-235A-4999-4D424C11788B}) (Version: 3.0.808.0 - ATI Technologies, Inc.)

ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.813.3.2-110324a-116588C-Lenovo - ATI Technologies, Inc.)

Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)

AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )

AVStoDVD 2.6.0 (HKLM-x32\...\AVStoDVD) (Version: 2.6.0 - MrC)

BioShock (HKLM-x32\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.62.0000 - 2K Games)

Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)

Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0324.2228.38483 - ATI) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2011.0324.2228.38483 - ATI Technologies, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2011.0324.2228.38483 - ATI) Hidden

Catalyst Control Center Profiles Mobile (x32 Version: 2011.0324.2228.38483 - ATI) Hidden

CCC Help Chinese Standard (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Chinese Traditional (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Czech (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Danish (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Dutch (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help English (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Finnish (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help French (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help German (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Greek (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Hungarian (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Italian (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Japanese (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Korean (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Norwegian (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Polish (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Portuguese (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Russian (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Spanish (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Swedish (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Thai (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

CCC Help Turkish (x32 Version: 2011.0324.2227.38483 - ATI) Hidden

ccc-core-static (x32 Version: 2011.0324.2228.38483 - ATI) Hidden

ccc-utility64 (Version: 2011.0324.2228.38483 - ATI) Hidden

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.1.0 - Conexant)

Contrast (HKLM-x32\...\Steam App 224460) (Version:  - Compulsion Games)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)

Energy Management (x32 Version: 6.0.2.0 - Lenovo) Hidden

Express Burn (HKLM-x32\...\ExpressBurn) (Version:  - NCH Software)

Free RAR Extract Frog (HKLM-x32\...\Free RAR Extract Frog) (Version: 4.30 - Philipp Winterberg)

GDMO (HKLM-x32\...\DMO) (Version:  - )

GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)

Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google SketchUp 8 (HKLM-x32\...\{4BA6784F-3B10-473A-B9F5-33A36AC354D5}) (Version: 3.0.14358 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden

GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)

Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )

Happy Cloud Client (HKCU\...\HappyCloud) (Version: 1.338 - Happy Cloud, Inc.)

IconPackager (HKLM-x32\...\IconPackager) (Version: 5.10 - Stardock Corporation)

Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)

Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Kaai Yuki Vocaloid3 Library (HKLM-x32\...\Kaai Yuki Vocaloid3 Library_is1) (Version: Vocaloid3 Library - Voronov Nikolay)

Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)

Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )

Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7400 - Broadcom Corporation)

Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1209.1 - Lenovo EasyCamera)

Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.6 - Lenovo)

Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)

Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden

Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)

Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden

Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

Megurine Luka ENG Vocaloid3 Library (HKLM-x32\...\Megurine Luka ENG Vocaloid3 Library_is1) (Version: Vocaloid3 Library - Voronov Nikolay)

Megurine Luka JPN Vocaloid3 Library (HKLM-x32\...\Megurine Luka JPN Vocaloid3 Library_is1) (Version: Vocaloid3 Library - Voronov Nikolay)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Mozilla Firefox 27.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0 (x86 en-US)) (Version: 27.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

Nero Burning ROM (x32 Version: 12.5.5001 - Nero AG) Hidden

Nero Burning ROM Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden

Nero BurningROM 12 (HKLM-x32\...\{4AC7B4F3-1B75-4BA7-82C4-F9A22B430A3D}) (Version: 12.5.00900 - Nero AG)

Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden

Nero ControlCenter Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden

Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden

Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0 - Nero AG) Hidden

Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden

NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)

Oliver Vocaloid3 Library (HKLM-x32\...\Oliver Vocaloid3 Library_is1) (Version: Vocaloid3 Library - Voronov Nikolay)

OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)

Origin (HKLM-x32\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)

Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)

Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)

Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden

PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden

Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10003 - Realtek Semiconductor Corp.)

Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)

Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden

Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)

Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)

Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.0.0 - Synaptics Incorporated)

TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.19617 - TeamViewer)

TERA (HKLM-x32\...\{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}) (Version: 1.5 - En Masse Entertainment)

UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)

UserGuide (x32 Version: 1.0.0.6 - Lenovo) Hidden

UTAU 歌声合成ツール (HKLM-x32\...\{E36514A0-3E41-4E2B-9377-4F687A63A02B}) (Version: 1.1.17 - 飴屋プロジェクト)

VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.0.1224 - Lenovo)

VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version:  - NCH Software)

Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)

VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version:  - )

Vocaloid3 Free Edition v3.0.5.0 (HKLM-x32\...\Vocaloid3 Free Edition v3.0.5.0_is1) (Version: Vocaloid3 Free Edition v3.0.5.0 - )

Wacom Tablet (HKLM-x32\...\Wacom Tablet Driver) (Version:  - Wacom Technology Corp.)

WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.4 - Wacom Technology Corp.)

WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.3 - Wacom Technology Corp.)

Windows Driver Package - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden

x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version:  - )

XMedia Recode Version 3.1.6.0 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.6.0 - XMedia Recode)

XWidget Ver1.84 (HKLM-x32\...\{A6E16998-A241-438F-A916-5CD59B5506C0}_is1) (Version:  - XWidget Software)

Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)

Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 

==================== Restore Points  =========================
 

06-03-2014 19:05:59 End of disinfection

11-03-2014 15:07:36 Windows Update

13-03-2014 21:20:27 Windows Update

15-03-2014 11:51:59 Removed Aeria Ignite
 

==================== Hosts content: ==========================
 

2009-07-14 03:34 - 2014-02-24 17:05 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {059B84EC-AD00-44B9-840E-22C8E21E39DD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)

Task: {3A40D76B-2B18-4B17-8C00-48B29F975296} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)

Task: {615A1C8E-3999-4B37-883B-D630F1317E55} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {8B8F8DC3-F7D5-4B4A-B181-B7FFC9243CD4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05] (Google Inc.)

Task: {CF1E27F3-0E8D-4A57-850F-CDA8577F52DE} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)

Task: {F16AA0EA-D095-49A5-B7F5-551D7CED5212} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05] (Google Inc.)

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2011-11-05 19:39 - 2011-11-05 19:39 - 01508192 _____ () C:\windows\system32\IcnOvrly.dll

2011-11-05 19:39 - 2011-11-05 19:39 - 00628064 _____ () C:\windows\system32\SimpleExt.dll

2011-11-05 19:08 - 2011-03-25 10:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2008-12-20 04:20 - 2011-11-05 19:48 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll

2008-12-20 04:20 - 2011-11-05 19:48 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll

2010-12-14 19:05 - 2010-12-14 19:05 - 00173856 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll

2012-08-17 20:39 - 2013-06-18 22:30 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll

2013-06-24 00:39 - 2009-08-12 11:09 - 00077824 _____ () C:\Program Files (x86)\XWidget\Res\Lib\lib.dll

2014-01-08 17:47 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll

2014-01-08 17:47 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll

2013-10-24 09:45 - 2014-02-11 03:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll

2013-10-30 11:25 - 2014-02-25 22:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL

2013-10-23 12:07 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

2013-06-14 15:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll

2013-06-14 15:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll

2013-06-14 15:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll

2011-11-05 19:39 - 2011-11-05 19:39 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll

2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll

2014-02-14 12:41 - 2014-02-14 12:41 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aeb07412ad41bff851002a4cd8ed97d1\IsdiInterop.ni.dll

2011-11-05 19:08 - 2011-02-18 09:16 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

2014-03-04 17:50 - 2014-03-02 03:35 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll

2014-03-04 17:50 - 2014-03-02 03:35 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll

2014-03-04 17:50 - 2014-03-02 03:35 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll

2014-03-04 17:50 - 2014-03-02 03:35 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll

2014-03-04 17:50 - 2014-03-02 03:35 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll

2014-03-04 17:50 - 2014-03-02 03:35 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

AlternateDataStreams: C:\windows\system32\Drivers\hxhrcall.sys:changelist

AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Disabled items from MSCONFIG ==============
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (03/15/2014 09:17:38 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (03/15/2014 09:16:30 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (03/15/2014 09:15:26 PM) (Source: TabletServiceWacom) (User: )

Description: TabletService Error: 

Could not init tablet driver
 

Error: (03/15/2014 02:49:04 PM) (Source: ATIeRecord) (User: )

Description: ATI EEU failed to post message to CCC
 

Error: (03/15/2014 02:49:01 PM) (Source: ATIeRecord) (User: )

Description: ATI EEU failed to post message to CCC
 

Error: (03/15/2014 00:24:22 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 

Error: (03/15/2014 00:24:22 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 

Error: (03/15/2014 00:20:47 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (03/15/2014 00:20:01 PM) (Source: Steam Client Service) (User: )

Description: Error: Failed to poke open firewall
 

Error: (03/15/2014 00:19:38 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

System errors:

=============

Error: (03/15/2014 10:42:56 AM) (Source: Service Control Manager) (User: )

Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: 

%%1068
 

Error: (03/15/2014 10:42:56 AM) (Source: DCOM) (User: )

Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 

Error: (03/15/2014 10:42:56 AM) (Source: DCOM) (User: )

Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 

Error: (03/15/2014 10:42:53 AM) (Source: DCOM) (User: )

Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}
 

Error: (03/15/2014 10:42:46 AM) (Source: DCOM) (User: )

Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}
 

Error: (03/15/2014 10:42:36 AM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load: 

BPntDrv

discache

KLIF

kneps

spldr

Wanarpv6
 

Error: (03/15/2014 10:42:29 AM) (Source: Service Control Manager) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068
 

Error: (03/14/2014 11:14:24 PM) (Source: DCOM) (User: )

Description: 1084SkypeUpdate/ComService{CC957078-B838-47C4-A7CF-626E7A82FC58}
 

Error: (03/14/2014 10:50:40 PM) (Source: DCOM) (User: )

Description: 1068BITS{4991D34B-80A1-4291-83B6-3328366B9097}
 

Error: (03/14/2014 10:43:39 PM) (Source: Service Control Manager) (User: )

Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: 

%%1068
 
 

Microsoft Office Sessions:

=========================

Error: (03/15/2014 09:17:38 PM) (Source: Steam Client Service)(User: )

Description: Failed to poke open firewall
 

Error: (03/15/2014 09:16:30 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (03/15/2014 09:15:26 PM) (Source: TabletServiceWacom)(User: )

Description: Could not init tablet driver
 

Error: (03/15/2014 02:49:04 PM) (Source: ATIeRecord)(User: )

Description: 
 

Error: (03/15/2014 02:49:01 PM) (Source: ATIeRecord)(User: )

Description: 
 

Error: (03/15/2014 00:24:22 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)

Description: WmiApRplWmiApRpl8F20300004D070000
 

Error: (03/15/2014 00:24:22 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)

Description: Performance1637070000000000000000000009030000
 

Error: (03/15/2014 00:20:47 PM) (Source: Steam Client Service)(User: )

Description: Failed to poke open firewall
 

Error: (03/15/2014 00:20:01 PM) (Source: Steam Client Service)(User: )

Description: Failed to poke open firewall
 

Error: (03/15/2014 00:19:38 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

CodeIntegrity Errors:

===================================

  Date: 2014-03-15 14:39:46.874

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-03-15 14:39:46.874

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-03-15 14:39:46.858

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-03-15 14:39:46.827

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-03-15 14:39:46.827

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-03-15 14:39:46.827

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-03-06 18:03:26.291

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-03-06 18:03:26.287

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-03-06 18:03:26.282

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-03-06 18:03:26.251

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 63%

Total physical RAM: 4039.86 MB

Available physical RAM: 1469.24 MB

Total Pagefile: 8077.9 MB

Available Pagefile: 4988.94 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:654.69 GB) (Free:458.25 GB) NTFS

Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:12.48 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: BA3C67D8)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

Okey.

Code:

18:10:02.0643 0x0f5c  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02

18:10:07.0447 0x0f5c  ============================================================

18:10:07.0447 0x0f5c  Current date / time: 2014/03/17 18:10:07.0447

18:10:07.0447 0x0f5c  SystemInfo:

18:10:07.0447 0x0f5c  

18:10:07.0447 0x0f5c  OS Version: 6.1.7601 ServicePack: 1.0

18:10:07.0447 0x0f5c  Product type: Workstation

18:10:07.0447 0x0f5c  ComputerName: RENA-PC

18:10:07.0447 0x0f5c  UserName: Rena

18:10:07.0447 0x0f5c  Windows directory: C:\windows

18:10:07.0447 0x0f5c  System windows directory: C:\windows

18:10:07.0447 0x0f5c  Running under WOW64

18:10:07.0447 0x0f5c  Processor architecture: Intel x64

18:10:07.0447 0x0f5c  Number of processors: 4

18:10:07.0447 0x0f5c  Page size: 0x1000

18:10:07.0447 0x0f5c  Boot type: Normal boot

18:10:07.0447 0x0f5c  ============================================================

18:10:07.0648 0x0f5c  KLMD registered as C:\windows\system32\drivers\46436286.sys

18:10:08.0227 0x0f5c  System UUID: {63786E41-85B9-E4C1-BB85-784D493A172E}

18:10:09.0726 0x0f5c  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

18:10:09.0730 0x0f5c  ============================================================

18:10:09.0731 0x0f5c  \Device\Harddisk0\DR0:

18:10:09.0731 0x0f5c  MBR partitions:

18:10:09.0731 0x0f5c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000

18:10:09.0731 0x0f5c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x51D61000

18:10:09.0832 0x0f5c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x51DC6000, BlocksNum 0x39FE000

18:10:09.0832 0x0f5c  ============================================================

18:10:10.0146 0x0f5c  C: <-> \Device\Harddisk0\DR0\Partition2

18:10:10.0296 0x0f5c  D: <-> \Device\Harddisk0\DR0\Partition3

18:10:10.0297 0x0f5c  ============================================================

18:10:10.0297 0x0f5c  Initialize success

18:10:10.0297 0x0f5c  ============================================================

18:11:09.0676 0x1670  ============================================================

18:11:09.0676 0x1670  Scan started

18:11:09.0676 0x1670  Mode: Manual; SigCheck; TDLFS; 

18:11:09.0676 0x1670  ============================================================

18:11:09.0676 0x1670  KSN ping started

18:11:12.0675 0x1670  KSN ping finished: true

18:11:13.0878 0x1670  ================ Scan system memory ========================

18:11:13.0878 0x1670  System memory - ok

18:11:13.0879 0x1670  ================ Scan services =============================

18:11:14.0862 0x1670  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys

18:11:15.0285 0x1670  1394ohci - ok

18:11:15.0533 0x1670  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys

18:11:15.0590 0x1670  ACPI - ok

18:11:15.0685 0x1670  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys

18:11:15.0981 0x1670  AcpiPmi - ok

18:11:16.0176 0x1670  [ 5BBFF8B826EC38D32C26334E079C7EFC, 673D46409F0225A804B55FFB77E82AF34F8C7A93BEEF92DC3DFAC7EFCC5F09B6 ] ACPIVPC         C:\windows\system32\DRIVERS\AcpiVpc.sys

18:11:16.0239 0x1670  ACPIVPC - ok

18:11:16.0734 0x1670  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

18:11:16.0790 0x1670  AdobeARMservice - ok

18:11:16.0955 0x1670  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys

18:11:17.0244 0x1670  adp94xx - ok

18:11:17.0498 0x1670  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys

18:11:18.0000 0x1670  adpahci - ok

18:11:18.0150 0x1670  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys

18:11:18.0200 0x1670  adpu320 - ok

18:11:18.0287 0x1670  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll

18:11:19.0317 0x1670  AeLookupSvc - ok

18:11:19.0670 0x1670  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\windows\system32\drivers\afd.sys

18:11:20.0318 0x1670  AFD - ok

18:11:20.0503 0x1670  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys

18:11:20.0583 0x1670  agp440 - ok

18:11:20.0778 0x1670  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe

18:11:20.0858 0x1670  ALG - ok

18:11:20.0998 0x1670  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys

18:11:21.0032 0x1670  aliide - ok

18:11:21.0193 0x1670  [ A9141F9FE92E67A92B3948635E96CF77, 1479E88C499BB146EA0F8F9C55866A331B7D845A254ECDEC0F928CB4AE3DDEA6 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe

18:11:22.0704 0x1670  AMD External Events Utility - ok

18:11:22.0785 0x1670  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys

18:11:22.0810 0x1670  amdide - ok

18:11:22.0918 0x1670  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys

18:11:22.0980 0x1670  AmdK8 - ok

18:11:23.0557 0x1670  [ 99A33223B2D67A5A8839E373490F8EBC, 23BDC36858A507DFEA400D010267C59B9AD7D72B45D94D34DE6D2C452F3380C3 ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys

18:11:24.0572 0x1670  amdkmdag - ok

18:11:24.0938 0x1670  [ 73A3D07343773A4F0881A458D485BE11, A8239F90AA870B271752CCD3ACE53A2992929F8294E0485F5615FCC310188133 ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys

18:11:25.0082 0x1670  amdkmdap - ok

18:11:25.0118 0x1670  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys

18:11:25.0224 0x1670  AmdPPM - ok

18:11:25.0357 0x1670  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys

18:11:25.0398 0x1670  amdsata - ok

18:11:25.0603 0x1670  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys

18:11:25.0771 0x1670  amdsbs - ok

18:11:25.0964 0x1670  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys

18:11:26.0004 0x1670  amdxata - ok

18:11:26.0161 0x1670  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\windows\system32\drivers\appid.sys

18:11:26.0647 0x1670  AppID - ok

18:11:26.0803 0x1670  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\windows\System32\appidsvc.dll

18:11:26.0933 0x1670  AppIDSvc - ok

18:11:27.0208 0x1670  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll

18:11:27.0305 0x1670  Appinfo - ok

18:11:27.0459 0x1670  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys

18:11:27.0478 0x1670  arc - ok

18:11:27.0563 0x1670  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys

18:11:27.0598 0x1670  arcsas - ok

18:11:28.0111 0x1670  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

18:11:28.0141 0x1670  aspnet_state - ok

18:11:28.0164 0x1670  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys

18:11:28.0287 0x1670  AsyncMac - ok

18:11:28.0432 0x1670  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys

18:11:28.0462 0x1670  atapi - ok

18:11:28.0928 0x1670  [ 782D36BAD8DDBF008D02E055DBE70F82, AFB7A4B52C86A9CA48ED46A2CE5415119F1C75912A0E233EF1CAE120DA534CAE ] athr            C:\windows\system32\DRIVERS\athrx.sys

