| |
| |||||||
Log-Analyse und Auswertung: Windows 8: langsames Internet und Umleitungen auf WerbeseitenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.10.2014, 20:20
| #1 |
 |  Windows 8: langsames Internet und Umleitungen auf Werbeseiten Guten Abend! Ich habe seit neustem das Problem, dass das Streamen von Videos sehr langsam geworden ist. Ausserdem werde ich, wenn ich bestimmte Seiten besuche, auf unseriöse Seiten umgeleitet und daher kommt der Verdacht das ich mir wohl etwas eingefangen habe. Für Hilfe wäre ich sehr dankbar. FRST Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Elias (administrator) on ELIAS-PC on 16-10-2014 20:38:03
Running from C:\Users\Elias\Downloads
Loaded Profiles: UpdatusUser & Elias (Available profiles: UpdatusUser & Elias)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\plugin-nm-server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Elias\Downloads\Defogger.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3777642976-2438380877-1723110391-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1939136 2014-08-28] (Valve Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Elias\AppData\Roaming\Mozilla\Firefox\Profiles\cyltjadc.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: å¡å·Žæ–¯åŸºç¶²å€é¡§å• - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬éµç›€ - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡æ„網站攔截噚 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-18]
Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR Profile: C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (Kaspersky Protection) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-03-26]
CHR Extension: (YouTube) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-21]
CHR Extension: (Google-Suche) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-21]
CHR Extension: (AdBlock) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-12]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-02-18]
CHR Extension: (Modul zum Sperren von gefÀhrlichen Webseiten) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-02-18]
CHR Extension: (Virtual Keyboard) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-02-18]
CHR Extension: (Google Wallet) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Google Mail) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-21]
CHR Extension: (Anti-Banner) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-02-18]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa []
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-18] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-02-18] (Kaspersky Lab)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-26] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-26] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-26] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-02-18] (Kaspersky Lab ZAO)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-09-15] (Windows (R) 2003 DDK 3790 provider)
S3 SBIOSIO; \??\C:\windiag\SBIOSIO64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-16 20:38 - 2014-10-16 20:38 - 00020603 _____ () C:\Users\Elias\Downloads\FRST.txt
2014-10-16 20:37 - 2014-10-16 20:38 - 00000000 ____D () C:\FRST
2014-10-16 20:36 - 2014-10-16 20:36 - 02112000 _____ (Farbar) C:\Users\Elias\Downloads\FRST64.exe
2014-10-16 20:35 - 2014-10-16 20:35 - 00000472 _____ () C:\Users\Elias\Downloads\defogger_disable.log
2014-10-16 20:35 - 2014-10-16 20:35 - 00000000 _____ () C:\Users\Elias\defogger_reenable
2014-10-16 20:33 - 2014-10-16 20:33 - 00050477 _____ () C:\Users\Elias\Downloads\Defogger.exe
2014-10-16 19:28 - 2014-10-16 19:28 - 00000000 ___RD () C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-10-16 19:27 - 2014-10-16 19:27 - 00449032 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-16 17:11 - 2014-09-30 00:49 - 00705480 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-10-16 17:11 - 2014-09-30 00:49 - 00104904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-16 17:01 - 2014-10-16 17:01 - 04714656 _____ (Avira Operations GmbH & Co. KG) C:\Users\Elias\Downloads\avira_de_av___ws.exe
2014-10-16 13:49 - 2014-07-12 06:41 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\KBDRUM.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRUM.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-16 13:49 - 2014-07-12 06:15 - 00006144 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-16 13:49 - 2014-07-12 02:02 - 00478352 _____ () C:\windows\SysWOW64\locale.nls
2014-10-16 13:49 - 2014-07-12 02:00 - 00478352 _____ () C:\windows\system32\locale.nls
2014-10-16 13:49 - 2014-07-09 00:33 - 00181248 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe
2014-10-16 13:49 - 2014-07-09 00:32 - 01539584 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2014-10-16 13:49 - 2014-07-09 00:32 - 00340480 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2014-10-16 13:49 - 2014-07-09 00:30 - 01220608 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2014-10-16 13:49 - 2014-07-07 07:52 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2014-10-16 13:49 - 2014-07-07 07:52 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2014-10-16 13:49 - 2014-07-04 12:52 - 00328000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-10-16 13:49 - 2014-07-03 03:59 - 01824784 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-10-16 13:49 - 2014-07-03 02:30 - 01408952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-10-16 13:49 - 2014-06-28 09:01 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2014-10-16 13:49 - 2014-06-28 08:57 - 00209920 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-10-16 13:49 - 2014-06-28 08:56 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2014-10-16 13:49 - 2014-06-25 09:09 - 00733184 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2014-10-16 13:49 - 2014-06-25 09:07 - 01023488 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-10-16 13:49 - 2014-06-18 01:27 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-10-16 13:49 - 2014-06-18 01:23 - 02238464 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-10-16 13:49 - 2014-06-11 16:47 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-10-16 13:49 - 2014-06-11 06:40 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-10-16 13:49 - 2014-06-11 00:44 - 01403896 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-10-16 13:49 - 2014-05-30 01:31 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-10-16 13:49 - 2014-05-30 01:03 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-10-16 13:49 - 2014-02-04 12:57 - 01271664 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-16 13:48 - 2014-10-10 06:47 - 00693248 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-16 13:48 - 2014-10-10 06:47 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-16 13:48 - 2014-10-08 06:26 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-16 13:48 - 2014-09-13 07:29 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-16 13:48 - 2014-09-13 06:02 - 00068096 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-16 13:48 - 2014-09-03 04:48 - 00510464 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-16 13:48 - 2014-09-03 04:21 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-16 13:48 - 2014-08-02 00:08 - 00388729 _____ () C:\windows\system32\ApnDatabase.xml
2014-10-16 13:48 - 2014-07-24 15:50 - 00447296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-10-16 13:48 - 2014-07-17 01:28 - 00027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2014-10-16 13:48 - 2014-07-17 00:59 - 00305664 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2014-10-16 13:48 - 2014-07-17 00:59 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2014-10-16 13:48 - 2014-07-12 08:45 - 01549824 _____ (Microsoft Corporation) C:\windows\system32\msdtctm.dll