18:11:29.0463 0x1670  athr - ok

18:11:29.0997 0x1670  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

18:11:30.0171 0x1670  AudioEndpointBuilder - ok

18:11:30.0538 0x1670  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\windows\System32\Audiosrv.dll

18:11:30.0593 0x1670  AudioSrv - ok

18:11:30.0960 0x1670  AVFSFilter - ok

18:11:31.0533 0x1670  [ 15D2DB9BFA8E833ED31FAB2BB088FDDA, 6198C0A5DA01DA146A9A054C3C882A1DBF9BA84466EBFDDA1C1062EF36F9B34B ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe

18:11:31.0557 0x1670  AVP - ok

18:11:31.0762 0x1670  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll

18:11:32.0062 0x1670  AxInstSV - ok

18:11:32.0244 0x1670  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys

18:11:32.0690 0x1670  b06bdrv - ok

18:11:32.0869 0x1670  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys

18:11:33.0181 0x1670  b57nd60a - ok

18:11:33.0387 0x1670  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll

18:11:33.0480 0x1670  BDESVC - ok

18:11:33.0610 0x1670  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys

18:11:33.0818 0x1670  Beep - ok

18:11:34.0149 0x1670  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll

18:11:34.0255 0x1670  BFE - ok

18:11:34.0671 0x1670  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll

18:11:35.0405 0x1670  BITS - ok

18:11:35.0529 0x1670  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys

18:11:35.0625 0x1670  blbdrive - ok

18:11:35.0755 0x1670  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys

18:11:35.0863 0x1670  bowser - ok

18:11:36.0187 0x1670  [ AAA4F992F879977A000FE8B8C730CD2C, A109D3F7CA9D49B98FDA5CA34C60055690F72400CCC96D48076FA86086E4C74D ] BPntDrv         C:\windows\system32\drivers\BPntDrv.sys

18:11:36.0341 0x1670  BPntDrv - ok

18:11:36.0465 0x1670  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys

18:11:36.0666 0x1670  BrFiltLo - ok

18:11:36.0777 0x1670  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys

18:11:36.0824 0x1670  BrFiltUp - ok

18:11:37.0047 0x1670  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\windows\system32\DRIVERS\bridge.sys

18:11:37.0293 0x1670  BridgeMP - ok

18:11:37.0445 0x1670  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll

18:11:37.0560 0x1670  Browser - ok

18:11:37.0758 0x1670  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys

18:11:38.0094 0x1670  Brserid - ok

18:11:38.0211 0x1670  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys

18:11:38.0271 0x1670  BrSerWdm - ok

18:11:38.0387 0x1670  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys

18:11:38.0586 0x1670  BrUsbMdm - ok

18:11:38.0622 0x1670  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys

18:11:38.0685 0x1670  BrUsbSer - ok

18:11:38.0876 0x1670  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys

18:11:39.0028 0x1670  BthEnum - ok

18:11:39.0150 0x1670  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys

18:11:39.0239 0x1670  BTHMODEM - ok

18:11:39.0438 0x1670  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys

18:11:39.0572 0x1670  BthPan - ok

18:11:39.0692 0x1670  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys

18:11:39.0766 0x1670  BTHPORT - ok

18:11:39.0932 0x1670  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll

18:11:39.0999 0x1670  bthserv - ok

18:11:40.0048 0x1670  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys

18:11:40.0196 0x1670  BTHUSB - ok

18:11:40.0630 0x1670  [ 9DE56FA4533E485AE5409D3C11747143, 197A3914D75F0FAFC0A7F24CC40C9714ED3FAF84312172BACEBC4FEFA8D1909C ] BTWAMPFL        C:\windows\system32\DRIVERS\btwampfl.sys

18:11:40.0959 0x1670  BTWAMPFL - ok

18:11:41.0314 0x1670  [ F6135859A582A7294BA7A3336E08BAA1, DE30457F91C25950C2713CE3A2AE1F1EFFBB068DD3B0BCC87700E7CBAF73C818 ] btwaudio        C:\windows\system32\drivers\btwaudio.sys

18:11:41.0361 0x1670  btwaudio - ok

18:11:41.0624 0x1670  [ 3DEF2370E414B4E299673558BA171A51, 5A0923D9F941ABD34EC9BEE0EB62A62F135CBF128061239CC6EA0E6752791636 ] btwavdt         C:\windows\system32\DRIVERS\btwavdt.sys

18:11:41.0723 0x1670  btwavdt - ok

18:11:42.0636 0x1670  [ 7987FFFDA812ABC69047D1B029D446A2, 666DBA819E148989AA0D1EB704737787CF37E55CB2CA0353C896E7693DA871AB ] btwdins         C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe

18:11:42.0797 0x1670  btwdins - ok

18:11:42.0820 0x1670  [ E8D2BCD080EA91E74775B9F5EA051F97, FE75F765B785E513399D2B449CA068DA5BBB3B27C2E21740DFCB8C6E6B810028 ] btwl2cap        C:\windows\system32\DRIVERS\btwl2cap.sys

18:11:42.0833 0x1670  btwl2cap - ok

18:11:42.0982 0x1670  [ 9937E0E4DFC0030560A6DFE9D3A94B39, 0B9CF1932D4534BD7B1F5D7B7BD5FBF9C8D156838D24ABBDE475E79EEF1150F1 ] btwrchid        C:\windows\system32\DRIVERS\btwrchid.sys

18:11:43.0013 0x1670  btwrchid - ok

18:11:43.0697 0x1670  [ BE531939BB6D153DB63DBBFBD398A713, CB63FD4051198A89EDB3CF45199F99F5816A672FA9374E166ED7A5D17ED47468 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

18:11:44.0466 0x1670  c2cautoupdatesvc - ok

18:11:45.0639 0x1670  [ 33E9F08F675EF94633C8EF8A7C4EADF3, E1556CF27F7FB3B03EE63F3464F5EE92E7B09E67C5D8AA4A9346FEEBD716A152 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

18:11:46.0395 0x1670  c2cpnrsvc - ok

18:11:46.0955 0x1670  catchme - ok

18:11:47.0081 0x1670  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys

18:11:47.0393 0x1670  cdfs - ok

18:11:47.0701 0x1670  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys

18:11:48.0046 0x1670  cdrom - ok

18:11:48.0302 0x1670  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll

18:11:48.0436 0x1670  CertPropSvc - ok

18:11:48.0627 0x1670  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys

18:11:48.0688 0x1670  circlass - ok

18:11:48.0992 0x1670  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys

18:11:49.0040 0x1670  CLFS - ok

18:11:49.0651 0x1670  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:11:49.0718 0x1670  clr_optimization_v2.0.50727_32 - ok

18:11:49.0966 0x1670  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

18:11:50.0007 0x1670  clr_optimization_v2.0.50727_64 - ok

18:11:50.0642 0x1670  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:11:50.0730 0x1670  clr_optimization_v4.0.30319_32 - ok

18:11:50.0840 0x1670  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

18:11:50.0880 0x1670  clr_optimization_v4.0.30319_64 - ok

18:11:51.0095 0x1670  [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd           C:\windows\system32\DRIVERS\clwvd.sys

18:11:51.0131 0x1670  clwvd - ok

18:11:51.0261 0x1670  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys

18:11:51.0311 0x1670  CmBatt - ok

18:11:51.0378 0x1670  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys

18:11:51.0414 0x1670  cmdide - ok

18:11:51.0710 0x1670  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\windows\system32\Drivers\cng.sys

18:11:51.0831 0x1670  CNG - ok

18:11:52.0533 0x1670  [ 99B1B888B793DE320C5479B3C953781F, 6A499F916132998FBDFA587823A11C2ED1D27DED10374F6A41BA5861A2FF969E ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys

18:11:53.0138 0x1670  CnxtHdAudService - ok

18:11:53.0274 0x1670  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys

18:11:53.0289 0x1670  Compbatt - ok

18:11:53.0372 0x1670  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys

18:11:53.0570 0x1670  CompositeBus - ok

18:11:53.0592 0x1670  COMSysApp - ok

18:11:53.0688 0x1670  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys

18:11:53.0891 0x1670  crcdisk - ok

18:11:54.0032 0x1670  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\windows\system32\cryptsvc.dll

18:11:54.0120 0x1670  CryptSvc - ok

18:11:54.0288 0x1670  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll

18:11:54.0517 0x1670  DcomLaunch - ok

18:11:54.0592 0x1670  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll

18:11:54.0656 0x1670  defragsvc - ok

18:11:54.0707 0x1670  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys

18:11:54.0758 0x1670  DfsC - ok

18:11:54.0998 0x1670  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll

18:11:55.0335 0x1670  Dhcp - ok

18:11:55.0363 0x1670  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys

18:11:55.0421 0x1670  discache - ok

18:11:55.0490 0x1670  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys

18:11:55.0533 0x1670  Disk - ok

18:11:55.0693 0x1670  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll

18:11:55.0886 0x1670  Dnscache - ok

18:11:56.0006 0x1670  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll

18:11:56.0238 0x1670  dot3svc - ok

18:11:56.0423 0x1670  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll

18:11:56.0500 0x1670  DPS - ok

18:11:56.0672 0x1670  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys

18:11:56.0778 0x1670  drmkaud - ok

18:11:56.0974 0x1670  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys

18:11:57.0208 0x1670  DXGKrnl - ok

18:11:57.0354 0x1670  EagleX64 - ok

18:11:57.0533 0x1670  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll

18:11:57.0615 0x1670  EapHost - ok

18:11:58.0463 0x1670  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys

18:11:59.0014 0x1670  ebdrv - ok

18:11:59.0086 0x1670  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\windows\System32\lsass.exe

18:11:59.0167 0x1670  EFS - ok

18:11:59.0723 0x1670  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe

18:12:00.0530 0x1670  ehRecvr - ok

18:12:00.0737 0x1670  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe

18:12:00.0851 0x1670  ehSched - ok

18:12:00.0987 0x1670  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys

18:12:01.0023 0x1670  elxstor - ok

18:12:01.0046 0x1670  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys

18:12:01.0079 0x1670  ErrDev - ok

18:12:01.0478 0x1670  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll

18:12:01.0629 0x1670  EventSystem - ok

18:12:01.0820 0x1670  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys

18:12:02.0099 0x1670  exfat - ok

18:12:02.0182 0x1670  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys

18:12:02.0272 0x1670  fastfat - ok

18:12:02.0650 0x1670  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe

18:12:03.0030 0x1670  Fax - ok

18:12:03.0120 0x1670  [ 3191ACA33088EE2481044FC0DB736442, 9311069BCA14FB7D5FDFFDB29566D045AB55A8657574C8BD864F8ED9527DEAF5 ] fbfmon          C:\windows\system32\drivers\fbfmon.sys

18:12:03.0234 0x1670  fbfmon - ok

18:12:03.0322 0x1670  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys

18:12:03.0370 0x1670  fdc - ok

18:12:03.0413 0x1670  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll

18:12:03.0528 0x1670  fdPHost - ok

18:12:03.0593 0x1670  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll

18:12:03.0675 0x1670  FDResPub - ok

18:12:03.0754 0x1670  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys

18:12:03.0773 0x1670  FileInfo - ok

18:12:03.0798 0x1670  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys

18:12:03.0917 0x1670  Filetrace - ok

18:12:04.0093 0x1670  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys

18:12:04.0117 0x1670  flpydisk - ok

18:12:04.0147 0x1670  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys

18:12:04.0191 0x1670  FltMgr - ok

18:12:04.0364 0x1670  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll

18:12:04.0847 0x1670  FontCache - ok

18:12:04.0967 0x1670  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

18:12:04.0985 0x1670  FontCache3.0.0.0 - ok

18:12:05.0127 0x1670  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys

18:12:05.0165 0x1670  FsDepends - ok

18:12:05.0232 0x1670  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys

18:12:05.0249 0x1670  Fs_Rec - ok

18:12:05.0414 0x1670  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys

18:12:05.0481 0x1670  fvevol - ok

18:12:05.0591 0x1670  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys

18:12:05.0621 0x1670  gagp30kx - ok

18:12:06.0011 0x1670  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll

18:12:06.0234 0x1670  gpsvc - ok

18:12:06.0743 0x1670  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

18:12:06.0755 0x1670  gupdate - ok

18:12:06.0866 0x1670  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

18:12:06.0880 0x1670  gupdatem - ok

18:12:06.0919 0x1670  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys

18:12:07.0042 0x1670  hcw85cir - ok

18:12:07.0270 0x1670  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

18:12:07.0540 0x1670  HdAudAddService - ok

18:12:07.0605 0x1670  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys

18:12:07.0650 0x1670  HDAudBus - ok

18:12:07.0666 0x1670  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys

18:12:07.0777 0x1670  HidBatt - ok

18:12:07.0942 0x1670  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys

18:12:08.0051 0x1670  HidBth - ok

18:12:08.0150 0x1670  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys

18:12:08.0185 0x1670  HidIr - ok

18:12:08.0344 0x1670  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\System32\hidserv.dll

18:12:08.0431 0x1670  hidserv - ok

18:12:08.0516 0x1670  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\drivers\hidusb.sys

18:12:08.0579 0x1670  HidUsb - ok

18:12:08.0660 0x1670  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll

18:12:08.0765 0x1670  hkmsvc - ok

18:12:08.0853 0x1670  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll

18:12:08.0963 0x1670  HomeGroupListener - ok

18:12:09.0104 0x1670  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll

18:12:09.0155 0x1670  HomeGroupProvider - ok

18:12:09.0229 0x1670  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys

18:12:09.0245 0x1670  HpSAMD - ok

18:12:09.0401 0x1670  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys

18:12:09.0665 0x1670  HTTP - ok

18:12:09.0694 0x1670  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys

18:12:09.0709 0x1670  hwpolicy - ok

18:12:09.0741 0x1670  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys

18:12:09.0760 0x1670  i8042prt - ok

18:12:09.0976 0x1670  [ 53CC5BF8B5A219119953C7ABB19A7705, F342A9732978D893729EA2591CB72E5F5BD1B3E6C9E4DBFFE54EC866E534A8C0 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys

18:12:09.0999 0x1670  iaStor - ok

18:12:10.0446 0x1670  [ F5C0317AF600F8C0D7E4202EB04232B1, D83824ED829E3C4BCA6DB17A5DEF1450856ABE17B27AE6B791E40B8C3F2CCB44 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

18:12:10.0580 0x1670  IAStorDataMgrSvc - ok

18:12:10.0903 0x1670  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys

18:12:11.0093 0x1670  iaStorV - ok

18:12:11.0530 0x1670  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

18:12:11.0595 0x1670  idsvc - ok

18:12:11.0655 0x1670  IEEtwCollectorService - ok

18:12:12.0376 0x1670  [ 795C99DC4F574C97C03D0BB39CF099EE, 67310B52F7A1B83A66872B961F347B1BD104C8A83A01F60507705B2ACEA76B71 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys

18:12:13.0293 0x1670  igfx - ok

18:12:13.0436 0x1670  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys

18:12:13.0469 0x1670  iirsp - ok

18:12:13.0656 0x1670  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll

18:12:14.0218 0x1670  IKEEXT - ok

18:12:14.0359 0x1670  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\windows\system32\DRIVERS\IntcDAud.sys

18:12:14.0535 0x1670  IntcDAud - ok

18:12:14.0594 0x1670  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys

18:12:14.0637 0x1670  intelide - ok

18:12:16.0505 0x1670  [ 795C99DC4F574C97C03D0BB39CF099EE, 67310B52F7A1B83A66872B961F347B1BD104C8A83A01F60507705B2ACEA76B71 ] intelkmd        C:\windows\system32\DRIVERS\igdpmd64.sys

18:12:17.0321 0x1670  intelkmd - ok

18:12:17.0413 0x1670  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys

18:12:17.0480 0x1670  intelppm - ok

18:12:17.0570 0x1670  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll

18:12:17.0813 0x1670  IPBusEnum - ok

18:12:17.0897 0x1670  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys

18:12:18.0019 0x1670  IpFilterDriver - ok

18:12:18.0261 0x1670  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] IpHlpSvc        C:\windows\System32\iphlpsvc.dll

18:12:18.0441 0x1670  IpHlpSvc - ok

18:12:18.0497 0x1670  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys

18:12:18.0588 0x1670  IPMIDRV - ok

18:12:18.0840 0x1670  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys

18:12:18.0948 0x1670  IPNAT - ok

18:12:19.0070 0x1670  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys

18:12:19.0160 0x1670  IRENUM - ok

18:12:19.0256 0x1670  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys

18:12:19.0303 0x1670  isapnp - ok

18:12:19.0442 0x1670  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys

18:12:19.0662 0x1670  iScsiPrt - ok

18:12:19.0733 0x1670  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys

18:12:19.0769 0x1670  kbdclass - ok

18:12:19.0901 0x1670  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys

18:12:19.0968 0x1670  kbdhid - ok

18:12:20.0041 0x1670  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\windows\system32\lsass.exe

18:12:20.0070 0x1670  KeyIso - ok

18:12:20.0404 0x1670  [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1             C:\windows\system32\DRIVERS\kl1.sys

18:12:20.0763 0x1670  kl1 - ok

18:12:21.0404 0x1670  [ 788E5F92721849A17BD64883C49EB825, CEBCE3D9A84D31F597F8592F0E62C2E6ED8A492087F121B151E64903A86CAC52 ] KLIF            C:\windows\system32\DRIVERS\klif.sys

18:12:21.0745 0x1670  KLIF - ok

18:12:21.0870 0x1670  [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6           C:\windows\system32\DRIVERS\klim6.sys