2014-10-16 13:48 - 2014-07-12 06:36 - 00674304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-10-16 13:48 - 2014-07-12 06:36 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-10-16 13:48 - 2014-07-12 06:34 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-10-16 13:48 - 2014-07-12 06:34 - 00250368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-10-16 13:48 - 2014-07-07 07:53 - 01125376 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-16 13:48 - 2014-07-07 07:52 - 03248128 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-16 13:48 - 2014-07-07 07:52 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-16 13:48 - 2014-07-07 07:52 - 00300544 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-16 13:48 - 2014-07-07 07:51 - 05982208 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-16 13:48 - 2014-07-07 06:01 - 01049600 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-16 13:48 - 2014-07-07 06:01 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-16 13:48 - 2014-07-07 06:00 - 05095424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-16 13:48 - 2014-07-07 05:59 - 00269312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-16 13:48 - 2014-06-28 08:57 - 01341952 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2014-10-16 13:48 - 2014-06-28 04:23 - 01126400 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2014-10-16 13:47 - 2014-09-28 06:18 - 04068352 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-16 13:47 - 2014-09-20 07:18 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-16 13:47 - 2014-09-20 07:17 - 02236928 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 01407488 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 19280896 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 15399424 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 02655232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-16 13:47 - 2014-09-20 07:15 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-16 13:47 - 2014-09-20 07:15 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-16 13:47 - 2014-09-20 07:15 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 13757952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 02861568 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 02055168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 01762816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 01180672 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-16 13:47 - 2014-09-20 05:56 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-16 13:47 - 2014-09-20 05:56 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-16 13:47 - 2014-09-20 05:56 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-16 13:47 - 2014-09-20 05:38 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-16 13:47 - 2014-09-20 05:33 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-16 13:47 - 2014-09-20 03:06 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-10-16 13:47 - 2014-09-18 01:24 - 02416128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-16 13:47 - 2014-09-18 00:56 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-16 13:47 - 2014-08-30 07:48 - 10115072 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-10-16 13:47 - 2014-08-30 07:46 - 02306560 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-10-16 13:47 - 2014-08-30 06:05 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-10-16 13:47 - 2014-08-30 06:03 - 02037760 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-10-16 13:47 - 2014-06-13 01:34 - 00754176 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-10-16 13:47 - 2014-06-13 01:29 - 02146304 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-10-15 22:59 - 2014-10-16 16:42 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 22:59 - 2014-10-15 22:59 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-15 22:59 - 2014-10-15 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-10-15 22:59 - 2014-10-15 22:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-10-15 22:59 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-15 22:59 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-10-15 22:59 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-10-15 22:45 - 2014-10-15 22:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Elias\Downloads\mbam-setup-2.0.3.1025.exe
2014-09-25 20:35 - 2014-08-21 01:40 - 00732880 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-09-25 20:35 - 2014-08-20 19:05 - 00694784 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-09-25 20:35 - 2014-08-20 19:05 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2014-09-25 20:35 - 2014-08-20 19:05 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 20:35 - 2014-08-20 19:02 - 00567808 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-09-25 20:35 - 2014-08-20 19:02 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 20:35 - 2014-06-24 09:35 - 00010450 _____ () C:\windows\system32\autoconfig.cab
2014-09-25 20:35 - 2014-06-24 08:40 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2014-09-23 14:32 - 2014-08-09 10:30 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2014-09-23 14:32 - 2014-08-09 10:29 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2014-09-20 14:44 - 2014-08-28 13:34 - 00059400 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-09-20 14:44 - 2014-08-28 08:05 - 00630272 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-09-20 14:44 - 2014-08-28 08:05 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-09-20 14:44 - 2014-08-28 08:05 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 03285504 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 01623552 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll
2014-09-20 14:44 - 2014-08-01 01:40 - 01287680 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-09-20 14:44 - 2014-06-05 03:12 - 00678600 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2014-09-20 14:44 - 2014-06-04 01:12 - 00536776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2014-09-20 14:43 - 2014-08-28 08:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-09-20 14:43 - 2014-08-28 08:02 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-09-20 14:42 - 2014-07-24 05:33 - 00875688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2014-09-20 14:42 - 2014-07-24 05:33 - 00869544 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-16 20:35 - 2012-12-18 20:05 - 00000000 ____D () C:\Users\Elias
2014-10-16 20:09 - 2012-12-21 16:10 - 00001126 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 20:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-10-16 19:54 - 2012-12-18 20:14 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3777642976-2438380877-1723110391-1002
2014-10-16 19:43 - 2014-02-18 21:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-10-16 19:42 - 2012-09-10 13:53 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-10-16 19:33 - 2012-09-10 13:47 - 00000000 ____D () C:\ProgramData\WinClon
2014-10-16 19:31 - 2013-01-06 23:19 - 00000000 ____D () C:\Users\Elias\AppData\Local\CrashDumps
2014-10-16 19:28 - 2012-12-21 16:10 - 00001122 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 19:27 - 2012-08-05 23:07 - 02609624 _____ () C:\windows\PFRO.log
2014-10-16 19:27 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-16 19:25 - 2012-09-10 12:50 - 01596177 _____ () C:\windows\WindowsUpdate.log
2014-10-16 17:08 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-10-16 17:06 - 2014-07-12 00:03 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-16 17:06 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-16 17:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-10-16 15:20 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-10-16 15:17 - 2013-08-02 13:23 - 00000000 ____D () C:\windows\system32\MRT
2014-10-16 15:13 - 2012-12-19 19:14 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-15 15:58 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-10-14 14:33 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-10-14 12:36 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-10-13 22:32 - 2013-01-11 22:17 - 00000000 ____D () C:\Users\Elias\AppData\Roaming\CyberLink
2014-10-13 22:07 - 2012-09-10 16:51 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-10-13 22:07 - 2012-09-10 16:51 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-10-13 22:07 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-23 03:51 - 2013-08-21 12:37 - 00000000 ____D () C:\Program Files\Microsoft Office 15
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\Elias\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-15 15:02
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2014
Ran by Elias at 2014-10-16 20:38:49
Running from C:\Users\Elias\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Help Desk (HKLM\...\{C85A891D-7AB4-46AE-84F0-B0C3FAC82280}) (Version: 1.0.4 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.6.1 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.0.7 - Samsung Electronics CO., LTD.) Hidden
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Skypeâ„¢ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Support Center (HKLM\...\{C178F0E8-75AF-4C21-9828-98B9BED82470}) (Version: 2.0.10 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.1 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{ADC15B86-A3F8-4DE3-9E0A-047FF12D6941}) (Version: 2.0.18 - Samsung Electronics CO., LTD.)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
User Guide (HKLM-x32\...\{039EA659-E421-45C6-8913-BED5D69B5536}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Elias\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Elias\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Elias\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Elias\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3777642976-2438380877-1723110391-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Elias\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
23-09-2014 13:21:10 Windows Update
04-10-2014 08:29:21 Geplanter PrÃŒfpunkt
12-10-2014 19:00:25 Geplanter PrÃŒfpunkt
16-10-2014 13:09:17 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1BF73F2F-DE77-455E-8194-684BDF913FD6} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe
Task: {1DC19FEC-9FEB-4E10-80FA-27E0A2CDF341} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {25C22EA6-5A35-41DF-AC3E-3F6B66C4C743} - System32\Tasks\SWUpdateAgent => C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-09-10] (Samsung Electronics CO., LTD.)