18:12:21.0891 0x1670  KLIM6 - ok

18:12:22.0177 0x1670  [ AEB50941C6D67128B14F88DB9917C4E0, 2ACE46665DE298CC197660A442A3172B1FB460A40BD18AECEA786ACB011FDA43 ] klkbdflt        C:\windows\system32\DRIVERS\klkbdflt.sys

18:12:22.0211 0x1670  klkbdflt - ok

18:12:22.0390 0x1670  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\windows\system32\DRIVERS\klmouflt.sys

18:12:22.0413 0x1670  klmouflt - ok

18:12:22.0576 0x1670  [ 45ECF097BC6330C2054D7D43B7AD822B, 41684ED54E75FE6BEEA322E7CE888DFDD53EE1F45016E01CE10B84ABB02CBDA8 ] kltdi           C:\windows\system32\DRIVERS\kltdi.sys

18:12:22.0712 0x1670  kltdi - ok

18:12:22.0899 0x1670  [ 1FCB657B581CC4DF17FD6571F93602DE, D5D95773D19AA47BA619D149FD6068198E2AA05C219C3936E327B3DFFDE6B10C ] kneps           C:\windows\system32\DRIVERS\kneps.sys

18:12:22.0943 0x1670  kneps - ok

18:12:23.0037 0x1670  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys

18:12:23.0076 0x1670  KSecDD - ok

18:12:23.0270 0x1670  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys

18:12:23.0300 0x1670  KSecPkg - ok

18:12:23.0350 0x1670  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys

18:12:23.0540 0x1670  ksthunk - ok

18:12:23.0761 0x1670  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll

18:12:24.0053 0x1670  KtmRm - ok

18:12:24.0183 0x1670  [ 95CA93FC12BE372BB952669F37FFF9C5, 5B4EE910E676ABD0E12B6AD72DBB564DBEB05D63C43AFFC24CE155D0DF8A3820 ] L1C             C:\windows\system32\DRIVERS\L1C62x64.sys

18:12:24.0230 0x1670  L1C - ok

18:12:24.0491 0x1670  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\System32\srvsvc.dll

18:12:24.0786 0x1670  LanmanServer - ok

18:12:25.0003 0x1670  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll

18:12:25.0092 0x1670  LanmanWorkstation - ok

18:12:25.0245 0x1670  [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr          C:\windows\system32\DRIVERS\LhdX64.sys

18:12:25.0297 0x1670  LHDmgr - ok

18:12:25.0388 0x1670  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys

18:12:25.0469 0x1670  lltdio - ok

18:12:25.0661 0x1670  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll

18:12:25.0864 0x1670  lltdsvc - ok

18:12:26.0022 0x1670  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll

18:12:26.0074 0x1670  lmhosts - ok

18:12:26.0331 0x1670  [ 2ED1786B7542CDA261029F6B526EDF44, C6131B65B045EF5B4F62CF6CF089DF0921BA6A8EFC83BCBA45D5DDE78E9D78E2 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

18:12:26.0386 0x1670  LMS - ok

18:12:26.0462 0x1670  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys

18:12:26.0518 0x1670  LSI_FC - ok

18:12:26.0659 0x1670  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys

18:12:26.0692 0x1670  LSI_SAS - ok

18:12:26.0843 0x1670  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys

18:12:26.0880 0x1670  LSI_SAS2 - ok

18:12:26.0956 0x1670  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys

18:12:27.0002 0x1670  LSI_SCSI - ok

18:12:27.0045 0x1670  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys

18:12:27.0248 0x1670  luafv - ok

18:12:27.0411 0x1670  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\windows\system32\drivers\mbam.sys

18:12:27.0445 0x1670  MBAMProtector - ok

18:12:27.0899 0x1670  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

18:12:28.0196 0x1670  MBAMScheduler - ok

18:12:28.0411 0x1670  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

18:12:28.0650 0x1670  MBAMService - ok

18:12:28.0917 0x1670  [ 3CD0D8FC5FE6F7AE85AC8B818F9029B4, 532A384881A27A687BE856F3CE76ABA939AB2D5DD48D9A07CF5326216859EF8E ] mcdevice        C:\windows\system32\DRIVERS\mcdevice.sys

18:12:28.0989 0x1670  mcdevice - ok

18:12:29.0123 0x1670  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll

18:12:29.0236 0x1670  Mcx2Svc - ok

18:12:29.0335 0x1670  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys

18:12:29.0488 0x1670  megasas - ok

18:12:29.0647 0x1670  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys

18:12:30.0016 0x1670  MegaSR - ok

18:12:30.0364 0x1670  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys

18:12:30.0395 0x1670  MEIx64 - ok

18:12:31.0168 0x1670  MFE_RR - ok

18:12:31.0297 0x1670  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll

18:12:31.0455 0x1670  MMCSS - ok

18:12:31.0578 0x1670  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys

18:12:31.0687 0x1670  Modem - ok

18:12:31.0783 0x1670  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys

18:12:31.0998 0x1670  monitor - ok

18:12:32.0135 0x1670  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys

18:12:32.0168 0x1670  mouclass - ok

18:12:32.0301 0x1670  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys

18:12:32.0548 0x1670  mouhid - ok

18:12:32.0652 0x1670  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys

18:12:32.0694 0x1670  mountmgr - ok

18:12:33.0168 0x1670  [ A7A117CB1104D0829466F48E17BE0A71, 040F18FC1AF72BE2B7123170C2F5F131A9518B8AA57C20F23203625D213C792B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

18:12:33.0427 0x1670  MozillaMaintenance - ok

18:12:33.0464 0x1670  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys

18:12:33.0484 0x1670  mpio - ok

18:12:33.0504 0x1670  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys

18:12:33.0540 0x1670  mpsdrv - ok

18:12:34.0102 0x1670  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll

18:12:34.0368 0x1670  MpsSvc - ok

18:12:34.0543 0x1670  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys

18:12:34.0794 0x1670  MRxDAV - ok

18:12:35.0038 0x1670  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys

18:12:35.0375 0x1670  mrxsmb - ok

18:12:35.0694 0x1670  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys

18:12:35.0783 0x1670  mrxsmb10 - ok

18:12:35.0806 0x1670  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys

18:12:35.0825 0x1670  mrxsmb20 - ok

18:12:35.0942 0x1670  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys

18:12:35.0985 0x1670  msahci - ok

18:12:36.0195 0x1670  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys

18:12:36.0239 0x1670  msdsm - ok

18:12:36.0273 0x1670  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe

18:12:36.0304 0x1670  MSDTC - ok

18:12:36.0331 0x1670  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys

18:12:36.0369 0x1670  Msfs - ok

18:12:36.0458 0x1670  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys

18:12:36.0585 0x1670  mshidkmdf - ok

18:12:36.0607 0x1670  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys

18:12:36.0620 0x1670  msisadrv - ok

18:12:36.0850 0x1670  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll

18:12:37.0076 0x1670  MSiSCSI - ok

18:12:37.0080 0x1670  msiserver - ok

18:12:37.0206 0x1670  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys

18:12:37.0290 0x1670  MSKSSRV - ok

18:12:37.0387 0x1670  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys

18:12:37.0420 0x1670  MSPCLOCK - ok

18:12:37.0670 0x1670  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys

18:12:37.0744 0x1670  MSPQM - ok

18:12:37.0907 0x1670  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys

18:12:38.0314 0x1670  MsRPC - ok

18:12:38.0350 0x1670  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys

18:12:38.0360 0x1670  mssmbios - ok

18:12:38.0370 0x1670  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys

18:12:38.0419 0x1670  MSTEE - ok

18:12:38.0454 0x1670  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys

18:12:38.0484 0x1670  MTConfig - ok

18:12:38.0500 0x1670  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys

18:12:38.0516 0x1670  Mup - ok

18:12:38.0798 0x1670  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll

18:12:39.0037 0x1670  napagent - ok

18:12:39.0295 0x1670  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys

18:12:39.0651 0x1670  NativeWifiP - ok

18:12:40.0529 0x1670  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe

18:12:40.0939 0x1670  NAUpdate - ok

18:12:41.0449 0x1670  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys

18:12:41.0483 0x1670  NDIS - ok

18:12:41.0514 0x1670  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys

18:12:41.0581 0x1670  NdisCap - ok

18:12:41.0801 0x1670  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys

18:12:41.0905 0x1670  NdisTapi - ok

18:12:42.0035 0x1670  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys

18:12:42.0190 0x1670  Ndisuio - ok

18:12:42.0256 0x1670  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys

18:12:42.0315 0x1670  NdisWan - ok

18:12:42.0454 0x1670  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys

18:12:42.0569 0x1670  NDProxy - ok

18:12:42.0691 0x1670  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys

18:12:42.0859 0x1670  NetBIOS - ok

18:12:43.0020 0x1670  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys

18:12:43.0322 0x1670  NetBT - ok

18:12:43.0494 0x1670  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\windows\system32\lsass.exe