Task: {36AD045A-6280-4E32-AFB7-32522A1ED4D5} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {5DC1B6AC-055F-4242-9A52-030AB06B1CE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {724F273E-2E81-457B-9934-46F45BD79D6F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-09-23] (Microsoft Corporation)
Task: {790C35F3-75F4-4AD0-8650-25BBF86C866A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {7C71EB44-63F4-4D2A-8D3D-5A63BCF6A7A4} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {8D721332-7930-4B07-929C-520FE7350162} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-09-04] (SEC)
Task: {9F878B0D-1EC3-479C-B771-1D6AB6B1092E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B72E8F64-0F81-4204-B013-E92D755276B2} - System32\Tasks\Microsoft\Windows\Setup\8.1 auto install => C:\windows\system32\NotificationUI.exe [2014-08-21] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CC4D69FE-D437-4F9F-BBEE-1141ABE1AB99} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {CFB835EF-0519-4369-B45D-2C47640A8D45} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-10-16] (Microsoft Corporation)
Task: {E07DDB21-6967-4443-8E38-0A9E1FA98B88} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe
Task: {E8C85F8D-DD83-4D0F-BEA4-E50FC068ECF5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe
Task: {E913AE11-2953-4AA1-B2D9-7825FB9A4CC0} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {EA833489-F06D-4081-8B80-F8FEE934AC03} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-08-17] (Samsung Electronics CO., LTD.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Loaded Modules (whitelisted) =============
2014-03-19 07:14 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00085112 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2012-08-10 11:28 - 2012-08-10 11:28 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-10 11:23 - 2012-08-10 11:23 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-08-16 04:26 - 2012-08-16 04:26 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-09-07 10:57 - 2012-09-07 10:57 - 04238968 _____ () C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
2014-10-16 20:33 - 2014-10-16 20:33 - 00050477 _____ () C:\Users\Elias\Downloads\Defogger.exe
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 01012856 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00103544 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2012-09-10 13:55 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-09-25 02:13 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 02:13 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 02:13 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 02:13 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 02:13 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2012-09-10 13:34 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKCU\...\StartupApproved\Run: => "Steam"
========================= Accounts: ==========================
Administrator (S-1-5-21-3777642976-2438380877-1723110391-500 - Administrator - Disabled)
Elias (S-1-5-21-3777642976-2438380877-1723110391-1002 - Administrator - Enabled) => C:\Users\Elias
Gast (S-1-5-21-3777642976-2438380877-1723110391-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-3777642976-2438380877-1723110391-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/16/2014 07:31:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Name des fehlerhaften Moduls: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Ausnahmecode: 0x40000015
Fehleroffset: 0x001b2fbb
ID des fehlerhaften Prozesses: 0xe10
Startzeit der fehlerhaften Anwendung: 0xSWMAgent.exe0
Pfad der fehlerhaften Anwendung: SWMAgent.exe1
Pfad des fehlerhaften Moduls: SWMAgent.exe2
Berichtskennung: SWMAgent.exe3
VollstÀndiger Name des fehlerhaften Pakets: SWMAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SWMAgent.exe5
Error: (10/16/2014 07:29:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Name des fehlerhaften Moduls: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Ausnahmecode: 0x40000015
Fehleroffset: 0x001b2fbb
ID des fehlerhaften Prozesses: 0xe8c
Startzeit der fehlerhaften Anwendung: 0xSWMAgent.exe0
Pfad der fehlerhaften Anwendung: SWMAgent.exe1
Pfad des fehlerhaften Moduls: SWMAgent.exe2
Berichtskennung: SWMAgent.exe3
VollstÀndiger Name des fehlerhaften Pakets: SWMAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SWMAgent.exe5
Error: (10/16/2014 07:28:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BtvStack.exe, Version: 8.0.0.206, Zeitstempel: 0x5024e144
Name des fehlerhaften Moduls: audio.dll, Version: 8.0.0.206, Zeitstempel: 0x5024e1aa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001ae08
ID des fehlerhaften Prozesses: 0xc84
Startzeit der fehlerhaften Anwendung: 0xBtvStack.exe0
Pfad der fehlerhaften Anwendung: BtvStack.exe1
Pfad des fehlerhaften Moduls: BtvStack.exe2
Berichtskennung: BtvStack.exe3
VollstÀndiger Name des fehlerhaften Pakets: BtvStack.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BtvStack.exe5
Error: (10/16/2014 06:37:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GuaranaMain.exe, Version 2.0.10.0 kann nicht mehr unter Windows ausgefÃŒhrt werden und wurde beendet. ÃœberprÃŒfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 12fc
Startzeit: 01cfe95caa9b0f17
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\Samsung\Support Center\GuaranaMain.exe
Berichts-ID: b5e83bea-5552-11e4-bf2b-20689d6d0e97
VollstÀndiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/16/2014 06:18:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Name des fehlerhaften Moduls: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Ausnahmecode: 0x40000015
Fehleroffset: 0x001b2fbb
ID des fehlerhaften Prozesses: 0x764
Startzeit der fehlerhaften Anwendung: 0xSWMAgent.exe0
Pfad der fehlerhaften Anwendung: SWMAgent.exe1
Pfad des fehlerhaften Moduls: SWMAgent.exe2
Berichtskennung: SWMAgent.exe3
VollstÀndiger Name des fehlerhaften Pakets: SWMAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SWMAgent.exe5
Error: (10/16/2014 06:17:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x13a8
Startzeit der fehlerhaften Anwendung: 0xCommonAgent.exe0
Pfad der fehlerhaften Anwendung: CommonAgent.exe1
Pfad des fehlerhaften Moduls: CommonAgent.exe2
Berichtskennung: CommonAgent.exe3
VollstÀndiger Name des fehlerhaften Pakets: CommonAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CommonAgent.exe5
Error: (10/16/2014 05:27:56 PM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : HTTPConnectionPool(host='127.0.0.1', port=35600): Max retries exceeded with url: /run_scheduled_task (Caused by <class 'socket.error'>: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte)
Error: (10/16/2014 05:15:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Name des fehlerhaften Moduls: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Ausnahmecode: 0x40000015
Fehleroffset: 0x001b2fbb
ID des fehlerhaften Prozesses: 0x1334
Startzeit der fehlerhaften Anwendung: 0xSWMAgent.exe0
Pfad der fehlerhaften Anwendung: SWMAgent.exe1
Pfad des fehlerhaften Moduls: SWMAgent.exe2
Berichtskennung: SWMAgent.exe3
VollstÀndiger Name des fehlerhaften Pakets: SWMAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SWMAgent.exe5
Error: (10/16/2014 05:15:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.124, Zeitstempel: 0x5420d868
Name des fehlerhaften Moduls: chrome.dll, Version: 37.0.2062.124, Zeitstempel: 0x5420d5a6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00eb51f7
ID des fehlerhaften Prozesses: 0x1004
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
VollstÀndiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5
Error: (10/16/2014 05:14:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Name des fehlerhaften Moduls: SWMAgent.exe, Version: 2.0.18.47, Zeitstempel: 0x504d70fd
Ausnahmecode: 0x40000015
Fehleroffset: 0x001b2fbb
ID des fehlerhaften Prozesses: 0xc28
Startzeit der fehlerhaften Anwendung: 0xSWMAgent.exe0
Pfad der fehlerhaften Anwendung: SWMAgent.exe1
Pfad des fehlerhaften Moduls: SWMAgent.exe2
Berichtskennung: SWMAgent.exe3
VollstÀndiger Name des fehlerhaften Pakets: SWMAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SWMAgent.exe5
System errors:
=============
Error: (10/16/2014 07:32:23 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.
Error: (10/15/2014 01:09:45 AM) (Source: DCOM) (EventID: 10010) (User: Elias-PC)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
Error: (10/10/2014 03:19:34 PM) (Source: DCOM) (EventID: 10010) (User: Elias-PC)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
Error: (09/25/2014 03:40:12 AM) (Source: DCOM) (EventID: 10010) (User: Elias-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (09/25/2014 03:40:12 AM) (Source: DCOM) (EventID: 10010) (User: Elias-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (09/25/2014 03:40:06 AM) (Source: DCOM) (EventID: 10010) (User: Elias-PC)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}
Error: (09/24/2014 03:49:21 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu fÃŒhren, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden fÃŒr das TLS-Protokoll definierten Code: 70. Der Windows-SChannel-Fehlerstatus lautet: 105.
Error: (09/22/2014 04:12:15 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine TransaktionsrÃŒckmeldung von Dienst ClickToRunSvc erreicht.
Error: (09/11/2014 00:57:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/11/2014 00:57:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Microsoft Office Sessions:
=========================
Error: (10/16/2014 07:31:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SWMAgent.exe2.0.18.47504d70fdSWMAgent.exe2.0.18.47504d70fd40000015001b2fbbe1001cfe966ff80a3fdC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exeC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe4c26524a-555a-11e4-bf2c-20689d6d0e97
Error: (10/16/2014 07:29:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SWMAgent.exe2.0.18.47504d70fdSWMAgent.exe2.0.18.47504d70fd40000015001b2fbbe8c01cfe9668db615e2C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exeC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exef943b12d-5559-11e4-bf2c-20689d6d0e97
Error: (10/16/2014 07:28:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BtvStack.exe8.0.0.2065024e144audio.dll8.0.0.2065024e1aac0000005000000000001ae08c8401cfe966969fdbd0C:\Program Files (x86)\Bluetooth Suite\BtvStack.exeC:\Program Files (x86)\Bluetooth Suite\Modules\Audio\audio.dlldcba32f3-5559-11e4-bf2c-20689d6d0e97
Error: (10/16/2014 06:37:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GuaranaMain.exe2.0.10.012fc01cfe95caa9b0f174294967295C:\Program Files\Samsung\Support Center\GuaranaMain.exeb5e83bea-5552-11e4-bf2b-20689d6d0e97
Error: (10/16/2014 06:18:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SWMAgent.exe2.0.18.47504d70fdSWMAgent.exe2.0.18.47504d70fd40000015001b2fbb76401cfe95cd004e046C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exeC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe0fa6214a-5550-11e4-bf2b-20689d6d0e97
Error: (10/16/2014 06:17:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CommonAgent.exe1.0.7.5502ddd20unknown0.0.0.000000000c0000005000000000000000013a801cfe953ad35b791C:\Program Files\Samsung\S Agent\CommonAgent.exeunknownec8b9fd2-554f-11e4-bf2b-20689d6d0e97
Error: (10/16/2014 05:27:56 PM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : HTTPConnectionPool(host='127.0.0.1', port=35600): Max retries exceeded with url: /run_scheduled_task (Caused by <class 'socket.error'>: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte)
Error: (10/16/2014 05:15:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SWMAgent.exe2.0.18.47504d70fdSWMAgent.exe2.0.18.47504d70fd40000015001b2fbb133401cfe953fbe261ebC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exeC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe39961507-5547-11e4-bf2b-20689d6d0e97
Error: (10/16/2014 05:15:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.1245420d868chrome.dll37.0.2062.1245420d5a6c000000500eb51f7100401cfe953f278f0efC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\chrome.dll34dc8570-5547-11e4-bf2b-20689d6d0e97
Error: (10/16/2014 05:14:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SWMAgent.exe2.0.18.47504d70fdSWMAgent.exe2.0.18.47504d70fd40000015001b2fbbc2801cfe9538f599693C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exeC:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe222b9798-5547-11e4-bf2b-20689d6d0e97
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 40%
Total physical RAM: 3797.53 MB
Available physical RAM: 2251.03 MB
Total Pagefile: 6869.53 MB
Available Pagefile: 4289.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:440.49 GB) (Free:367.89 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-16 21:00:54
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003d rev. 0,00MB
Running: Gmer-19357 (1).exe; Driver: C:\Users\Elias\AppData\Local\Temp\kgloapow.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3760] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007f8e5371532 4 bytes [37, E5, F8, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3760] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007f8e537153a 4 bytes [37, E5, F8, 07]
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3760] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007f8e537165a 4 bytes [37, E5, F8, 07]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!RtlLeaveCriticalSection + 61 000007f8eb33104d 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!RtlEnterCriticalSection + 39 000007f8eb331087 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!RtlGetCurrentUmsThread + 77 000007f8eb3310dd 40 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!_local_unwind + 36 000007f8eb331164 32 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!memcmp + 199 000007f8eb331257 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!strcat + 144 000007f8eb331300 16 bytes {JMP 0xffffffffffffff8c}
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!strcpy + 183 000007f8eb3313d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!strlen + 168 000007f8eb331558 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!strncat + 405 000007f8eb331705 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!strncmp + 181 000007f8eb3317d5 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!strncpy + 354 000007f8eb331952 48 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!RtlGetCurrentProcessorNumberEx + 52 000007f8eb3319e4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtdllDialogWndProc_W + 601 000007f8eb331dae 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!DbgUserBreakPoint + 99 000007f8eb331e33 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!RtlInterlockedPushListSList + 118 000007f8eb332056 48 bytes {JMP 0xffffffffffffffc0}
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!RtlpUmsExecuteYieldThreadEnd + 403 000007f8eb332574 16 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!__chkstk + 77 000007f8eb3325dd 40 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!_setjmp + 160 000007f8eb3326b0 16 bytes {JMP RAX}
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!longjmp + 236 000007f8eb33285c 32 bytes {JMP 0xffffffffffffffb9}
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtSetInformationThread 000007f8eb332c70 8 bytes {JMP QWORD [RIP-0xc6]}
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtQueryInformationThread 000007f8eb332df0 8 bytes {JMP QWORD [RIP-0x23e]}
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 000007f8eb332e20 8 bytes {JMP QWORD [RIP-0x317]}
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory 000007f8eb332f40 8 bytes {JMP QWORD [RIP-0x39e]}
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtQueueApcThread 000007f8eb332ff0 8 bytes {JMP QWORD [RIP-0x4df]}
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtCreateThreadEx 000007f8eb3336b1 5 bytes [FF, 25, E5, 0F, 00]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtCreateThreadEx + 6 000007f8eb3336b7 2 bytes [90, 90]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtGetContextThread 000007f8eb333991 5 bytes [FF, 25, FD, 0C, 00]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtGetContextThread + 6 000007f8eb333997 2 bytes [90, 90]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtSetContextThread 000007f8eb334211 8 bytes {JMP QWORD [RIP+0x475]}
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\SYSTEM32\ntdll.dll!NtWaitLowEventPair + 11 000007f8eb33468c 24 bytes [C0, 69, F8, 7F, 00, 00, 00, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuProcessInit + 616 00000000770e15f0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuProcessTerm + 3 00000000770e15fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuResetToConsistentState + 272 00000000770e17d4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuSetContext + 140 00000000770e18c4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuGetStackPointer + 23 00000000770e18e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuSetStackPointer + 23 00000000770e1903 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuSetInstructionPointer + 23 00000000770e1923 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuFlushInstructionCache + 23 00000000770e195f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuProcessDebugEvent + 3 00000000770e196b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text C:\Users\Elias\Downloads\Gmer-19357 (1).exe[5604] C:\windows\system32\wow64cpu.dll!CpuNotifyAffinityChange + 3 00000000770e1977 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
---- Threads - GMER 2.1 ----
Thread C:\windows\system32\csrss.exe [748:772] fffff960007675e8
---- Processes - GMER 2.1 ----
Library C:\Program Files\WindowsApps\Microsoft.SkypeApp_1.9.0.2016_x86__kzf8qxf38zg5c\LibWrap.dll (*** suspicious ***) @ C:\windows\syswow64\wwahost.exe [4704] (Microsoft Skype/Microsoft Corporation)(2014-02-02 21:03:11) 000000005dd00000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
Disk \Device\Harddisk0\DR0 sector 0: rootkit-like behavior
---- EOF - GMER 2.1 ----
|
|
16.10.2014, 23:35
| #2 |
| Ruhe in Frieden † 2019     | Windows 8: langsames Internet und Umleitungen auf Werbeseiten Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist. Posten in Code Tags Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke. Dazu:
Welche Seiten sind das jeweils? Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
17.10.2014, 12:23
| #3 |
| | Windows 8: langsames Internet und Umleitungen auf Werbeseiten Vielen Dank für die Hilfe!