18:12:43.0509 0x1670  Netlogon - ok

18:12:43.0674 0x1670  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll

18:12:43.0745 0x1670  Netman - ok

18:12:44.0017 0x1670  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:12:44.0057 0x1670  NetMsmqActivator - ok

18:12:44.0351 0x1670  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:12:44.0385 0x1670  NetPipeActivator - ok

18:12:44.0713 0x1670  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll

18:12:44.0876 0x1670  netprofm - ok

18:12:45.0161 0x1670  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:12:45.0179 0x1670  NetTcpActivator - ok

18:12:45.0188 0x1670  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:12:45.0201 0x1670  NetTcpPortSharing - ok

18:12:45.0286 0x1670  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys

18:12:45.0411 0x1670  nfrd960 - ok

18:12:45.0614 0x1670  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\windows\System32\nlasvc.dll

18:12:45.0668 0x1670  NlaSvc - ok

18:12:45.0736 0x1670  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys

18:12:45.0795 0x1670  Npfs - ok

18:12:45.0897 0x1670  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll

18:12:46.0020 0x1670  nsi - ok

18:12:46.0113 0x1670  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys

18:12:46.0244 0x1670  nsiproxy - ok

18:12:46.0717 0x1670  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\windows\system32\drivers\Ntfs.sys

18:12:47.0397 0x1670  Ntfs - ok

18:12:47.0426 0x1670  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys

18:12:47.0489 0x1670  Null - ok

18:12:47.0528 0x1670  [ 158AD24745BD85BA9BE3C51C38F48C32, B053A3B5A5CAE2CBC47E2C19E636AD70F376334EFFBB391A76562E67CBF3AC86 ] nusb3hub        C:\windows\system32\DRIVERS\nusb3hub.sys

18:12:47.0588 0x1670  nusb3hub - ok

18:12:47.0670 0x1670  [ D40A13B2C0891E218F9523B376955DB6, 9A2AAAF960868B860A65579EAD507B35C64CFD6C3581F8D731ADF975F778D10E ] nusb3xhc        C:\windows\system32\DRIVERS\nusb3xhc.sys

18:12:47.0849 0x1670  nusb3xhc - ok

18:12:47.0978 0x1670  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys

18:12:48.0162 0x1670  nvraid - ok

18:12:48.0241 0x1670  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys

18:12:48.0262 0x1670  nvstor - ok

18:12:48.0285 0x1670  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys

18:12:48.0305 0x1670  nv_agp - ok

18:12:48.0328 0x1670  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys

18:12:48.0346 0x1670  ohci1394 - ok

18:12:48.0454 0x1670  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll

18:12:48.0545 0x1670  p2pimsvc - ok

18:12:48.0630 0x1670  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll

18:12:48.0859 0x1670  p2psvc - ok

18:12:48.0897 0x1670  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys

18:12:48.0943 0x1670  Parport - ok

18:12:49.0006 0x1670  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys

18:12:49.0049 0x1670  partmgr - ok

18:12:49.0178 0x1670  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\windows\System32\pcasvc.dll

18:12:49.0403 0x1670  PcaSvc - ok

18:12:49.0602 0x1670  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys

18:12:49.0666 0x1670  pci - ok

18:12:49.0735 0x1670  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys

18:12:49.0769 0x1670  pciide - ok

18:12:49.0874 0x1670  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys

18:12:49.0918 0x1670  pcmcia - ok

18:12:49.0934 0x1670  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys

18:12:49.0952 0x1670  pcw - ok

18:12:50.0211 0x1670  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\windows\system32\drivers\peauth.sys

18:12:50.0283 0x1670  PEAUTH - ok

18:12:50.0589 0x1670  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe

18:12:50.0659 0x1670  PerfHost - ok

18:12:50.0812 0x1670  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll

18:12:50.0933 0x1670  pla - ok

18:12:51.0179 0x1670  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll

18:12:51.0606 0x1670  PlugPlay - ok

18:12:51.0624 0x1670  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll

18:12:51.0660 0x1670  PNRPAutoReg - ok

18:12:51.0691 0x1670  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll

18:12:51.0708 0x1670  PNRPsvc - ok

18:12:51.0845 0x1670  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll

18:12:51.0991 0x1670  PolicyAgent - ok

18:12:52.0117 0x1670  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll

18:12:52.0171 0x1670  Power - ok

18:12:52.0216 0x1670  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys

18:12:52.0279 0x1670  PptpMiniport - ok

18:12:52.0333 0x1670  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys

18:12:52.0369 0x1670  Processor - ok

18:12:52.0475 0x1670  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\windows\system32\profsvc.dll

18:12:52.0736 0x1670  ProfSvc - ok

18:12:52.0809 0x1670  Prot6Flt - ok

18:12:52.0861 0x1670  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\windows\system32\lsass.exe

18:12:52.0891 0x1670  ProtectedStorage - ok

18:12:53.0081 0x1670  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys

18:12:53.0167 0x1670  Psched - ok

18:12:53.0325 0x1670  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\windows\system32\DRIVERS\psi_mf_amd64.sys

18:12:53.0344 0x1670  PSI - ok

18:12:53.0717 0x1670  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys

18:12:54.0031 0x1670  ql2300 - ok

18:12:54.0175 0x1670  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys

18:12:54.0213 0x1670  ql40xx - ok

18:12:54.0255 0x1670  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll

18:12:54.0287 0x1670  QWAVE - ok

18:12:54.0358 0x1670  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys

18:12:54.0467 0x1670  QWAVEdrv - ok

18:12:54.0504 0x1670  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys

18:12:54.0560 0x1670  RasAcd - ok

18:12:54.0703 0x1670  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys

18:12:54.0862 0x1670  RasAgileVpn - ok

18:12:54.0946 0x1670  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll

18:12:55.0008 0x1670  RasAuto - ok

18:12:55.0097 0x1670  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys

18:12:55.0156 0x1670  Rasl2tp - ok

18:12:55.0253 0x1670  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll

18:12:55.0329 0x1670  RasMan - ok

18:12:55.0437 0x1670  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys

18:12:55.0507 0x1670  RasPppoe - ok

18:12:55.0598 0x1670  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys

18:12:55.0691 0x1670  RasSstp - ok

18:12:55.0762 0x1670  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys

18:12:55.0833 0x1670  rdbss - ok

18:12:55.0903 0x1670  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys

18:12:55.0968 0x1670  rdpbus - ok

18:12:56.0113 0x1670  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys

18:12:56.0193 0x1670  RDPCDD - ok

18:12:56.0318 0x1670  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys

18:12:56.0427 0x1670  RDPENCDD - ok

18:12:56.0542 0x1670  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys

18:12:56.0606 0x1670  RDPREFMP - ok

18:12:56.0740 0x1670  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys

18:12:56.0899 0x1670  RDPWD - ok

18:12:56.0929 0x1670  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys

18:12:56.0951 0x1670  rdyboost - ok

18:12:57.0211 0x1670  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll

18:12:57.0282 0x1670  RemoteAccess - ok

18:12:57.0445 0x1670  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll

18:12:57.0563 0x1670  RemoteRegistry - ok

18:12:57.0729 0x1670  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys

18:12:58.0134 0x1670  RFCOMM - ok

18:12:58.0219 0x1670  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll

18:12:58.0288 0x1670  RpcEptMapper - ok

18:12:58.0339 0x1670  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe

18:12:58.0391 0x1670  RpcLocator - ok

18:12:58.0516 0x1670  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll

18:12:58.0571 0x1670  RpcSs - ok

18:12:58.0657 0x1670  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys

18:12:58.0733 0x1670  rspndr - ok

18:12:58.0854 0x1670  [ 89DFB71B370D82DFE75183F677043CEE, 448798010AB86040D7A4A8956D7139951A9BD3517942DE2C4B82041B0408D78A ] RSUSBVSTOR      C:\windows\system32\Drivers\RtsUVStor.sys

18:12:58.0897 0x1670  RSUSBVSTOR - ok

18:12:59.0071 0x1670  [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys

18:12:59.0112 0x1670  RTL8167 - ok

18:12:59.0137 0x1670  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\windows\system32\lsass.exe

18:12:59.0147 0x1670  SamSs - ok

18:12:59.0164 0x1670  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys

18:12:59.0181 0x1670  sbp2port - ok

18:12:59.0374 0x1670  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll

18:12:59.0570 0x1670  SCardSvr - ok

18:12:59.0619 0x1670  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys

18:12:59.0673 0x1670  scfilter - ok

18:13:00.0007 0x1670  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll

18:13:00.0341 0x1670  Schedule - ok

18:13:00.0464 0x1670  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll

18:13:00.0527 0x1670  SCPolicySvc - ok

18:13:00.0557 0x1670  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll

18:13:00.0619 0x1670  SDRSVC - ok

18:13:00.0719 0x1670  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys

18:13:00.0773 0x1670  secdrv - ok

18:13:00.0850 0x1670  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll

18:13:00.0928 0x1670  seclogon - ok

18:13:01.0625 0x1670  [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe

18:13:02.0482 0x1670  Secunia PSI Agent - ok

18:13:02.0717 0x1670  [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe

18:13:03.0065 0x1670  Secunia Update Agent - ok

18:13:03.0101 0x1670  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\system32\sens.dll