__________________Hier ist das Ergebnis des Scans... Code:
ATTFilter 13:14:13.0667 0x0d24 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
13:14:13.0667 0x0d24 UEFI system
13:14:13.0714 0x0d24 ============================================================
13:14:13.0714 0x0d24 Current date / time: 2014/10/17 13:14:13.0714
13:14:13.0714 0x0d24 SystemInfo:
13:14:13.0714 0x0d24
13:14:13.0714 0x0d24 OS Version: 6.2.9200 ServicePack: 0.0
13:14:13.0714 0x0d24 Product type: Workstation
13:14:13.0714 0x0d24 ComputerName: ELIAS-PC
13:14:13.0714 0x0d24 UserName: Elias
13:14:13.0714 0x0d24 Windows directory: C:\windows
13:14:13.0714 0x0d24 System windows directory: C:\windows
13:14:13.0714 0x0d24 Running under WOW64
13:14:13.0714 0x0d24 Processor architecture: Intel x64
13:14:13.0714 0x0d24 Number of processors: 4
13:14:13.0714 0x0d24 Page size: 0x1000
13:14:13.0714 0x0d24 Boot type: Normal boot
13:14:13.0714 0x0d24 ============================================================
13:14:13.0714 0x0d24 BG loaded
13:14:13.0807 0x0d24 System UUID: {D8B20880-A826-136F-A4B7-110A8B966F26}
13:14:14.0370 0x0d24 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:14:14.0386 0x0d24 ============================================================
13:14:14.0386 0x0d24 \Device\Harddisk0\DR0:
13:14:14.0386 0x0d24 GPT partitions:
13:14:14.0386 0x0d24 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {118EA028-1713-43C0-909C-37C4E9E17B62}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
13:14:14.0386 0x0d24 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {14AC08E6-8D77-4270-80B7-27F9676D7685}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
13:14:14.0386 0x0d24 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {11BD816E-0D91-424D-AC43-6C9107922E53}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
13:14:14.0386 0x0d24 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {15F4A025-5EF9-49D1-8C93-8EE5F0688354}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x370FA801
13:14:14.0386 0x0d24 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3F8CDA94-01D3-48DB-AD67-9852013F4EAC}, Name: Basic data partition, StartLBA 0x372CB001, BlocksNum 0x2EBB000
13:14:14.0386 0x0d24 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F98CC789-F9B9-40F0-4173-636C65706975}, Name: Basic data partition, StartLBA 0x3A186001, BlocksNum 0x200000
13:14:14.0386 0x0d24 MBR partitions:
13:14:14.0386 0x0d24 ============================================================
13:14:14.0495 0x0d24 C: <-> \Device\Harddisk0\DR0\Partition4
13:14:14.0495 0x0d24 ============================================================
13:14:14.0495 0x0d24 Initialize success
13:14:14.0495 0x0d24 ============================================================
13:16:34.0383 0x0b34 ============================================================
13:16:34.0383 0x0b34 Scan started
13:16:34.0383 0x0b34 Mode: Manual; SigCheck; TDLFS;
13:16:34.0383 0x0b34 ============================================================
13:16:34.0383 0x0b34 KSN ping started
13:16:36.0711 0x0b34 KSN ping finished: true
13:16:38.0977 0x0b34 ================ Scan system memory ========================
13:16:38.0977 0x0b34 System memory - ok
13:16:38.0977 0x0b34 ================ Scan services =============================
13:16:39.0305 0x0b34 [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\windows\System32\drivers\1394ohci.sys
13:16:39.0399 0x0b34 1394ohci - ok
13:16:39.0430 0x0b34 [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\windows\system32\drivers\3ware.sys
13:16:39.0430 0x0b34 3ware - ok
13:16:39.0477 0x0b34 [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\windows\system32\drivers\ACPI.sys
13:16:39.0492 0x0b34 ACPI - ok
13:16:39.0524 0x0b34 [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\windows\system32\Drivers\acpiex.sys
13:16:39.0524 0x0b34 acpiex - ok
13:16:39.0539 0x0b34 [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\windows\System32\drivers\acpipagr.sys
13:16:39.0555 0x0b34 acpipagr - ok
13:16:39.0586 0x0b34 [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\windows\System32\drivers\acpipmi.sys
13:16:39.0633 0x0b34 AcpiPmi - ok
13:16:39.0633 0x0b34 [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\windows\System32\drivers\acpitime.sys
13:16:39.0664 0x0b34 acpitime - ok
13:16:39.0696 0x0b34 [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\windows\system32\drivers\adp94xx.sys
13:16:39.0711 0x0b34 adp94xx - ok
13:16:39.0742 0x0b34 [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\windows\system32\drivers\adpahci.sys
13:16:39.0758 0x0b34 adpahci - ok
13:16:39.0789 0x0b34 [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\windows\system32\drivers\adpu320.sys
13:16:39.0805 0x0b34 adpu320 - ok
13:16:39.0836 0x0b34 [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc C:\windows\System32\aelupsvc.dll
13:16:39.0914 0x0b34 AeLookupSvc - ok
13:16:39.0946 0x0b34 [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD C:\windows\system32\drivers\afd.sys
13:16:40.0024 0x0b34 AFD - ok
13:16:40.0055 0x0b34 [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\windows\system32\drivers\agp440.sys
13:16:40.0071 0x0b34 agp440 - ok
13:16:40.0086 0x0b34 [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\windows\System32\alg.exe
13:16:40.0211 0x0b34 ALG - ok
13:16:40.0242 0x0b34 [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
13:16:40.0289 0x0b34 AllUserInstallAgent - ok
13:16:40.0321 0x0b34 [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\windows\System32\drivers\amdk8.sys
13:16:40.0414 0x0b34 AmdK8 - ok
13:16:40.0430 0x0b34 [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\windows\System32\drivers\amdppm.sys
13:16:40.0461 0x0b34 AmdPPM - ok
13:16:40.0492 0x0b34 [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\windows\system32\drivers\amdsata.sys
13:16:40.0492 0x0b34 amdsata - ok
13:16:40.0539 0x0b34 [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
13:16:40.0555 0x0b34 amdsbs - ok
13:16:40.0571 0x0b34 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\windows\system32\drivers\amdxata.sys
13:16:40.0586 0x0b34 amdxata - ok
13:16:40.0602 0x0b34 [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\windows\system32\drivers\appid.sys
13:16:40.0664 0x0b34 AppID - ok
13:16:40.0696 0x0b34 [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\windows\System32\appidsvc.dll
13:16:40.0727 0x0b34 AppIDSvc - ok
13:16:40.0758 0x0b34 [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\windows\System32\appinfo.dll
13:16:40.0852 0x0b34 Appinfo - ok
13:16:40.0883 0x0b34 [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\windows\system32\drivers\arc.sys
13:16:40.0899 0x0b34 arc - ok
13:16:40.0914 0x0b34 [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\windows\system32\drivers\arcsas.sys
13:16:40.0930 0x0b34 arcsas - ok
13:16:40.0930 0x0b34 [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
13:16:40.0977 0x0b34 AsyncMac - ok
13:16:40.0993 0x0b34 [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\windows\system32\drivers\atapi.sys
13:16:40.0993 0x0b34 atapi - ok
13:16:41.0024 0x0b34 [ 4885C14A6AB6969B5773A42DA0BA3DA4, E317E1E299543FBD9853C71E1CF8019343B6234B9AAF56ABF48C41BB7743490B ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
13:16:41.0039 0x0b34 AthBTPort - ok
13:16:41.0164 0x0b34 [ 7CA5397A47843B0BD36898F32F2D403B, 40BACD955FDF2E469AA20910203CEB97B7C7D94C04E15723D99ED2C577AD14CF ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
13:16:41.0164 0x0b34 AtherosSvc - ok
13:16:41.0414 0x0b34 [ F17ABC4AA1FE4989E812858261414FE5, 6C24F7F498AB7D02DF35E1FD7621C29E81BD4C774F37AAC04A49B35A930775A2 ] athr C:\windows\system32\DRIVERS\athw8x.sys
13:16:41.0633 0x0b34 athr - ok
13:16:41.0680 0x0b34 [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
13:16:41.0789 0x0b34 AudioEndpointBuilder - ok
13:16:41.0821 0x0b34 [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv C:\windows\System32\Audiosrv.dll
13:16:41.0868 0x0b34 Audiosrv - ok
13:16:41.0946 0x0b34 [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
13:16:41.0961 0x0b34 AVP - ok
13:16:41.0993 0x0b34 [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\windows\System32\AxInstSV.dll
13:16:42.0102 0x0b34 AxInstSV - ok
13:16:42.0196 0x0b34 [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
13:16:42.0211 0x0b34 b06bdrv - ok
13:16:42.0243 0x0b34 [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\windows\System32\drivers\BasicDisplay.sys
13:16:42.0305 0x0b34 BasicDisplay - ok
13:16:42.0336 0x0b34 [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\windows\System32\drivers\BasicRender.sys
13:16:42.0383 0x0b34 BasicRender - ok
13:16:42.0414 0x0b34 [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\windows\System32\bdesvc.dll
13:16:42.0493 0x0b34 BDESVC - ok
13:16:42.0508 0x0b34 [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\windows\system32\drivers\Beep.sys
13:16:42.0571 0x0b34 Beep - ok
13:16:42.0618 0x0b34 [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE C:\windows\System32\bfe.dll
13:16:42.0727 0x0b34 BFE - ok
13:16:42.0774 0x0b34 [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\windows\System32\qmgr.dll
13:16:42.0883 0x0b34 BITS - ok
13:16:42.0915 0x0b34 [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
13:16:42.0977 0x0b34 bowser - ok
13:16:43.0008 0x0b34 [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
13:16:43.0055 0x0b34 BrokerInfrastructure - ok
13:16:43.0086 0x0b34 [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\windows\System32\browser.dll
13:16:43.0165 0x0b34 Browser - ok
13:16:43.0196 0x0b34 [ 942F3F6286056D6BBB5B02ED2B7088BD, 9F187C480BD40815ECFFC208BD1B00ACDFAD16899B4C8BE79C803FE48E322EA0 ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
13:16:43.0211 0x0b34 BTATH_A2DP - ok
13:16:43.0227 0x0b34 [ 43C965027229D9FF6E52E4C71C03B09E, AF0E39EAD8B17A65F885272BEF12BF91578289C183FB39BB803183BE0E5547D1 ] btath_avdt C:\windows\system32\drivers\btath_avdt.sys
13:16:43.0227 0x0b34 btath_avdt - ok
13:16:43.0258 0x0b34 [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9 ] BTATH_BUS C:\windows\System32\drivers\btath_bus.sys
13:16:43.0258 0x0b34 BTATH_BUS - ok
13:16:43.0290 0x0b34 [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F ] BTATH_HCRP C:\windows\System32\drivers\btath_hcrp.sys
13:16:43.0321 0x0b34 BTATH_HCRP - ok
13:16:43.0399 0x0b34 [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
13:16:43.0415 0x0b34 BTATH_LWFLT - ok
13:16:43.0430 0x0b34 [ EC7BB341229E9E6B04349580F55218B2, 4227CE6787DD1432EB054B1EE85C399188A61B23E2E8B0B615DA101C4AABD6C0 ] BTATH_RCP C:\windows\System32\drivers\btath_rcp.sys
13:16:43.0446 0x0b34 BTATH_RCP - ok
13:16:43.0477 0x0b34 [ CBF4EF7E9FE86CE0CAB0A6472DE34A1C, 7E4B410E1BC0BBC3B7CECF4B7396070E3FFB99D73CF185CBF38E65A79DDBB780 ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
13:16:43.0555 0x0b34 BtFilter - ok
13:16:43.0586 0x0b34 [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg C:\windows\System32\drivers\BthAvrcpTg.sys
13:16:43.0649 0x0b34 BthAvrcpTg - ok
13:16:43.0665 0x0b34 [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum C:\windows\System32\drivers\BthEnum.sys
13:16:43.0758 0x0b34 BthEnum - ok
13:16:43.0790 0x0b34 [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\windows\System32\drivers\bthhfenum.sys
13:16:43.0868 0x0b34 BthHFEnum - ok
13:16:43.0915 0x0b34 [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\windows\System32\drivers\BthHFHid.sys
13:16:43.0977 0x0b34 bthhfhid - ok
13:16:44.0024 0x0b34 [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum C:\windows\system32\DRIVERS\BthLEEnum.sys
13:16:44.0055 0x0b34 BthLEEnum - ok
13:16:44.0071 0x0b34 [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\windows\System32\drivers\bthmodem.sys
13:16:44.0102 0x0b34 BTHMODEM - ok
13:16:44.0149 0x0b34 [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
13:16:44.0196 0x0b34 BthPan - ok
13:16:44.0243 0x0b34 [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
13:16:44.0305 0x0b34 BTHPORT - ok
13:16:44.0321 0x0b34 [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\windows\system32\bthserv.dll
13:16:44.0352 0x0b34 bthserv - ok
13:16:44.0383 0x0b34 [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
13:16:44.0383 0x0b34 BTHUSB - ok
13:16:44.0415 0x0b34 [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
13:16:44.0524 0x0b34 cdfs - ok
13:16:44.0540 0x0b34 [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\windows\System32\drivers\cdrom.sys
13:16:44.0618 0x0b34 cdrom - ok
13:16:44.0633 0x0b34 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\windows\System32\certprop.dll
13:16:44.0665 0x0b34 CertPropSvc - ok
13:16:44.0680 0x0b34 [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\windows\System32\drivers\circlass.sys
13:16:44.0727 0x0b34 circlass - ok
13:16:44.0758 0x0b34 [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS C:\windows\system32\drivers\CLFS.sys
13:16:44.0774 0x0b34 CLFS - ok
13:16:45.0118 0x0b34 [ EDAD3D6932E4CB7D92F19FEE0238C29D, 8AE3F923CDBBF08ABB401B53D7E743DBD91C64E28AB7A17D7BAB1EF585A8FE4F ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
13:16:45.0180 0x0b34 ClickToRunSvc - ok
13:16:45.0227 0x0b34 [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\windows\system32\DRIVERS\CLVirtualDrive.sys
13:16:45.0290 0x0b34 CLVirtualDrive - ok
13:16:45.0321 0x0b34 [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\windows\System32\drivers\CmBatt.sys
13:16:45.0368 0x0b34 CmBatt - ok
13:16:45.0415 0x0b34 [ DBF9E5346431557BF56F41E7F8EC0DC1, D5FA34C873DA9BE40301D53198355556506AB5145B78B14D0AA88570A0058589 ] CNG C:\windows\system32\Drivers\cng.sys
13:16:45.0430 0x0b34 CNG - ok
13:16:45.0477 0x0b34 [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\windows\System32\drivers\CompositeBus.sys
13:16:45.0493 0x0b34 CompositeBus - ok
13:16:45.0508 0x0b34 COMSysApp - ok
13:16:45.0524 0x0b34 [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\windows\system32\drivers\condrv.sys
13:16:45.0571 0x0b34 condrv - ok
13:16:45.0743 0x0b34 [ C6D620A69098AB17EBD5C0CAADA1D7DC, 26E52579F2CB12121F927039E9068AA0515803653BEE1101C3FCF4DF696C19C2 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
13:16:45.0758 0x0b34 cphs - ok
13:16:45.0790 0x0b34 [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\windows\system32\cryptsvc.dll
13:16:45.0868 0x0b34 CryptSvc - ok
13:16:45.0899 0x0b34 [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\windows\system32\drivers\dam.sys