18:13:03.0153 0x1670  SENS - ok

18:13:03.0341 0x1670  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll

18:13:03.0411 0x1670  SensrSvc - ok

18:13:03.0464 0x1670  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\drivers\serenum.sys

18:13:03.0523 0x1670  Serenum - ok

18:13:03.0608 0x1670  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys

18:13:03.0678 0x1670  Serial - ok

18:13:03.0708 0x1670  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys

18:13:03.0727 0x1670  sermouse - ok

18:13:03.0827 0x1670  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll

18:13:03.0918 0x1670  SessionEnv - ok

18:13:04.0098 0x1670  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys

18:13:04.0188 0x1670  sffdisk - ok

18:13:04.0208 0x1670  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys

18:13:04.0225 0x1670  sffp_mmc - ok

18:13:04.0260 0x1670  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys

18:13:04.0296 0x1670  sffp_sd - ok

18:13:04.0349 0x1670  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys

18:13:04.0382 0x1670  sfloppy - ok

18:13:04.0435 0x1670  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll

18:13:04.0551 0x1670  SharedAccess - ok

18:13:04.0747 0x1670  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll

18:13:05.0000 0x1670  ShellHWDetection - ok

18:13:05.0097 0x1670  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys

18:13:05.0131 0x1670  SiSRaid2 - ok

18:13:05.0176 0x1670  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys

18:13:05.0205 0x1670  SiSRaid4 - ok

18:13:05.0498 0x1670  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

18:13:05.0925 0x1670  SkypeUpdate - ok

18:13:06.0109 0x1670  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys

18:13:06.0235 0x1670  Smb - ok

18:13:06.0386 0x1670  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe

18:13:06.0485 0x1670  SNMPTRAP - ok

18:13:06.0563 0x1670  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys

18:13:06.0598 0x1670  spldr - ok

18:13:06.0791 0x1670  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe

18:13:06.0876 0x1670  Spooler - ok

18:13:07.0367 0x1670  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe

18:13:07.0938 0x1670  sppsvc - ok

18:13:08.0032 0x1670  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll

18:13:08.0076 0x1670  sppuinotify - ok

18:13:08.0225 0x1670  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] SPUVCbv         C:\windows\system32\Drivers\usbvideo.sys

18:13:08.0352 0x1670  SPUVCbv - ok

18:13:08.0583 0x1670  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys

18:13:09.0041 0x1670  srv - ok

18:13:09.0297 0x1670  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys

18:13:09.0683 0x1670  srv2 - ok

18:13:09.0813 0x1670  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys

18:13:09.0986 0x1670  srvnet - ok

18:13:10.0084 0x1670  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll

18:13:10.0143 0x1670  SSDPSRV - ok

18:13:10.0189 0x1670  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll

18:13:10.0225 0x1670  SstpSvc - ok

18:13:10.0879 0x1670  [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe

18:13:11.0414 0x1670  Steam Client Service - ok

18:13:11.0562 0x1670  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys

18:13:11.0577 0x1670  stexstor - ok

18:13:11.0937 0x1670  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll

18:13:12.0248 0x1670  stisvc - ok

18:13:12.0311 0x1670  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\DRIVERS\swenum.sys

18:13:12.0350 0x1670  swenum - ok

18:13:12.0699 0x1670  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll

18:13:12.0805 0x1670  swprv - ok

18:13:13.0140 0x1670  [ 9643991B5CFD7A9BA68626B7A005F7E6, C256A7AC1B2FD98F85D3BB920374C70F65D4A6E3EE420F5AD8E114001BD10822 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys

18:13:13.0594 0x1670  SynTP - ok

18:13:13.0668 0x1670  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll

18:13:13.0896 0x1670  SysMain - ok

18:13:13.0959 0x1670  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll

18:13:13.0994 0x1670  TabletInputService - ok

18:13:14.0717 0x1670  [ C0255D8E3ABE790694927624603F8F10, C0038659D8F09F728050F800D319DAC245393D01FEEF1D91E4BDA0F55F29E00F ] TabletServiceWacom C:\windows\system32\Wacom_Tablet.exe

18:13:15.0849 0x1670  TabletServiceWacom - ok

18:13:15.0970 0x1670  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll

18:13:16.0151 0x1670  TapiSrv - ok

18:13:16.0210 0x1670  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll

18:13:16.0242 0x1670  TBS - ok

18:13:16.0721 0x1670  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\windows\system32\drivers\tcpip.sys

18:13:16.0944 0x1670  Tcpip - ok

18:13:17.0371 0x1670  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys

18:13:17.0419 0x1670  TCPIP6 - ok

18:13:17.0518 0x1670  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys

18:13:17.0543 0x1670  tcpipreg - ok

18:13:17.0569 0x1670  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys

18:13:17.0693 0x1670  TDPIPE - ok

18:13:17.0727 0x1670  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys

18:13:17.0743 0x1670  TDTCP - ok

18:13:17.0916 0x1670  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\windows\system32\DRIVERS\tdx.sys

18:13:17.0975 0x1670  tdx - ok

18:13:18.0165 0x1670  [ 402794A75A899E296AB3EDEC4ECCB9A8, BB25534D51C3B599072AE06578E788B54B0164DD94358958865927B98F63E016 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

18:13:20.0226 0x1670  TeamViewer8 - ok

18:13:20.0261 0x1670  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\DRIVERS\termdd.sys

18:13:20.0280 0x1670  TermDD - ok

18:13:20.0442 0x1670  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\windows\System32\termsrv.dll

18:13:20.0789 0x1670  TermService - ok

18:13:20.0828 0x1670  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll

18:13:20.0848 0x1670  Themes - ok

18:13:20.0960 0x1670  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll

18:13:21.0025 0x1670  THREADORDER - ok

18:13:21.0108 0x1670  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll

18:13:21.0180 0x1670  TrkWks - ok

18:13:21.0329 0x1670  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

18:13:21.0567 0x1670  TrustedInstaller - ok

18:13:21.0643 0x1670  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys

18:13:21.0766 0x1670  tssecsrv - ok

18:13:21.0897 0x1670  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys

18:13:21.0963 0x1670  TsUsbFlt - ok

18:13:21.0998 0x1670  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys

18:13:22.0052 0x1670  TsUsbGD - ok

18:13:22.0245 0x1670  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys

18:13:22.0435 0x1670  tunnel - ok

18:13:22.0484 0x1670  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys

18:13:22.0519 0x1670  uagp35 - ok

18:13:22.0594 0x1670  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys

18:13:22.0645 0x1670  udfs - ok

18:13:22.0718 0x1670  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe

18:13:22.0756 0x1670  UI0Detect - ok

18:13:22.0785 0x1670  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys

18:13:22.0802 0x1670  uliagpkx - ok

18:13:22.0895 0x1670  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys

18:13:22.0931 0x1670  umbus - ok

18:13:22.0986 0x1670  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\drivers\umpass.sys

18:13:23.0020 0x1670  UmPass - ok

18:13:23.0681 0x1670  [ 7E5E1603D0FF2D240AE70295C5C3FEFC, 1E5F8E415ACE3C6DFBE636473DBE051329174F2A085516B6FC1515A54014D02B ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

18:13:24.0723 0x1670  UNS - ok

18:13:24.0866 0x1670  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll

18:13:24.0934 0x1670  upnphost - ok

18:13:25.0085 0x1670  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\windows\system32\drivers\usbaudio.sys

18:13:25.0197 0x1670  usbaudio - ok

18:13:25.0258 0x1670  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys

18:13:25.0308 0x1670  usbccgp - ok

18:13:25.0532 0x1670  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys

18:13:25.0696 0x1670  usbcir - ok

18:13:25.0751 0x1670  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\drivers\usbehci.sys

18:13:25.0809 0x1670  usbehci - ok

18:13:26.0126 0x1670  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys

18:13:26.0235 0x1670  usbhub - ok

18:13:26.0292 0x1670  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\drivers\usbohci.sys

18:13:26.0307 0x1670  usbohci - ok

18:13:26.0391 0x1670  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\drivers\usbprint.sys

18:13:26.0457 0x1670  usbprint - ok

18:13:26.0579 0x1670  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS

18:13:26.0757 0x1670  USBSTOR - ok

18:13:26.0921 0x1670  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys

18:13:26.0953 0x1670  usbuhci - ok

18:13:26.0983 0x1670  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys

18:13:26.0997 0x1670  usbvideo - ok

18:13:27.0034 0x1670  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll

18:13:27.0180 0x1670  UxSms - ok

18:13:27.0213 0x1670  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\windows\system32\lsass.exe