13:16:45.0915 0x0b34 dam - ok
13:16:45.0962 0x0b34 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\windows\system32\rpcss.dll
13:16:46.0071 0x0b34 DcomLaunch - ok
13:16:46.0118 0x0b34 [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc C:\windows\System32\defragsvc.dll
13:16:46.0258 0x0b34 defragsvc - ok
13:16:46.0290 0x0b34 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\windows\system32\das.dll
13:16:46.0368 0x0b34 DeviceAssociationService - ok
13:16:46.0415 0x0b34 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\windows\system32\umpnpmgr.dll
13:16:46.0446 0x0b34 DeviceInstall - ok
13:16:46.0477 0x0b34 [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc C:\windows\system32\Drivers\dfsc.sys
13:16:46.0555 0x0b34 Dfsc - ok
13:16:46.0665 0x0b34 [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\windows\system32\dhcpcore.dll
13:16:46.0743 0x0b34 Dhcp - ok
13:16:46.0790 0x0b34 [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\windows\system32\drivers\discache.sys
13:16:46.0805 0x0b34 discache - ok
13:16:46.0821 0x0b34 [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk C:\windows\system32\drivers\disk.sys
13:16:46.0837 0x0b34 disk - ok
13:16:46.0837 0x0b34 [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\windows\System32\drivers\dmvsc.sys
13:16:46.0899 0x0b34 dmvsc - ok
13:16:46.0930 0x0b34 [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache C:\windows\System32\dnsrslvr.dll
13:16:47.0024 0x0b34 Dnscache - ok
13:16:47.0055 0x0b34 [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\windows\System32\dot3svc.dll
13:16:47.0087 0x0b34 dot3svc - ok
13:16:47.0118 0x0b34 [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\windows\system32\dps.dll
13:16:47.0133 0x0b34 DPS - ok
13:16:47.0165 0x0b34 [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
13:16:47.0259 0x0b34 drmkaud - ok
13:16:47.0290 0x0b34 [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc C:\windows\System32\DeviceSetupManager.dll
13:16:47.0337 0x0b34 DsmSvc - ok
13:16:47.0399 0x0b34 [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
13:16:47.0477 0x0b34 DXGKrnl - ok
13:16:47.0509 0x0b34 [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\windows\System32\eapsvc.dll
13:16:47.0555 0x0b34 Eaphost - ok
13:16:47.0852 0x0b34 [ 843E8B2127D7283845E29E6176C15887, F755EB9B8DEAE9B5E90D7729A3A9B3B74B3D1B6A2775BDC82624F4D80D0DCCD3 ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
13:16:47.0884 0x0b34 Easy Launcher - ok
13:16:48.0165 0x0b34 [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\windows\system32\drivers\evbda.sys
13:16:48.0321 0x0b34 ebdrv - ok
13:16:48.0337 0x0b34 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS C:\windows\System32\lsass.exe
13:16:48.0446 0x0b34 EFS - ok
13:16:48.0477 0x0b34 [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\windows\system32\drivers\EhStorClass.sys
13:16:48.0493 0x0b34 EhStorClass - ok
13:16:48.0509 0x0b34 [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\windows\system32\drivers\EhStorTcgDrv.sys
13:16:48.0524 0x0b34 EhStorTcgDrv - ok
13:16:48.0540 0x0b34 [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\windows\System32\drivers\errdev.sys
13:16:48.0555 0x0b34 ErrDev - ok
13:16:48.0587 0x0b34 [ 6073E00157E6D99FC8D0D0CC8EF61DF9, E30A7F1FD5E15F0705CB382CF7D9A879C56AE58947A7AB81AC3F47DCE2678B04 ] ETD C:\windows\system32\DRIVERS\ETD.sys
13:16:48.0602 0x0b34 ETD - ok
13:16:48.0649 0x0b34 [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\windows\system32\es.dll
13:16:48.0712 0x0b34 EventSystem - ok
13:16:48.0759 0x0b34 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\windows\system32\drivers\exfat.sys
13:16:48.0805 0x0b34 exfat - ok
13:16:48.0821 0x0b34 [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\windows\system32\drivers\fastfat.sys
13:16:48.0852 0x0b34 fastfat - ok
13:16:48.0899 0x0b34 [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\windows\system32\fxssvc.exe
13:16:48.0962 0x0b34 Fax - ok
13:16:48.0993 0x0b34 [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\windows\System32\drivers\fdc.sys
13:16:49.0024 0x0b34 fdc - ok
13:16:49.0055 0x0b34 [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\windows\system32\fdPHost.dll
13:16:49.0087 0x0b34 fdPHost - ok
13:16:49.0102 0x0b34 [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\windows\system32\fdrespub.dll
13:16:49.0134 0x0b34 FDResPub - ok
13:16:49.0165 0x0b34 [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\windows\system32\fhsvc.dll
13:16:49.0227 0x0b34 fhsvc - ok
13:16:49.0243 0x0b34 [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
13:16:49.0259 0x0b34 FileInfo - ok
13:16:49.0274 0x0b34 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\windows\system32\drivers\filetrace.sys
13:16:49.0305 0x0b34 Filetrace - ok
13:16:49.0321 0x0b34 [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\windows\System32\drivers\flpydisk.sys
13:16:49.0337 0x0b34 flpydisk - ok
13:16:49.0368 0x0b34 [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
13:16:49.0384 0x0b34 FltMgr - ok
13:16:49.0524 0x0b34 [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache C:\windows\system32\FntCache.dll
13:16:49.0634 0x0b34 FontCache - ok
13:16:49.0712 0x0b34 [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:16:49.0727 0x0b34 FontCache3.0.0.0 - ok
13:16:49.0759 0x0b34 [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
13:16:49.0774 0x0b34 FsDepends - ok
13:16:49.0806 0x0b34 [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
13:16:49.0806 0x0b34 Fs_Rec - ok
13:16:49.0852 0x0b34 [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
13:16:49.0868 0x0b34 fvevol - ok
13:16:49.0899 0x0b34 [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\windows\System32\drivers\fxppm.sys
13:16:49.0931 0x0b34 FxPPM - ok
13:16:49.0962 0x0b34 [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
13:16:49.0962 0x0b34 gagp30kx - ok
13:16:49.0993 0x0b34 [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\windows\System32\drivers\vmgencounter.sys
13:16:50.0009 0x0b34 gencounter - ok
13:16:50.0024 0x0b34 [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101 C:\windows\system32\Drivers\msgpioclx.sys
13:16:50.0040 0x0b34 GPIOClx0101 - ok
13:16:50.0102 0x0b34 [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\windows\System32\gpsvc.dll
13:16:50.0165 0x0b34 gpsvc - ok
13:16:50.0212 0x0b34 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:16:50.0227 0x0b34 gupdate - ok
13:16:50.0243 0x0b34 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:16:50.0259 0x0b34 gupdatem - ok
13:16:50.0290 0x0b34 [ 4373CB2FFCF35EAAA853DB2FE45A40DC, 3FCF6A53AF63722FAAD6ABC94DA093EBD766B0728CD0E64EAB1BEC369CC998C9 ] Hamachi C:\windows\system32\DRIVERS\Hamdrv.sys
13:16:50.0306 0x0b34 Hamachi - ok
13:16:50.0368 0x0b34 [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
13:16:50.0431 0x0b34 HdAudAddService - ok
13:16:50.0462 0x0b34 [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus C:\windows\System32\drivers\HDAudBus.sys
13:16:50.0509 0x0b34 HDAudBus - ok
13:16:50.0540 0x0b34 [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\windows\System32\drivers\HidBatt.sys