18:13:27.0240 0x1670  VaultSvc - ok

18:13:27.0330 0x1670  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys

18:13:27.0363 0x1670  vdrvroot - ok

18:13:27.0618 0x1670  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe

18:13:28.0146 0x1670  vds - ok

18:13:28.0205 0x1670  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys

18:13:28.0229 0x1670  vga - ok

18:13:28.0273 0x1670  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys

18:13:28.0340 0x1670  VgaSave - ok

18:13:28.0422 0x1670  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys

18:13:28.0452 0x1670  vhdmp - ok

18:13:28.0515 0x1670  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys

18:13:28.0554 0x1670  viaide - ok

18:13:28.0620 0x1670  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys

18:13:28.0660 0x1670  volmgr - ok

18:13:28.0781 0x1670  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys

18:13:28.0825 0x1670  volmgrx - ok

18:13:28.0914 0x1670  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys

18:13:28.0955 0x1670  volsnap - ok

18:13:29.0060 0x1670  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys

18:13:29.0091 0x1670  vsmraid - ok

18:13:29.0528 0x1670  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe

18:13:29.0645 0x1670  VSS - ok

18:13:29.0687 0x1670  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys

18:13:29.0749 0x1670  vwifibus - ok

18:13:29.0821 0x1670  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys

18:13:29.0905 0x1670  vwififlt - ok

18:13:30.0098 0x1670  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys

18:13:30.0176 0x1670  vwifimp - ok

18:13:30.0331 0x1670  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll

18:13:30.0469 0x1670  W32Time - ok

18:13:30.0580 0x1670  [ 37E4600E2CDAD3C1A3613A25B97D457C, 8AA9F5FE5530FB144E7DCACAB4D1A815B14AF425EF8955F0B5BA2B528B1C00A7 ] wacmoumonitor   C:\windows\system32\DRIVERS\wacmoumonitor.sys

18:13:30.0778 0x1670  wacmoumonitor - ok

18:13:30.0905 0x1670  [ E04D43C7D1641E95D35CAE6086C7E350, BF08ED680EC835D70C522B91560B8987F206793E8E2987117C1D7B77DEFF8556 ] wacommousefilter C:\windows\system32\DRIVERS\wacommousefilter.sys

18:13:30.0933 0x1670  wacommousefilter - ok

18:13:30.0980 0x1670  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys

18:13:31.0133 0x1670  WacomPen - ok

18:13:31.0239 0x1670  [ EC1CEB237E365330C1FCFC4876AA0AC0, 9BFF9062AC5E4B9D0C6502D8DE7E59B887903ED29F26157A5F82966932F1EBD0 ] wacomvhid       C:\windows\system32\DRIVERS\wacomvhid.sys

18:13:31.0276 0x1670  wacomvhid - ok

18:13:31.0425 0x1670  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys

18:13:31.0702 0x1670  WANARP - ok

18:13:31.0766 0x1670  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys

18:13:31.0794 0x1670  Wanarpv6 - ok

18:13:32.0357 0x1670  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe

18:13:32.0746 0x1670  WatAdminSvc - ok

18:13:33.0162 0x1670  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe

18:13:33.0413 0x1670  wbengine - ok

18:13:33.0566 0x1670  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll

18:13:33.0819 0x1670  WbioSrvc - ok

18:13:33.0991 0x1670  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll

18:13:34.0215 0x1670  wcncsvc - ok

18:13:34.0295 0x1670  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

18:13:34.0385 0x1670  WcsPlugInService - ok

18:13:34.0521 0x1670  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys

18:13:34.0538 0x1670  Wd - ok

18:13:35.0008 0x1670  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys

18:13:35.0540 0x1670  Wdf01000 - ok

18:13:35.0795 0x1670  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\windows\system32\wdi.dll

18:13:36.0491 0x1670  WdiServiceHost - ok

18:13:36.0637 0x1670  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\windows\system32\wdi.dll

18:13:36.0663 0x1670  WdiSystemHost - ok

18:13:36.0708 0x1670  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll

18:13:36.0734 0x1670  WebClient - ok

18:13:36.0889 0x1670  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll

18:13:37.0123 0x1670  Wecsvc - ok

18:13:37.0305 0x1670  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll

18:13:37.0359 0x1670  wercplsupport - ok

18:13:37.0526 0x1670  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll

18:13:37.0582 0x1670  WerSvc - ok

18:13:37.0690 0x1670  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys

18:13:37.0757 0x1670  WfpLwf - ok

18:13:37.0920 0x1670  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys

18:13:38.0098 0x1670  WIMMount - ok

18:13:38.0197 0x1670  WinDefend - ok

18:13:38.0258 0x1670  WinHttpAutoProxySvc - ok

18:13:38.0645 0x1670  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll

18:13:39.0081 0x1670  Winmgmt - ok

18:13:39.0211 0x1670  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\windows\system32\WsmSvc.dll

18:13:39.0608 0x1670  WinRM - ok

18:13:39.0822 0x1670  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys

18:13:40.0015 0x1670  WinUsb - ok

18:13:40.0453 0x1670  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll

18:13:40.0578 0x1670  Wlansvc - ok

18:13:40.0927 0x1670  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

18:13:41.0117 0x1670  wlcrasvc - ok

18:13:41.0675 0x1670  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

18:13:42.0082 0x1670  wlidsvc - ok

18:13:42.0109 0x1670  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys

18:13:42.0177 0x1670  WmiAcpi - ok

18:13:42.0304 0x1670  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe

18:13:42.0451 0x1670  wmiApSrv - ok

18:13:42.0663 0x1670  WMPNetworkSvc - ok

18:13:42.0707 0x1670  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll

18:13:42.0840 0x1670  WPCSvc - ok

18:13:42.0868 0x1670  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll

18:13:43.0162 0x1670  WPDBusEnum - ok

18:13:43.0284 0x1670  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys

18:13:43.0406 0x1670  ws2ifsl - ok

18:13:43.0558 0x1670  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\system32\wscsvc.dll

18:13:43.0591 0x1670  wscsvc - ok

18:13:43.0594 0x1670  WSearch - ok

18:13:43.0672 0x1670  [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys

18:13:43.0690 0x1670  wsvd - ok

18:13:43.0791 0x1670  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\windows\system32\wuaueng.dll

18:13:44.0005 0x1670  wuauserv - ok

18:13:44.0090 0x1670  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys

18:13:44.0211 0x1670  WudfPf - ok

18:13:44.0457 0x1670  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys

18:13:44.0496 0x1670  WUDFRd - ok

18:13:44.0600 0x1670  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll

18:13:44.0899 0x1670  wudfsvc - ok

18:13:44.0973 0x1670  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll

18:13:45.0287 0x1670  WwanSvc - ok

18:13:45.0467 0x1670  ================ Scan global ===============================

18:13:45.0553 0x1670  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll

18:13:45.0793 0x1670  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll

18:13:45.0820 0x1670  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll

18:13:45.0869 0x1670  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll

18:13:45.0985 0x1670  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe

18:13:45.0998 0x1670  [ Global ] - ok

18:13:45.0998 0x1670  ================ Scan MBR ==================================

18:13:46.0025 0x1670  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

18:13:47.0496 0x1670  \Device\Harddisk0\DR0 - ok

18:13:47.0496 0x1670  ================ Scan VBR ==================================

18:13:47.0533 0x1670  [ 5FF891F21043D9F1DE4981DB8E612558 ] \Device\Harddisk0\DR0\Partition1

18:13:47.0538 0x1670  \Device\Harddisk0\DR0\Partition1 - ok

18:13:47.0552 0x1670  [ 5D29531A18ED9FCAB01149C6CC515A27 ] \Device\Harddisk0\DR0\Partition2

18:13:47.0555 0x1670  \Device\Harddisk0\DR0\Partition2 - ok

18:13:47.0582 0x1670  [ B0C91858D5F1D02C0F38765E2F3294F1 ] \Device\Harddisk0\DR0\Partition3

18:13:47.0585 0x1670  \Device\Harddisk0\DR0\Partition3 - ok

18:13:48.0293 0x1670  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmiav.exe ( 13.0.1.4190 ), 0x41000 ( enabled : updated )

18:13:48.0360 0x1670  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmifw.exe ( 13.0.1.4190 ), 0x41010 ( enabled )

18:13:51.0090 0x1670  ============================================================

18:13:51.0090 0x1670  Scan finished

18:13:51.0090 0x1670  ============================================================

18:13:51.0110 0x1bc8  Detected object count: 0

18:13:51.0110 0x1bc8  Actual detected object count: 0

18:13:57.0951 0x1fac  Deinitialize success

Code:

Malwarebytes Anti-Rootkit BETA 1.07.0.1009

www.malwarebytes.org
 

Database version: v2014.03.17.06
 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16521

Rena :: RENA-PC [administrator]
 

17.03.2014 18:19:26

mbar-log-2014-03-17 (18-19-26).txt
 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled: 

Objects scanned: 250582

Time elapsed: 20 minute(s), 8 second(s)
 

Memory Processes Detected: 0

(No malicious items detected)
 

Memory Modules Detected: 0

(No malicious items detected)
 

Registry Keys Detected: 0

(No malicious items detected)
 

Registry Values Detected: 0

(No malicious items detected)
 

Registry Data Items Detected: 0

(No malicious items detected)
 

Folders Detected: 0

(No malicious items detected)
 

Files Detected: 0

(No malicious items detected)
 

Physical Sectors Detected: 0

(No malicious items detected)
 

(end)