13:16:50.0556 0x0b34 HidBatt - ok
13:16:50.0587 0x0b34 [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\windows\System32\drivers\hidbth.sys
13:16:50.0649 0x0b34 HidBth - ok
13:16:50.0665 0x0b34 [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\windows\System32\drivers\hidi2c.sys
13:16:50.0774 0x0b34 hidi2c - ok
13:16:50.0790 0x0b34 [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\windows\System32\drivers\hidir.sys
13:16:50.0821 0x0b34 HidIr - ok
13:16:50.0852 0x0b34 [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\windows\System32\hidserv.dll
13:16:50.0962 0x0b34 hidserv - ok
13:16:50.0977 0x0b34 [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\windows\System32\drivers\hidusb.sys
13:16:51.0118 0x0b34 HidUsb - ok
13:16:51.0134 0x0b34 [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\windows\system32\kmsvc.dll
13:16:51.0165 0x0b34 hkmsvc - ok
13:16:51.0212 0x0b34 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:16:51.0259 0x0b34 HomeGroupListener - ok
13:16:51.0290 0x0b34 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:16:51.0368 0x0b34 HomeGroupProvider - ok
13:16:51.0399 0x0b34 [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
13:16:51.0415 0x0b34 HpSAMD - ok
13:16:51.0446 0x0b34 [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP C:\windows\system32\drivers\HTTP.sys
13:16:51.0524 0x0b34 HTTP - ok
13:16:51.0540 0x0b34 [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
13:16:51.0556 0x0b34 hwpolicy - ok
13:16:51.0571 0x0b34 [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\windows\System32\drivers\hyperkbd.sys
13:16:51.0587 0x0b34 hyperkbd - ok
13:16:51.0603 0x0b34 [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\windows\system32\DRIVERS\HyperVideo.sys
13:16:51.0618 0x0b34 HyperVideo - ok
13:16:51.0649 0x0b34 [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\windows\System32\drivers\i8042prt.sys
13:16:51.0712 0x0b34 i8042prt - ok
13:16:51.0743 0x0b34 [ 050F2539E14F9D5E90A4B61738EC29BD, 0E65468B9F452FA7DB6DF2C1B2B2E9439C79031E27054FBDBDFE28A9F98721D7 ] iaStorA C:\windows\system32\drivers\iaStorA.sys
13:16:51.0759 0x0b34 iaStorA - ok
13:16:51.0790 0x0b34 [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
13:16:51.0821 0x0b34 iaStorV - ok
13:16:51.0915 0x0b34 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:16:51.0931 0x0b34 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
13:16:54.0368 0x0b34 Detect skipped due to KSN trusted
13:16:54.0368 0x0b34 IDriverT - ok
13:16:55.0638 0x0b34 [ 11A31FC2481BFE69B0507ED8C80215F4, 8A1E90611F749E8F04B6D86E835E981CAC16D0841305CADB19E58682DA006698 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
13:16:56.0090 0x0b34 igfx - ok
13:16:56.0147 0x0b34 [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\windows\system32\drivers\iirsp.sys
13:16:56.0180 0x0b34 iirsp - ok
13:16:56.0547 0x0b34 [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT C:\windows\System32\ikeext.dll
13:16:56.0655 0x0b34 IKEEXT - ok
13:16:57.0590 0x0b34 [ 8524178B895E4BC04776B319DA3A70EC, A635EADF6E8BD985B730F2737E8DA36AC71E8FEB759787ECB24D955176622AD2 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
13:16:57.0754 0x0b34 IntcAzAudAddService - ok
13:16:57.0841 0x0b34 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
13:16:57.0896 0x0b34 IntcDAud - ok
13:16:58.0122 0x0b34 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:16:58.0141 0x0b34 Intel(R) Capability Licensing Service Interface - ok
13:16:58.0303 0x0b34 [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:16:58.0310 0x0b34 Intel(R) ME Service - ok
13:16:58.0337 0x0b34 [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\windows\system32\drivers\intelide.sys
13:16:58.0369 0x0b34 intelide - ok
13:16:58.0395 0x0b34 [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\windows\System32\drivers\intelppm.sys
13:16:58.0483 0x0b34 intelppm - ok
13:16:58.0519 0x0b34 [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
13:16:58.0580 0x0b34 IpFilterDriver - ok
13:16:58.0734 0x0b34 [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\windows\System32\iphlpsvc.dll
13:16:58.0787 0x0b34 iphlpsvc - ok
13:16:58.0826 0x0b34 [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV C:\windows\System32\drivers\IPMIDrv.sys
13:16:58.0890 0x0b34 IPMIDRV - ok
13:16:58.0927 0x0b34 [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\windows\system32\drivers\ipnat.sys
13:16:58.0951 0x0b34 IPNAT - ok
13:16:58.0962 0x0b34 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\windows\system32\drivers\irenum.sys
13:16:59.0009 0x0b34 IRENUM - ok
13:16:59.0026 0x0b34 [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\windows\system32\drivers\isapnp.sys
13:16:59.0034 0x0b34 isapnp - ok
13:16:59.0068 0x0b34 [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt C:\windows\System32\drivers\msiscsi.sys
13:16:59.0083 0x0b34 iScsiPrt - ok
13:16:59.0178 0x0b34 [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
13:16:59.0201 0x0b34 iumsvc - ok
13:16:59.0266 0x0b34 [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:16:59.0273 0x0b34 jhi_service - ok
13:16:59.0313 0x0b34 [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\windows\System32\drivers\kbdclass.sys
13:16:59.0334 0x0b34 kbdclass - ok
13:16:59.0370 0x0b34 [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\windows\System32\drivers\kbdhid.sys
13:16:59.0397 0x0b34 kbdhid - ok
13:16:59.0414 0x0b34 [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\windows\system32\DRIVERS\kdnic.sys
13:16:59.0473 0x0b34 kdnic - ok
13:16:59.0485 0x0b34 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso C:\windows\system32\lsass.exe
13:16:59.0494 0x0b34 KeyIso - ok
13:16:59.0590 0x0b34 [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1 C:\windows\system32\DRIVERS\kl1.sys
13:16:59.0607 0x0b34 kl1 - ok
13:16:59.0653 0x0b34 [ 2248A9F2B7704271C72E306001C7FBE0, FEC8E10F4FAB332E36C1C5801396174B4CE21186431A2A234CE49695C4674ACA ] klelam C:\windows\system32\DRIVERS\klelam.sys
13:16:59.0682 0x0b34 klelam - ok
13:16:59.0734 0x0b34 [ BC996B5D96CB7463268DE67E2D99F496, F2763242B69B1290FCAF54B6353BC1469C47D774724249D4CB9BFEC100890970 ] klflt C:\windows\system32\DRIVERS\klflt.sys
13:16:59.0749 0x0b34 klflt - ok
13:16:59.0780 0x0b34 [ E8D6C80D4E11383CEE269F9C27E6464C, 5E9EAD64AE221AE8BF87730A7FDDF8023805184D12A058A147ECD887FA3D3012 ] KLIF C:\windows\system32\DRIVERS\klif.sys
13:16:59.0796 0x0b34 KLIF - ok
13:16:59.0827 0x0b34 [ B6822DEFE601629F19E0A2D7F0D623F2, FD71A2AA3FC4698B5436D185E2F2A3EB6A111AE8F35606E1658E2D18CE744F13 ] KLIM6 C:\windows\system32\DRIVERS\klim6.sys
13:16:59.0843 0x0b34 KLIM6 - ok
13:16:59.0874 0x0b34 [ B45DEC5BD71885E833DF3D837CE7C606, 8A81802122EE6BD791E36F9F27D921C9BC4D5B6604C0A79F9F1D806AD44B9869 ] klkbdflt C:\windows\system32\DRIVERS\klkbdflt.sys
13:16:59.0874 0x0b34 klkbdflt - ok
13:16:59.0890 0x0b34 [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt C:\windows\system32\DRIVERS\klmouflt.sys
13:16:59.0890 0x0b34 klmouflt - ok
13:16:59.0906 0x0b34 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\windows\system32\DRIVERS\klpd.sys
13:16:59.0906 0x0b34 klpd - ok
13:16:59.0952 0x0b34 [ EAAF7E0936CC5474F433B684A2C68CF2, 5E5E5D324000F2209C7E32DC965FBD822850B4E1351887A93B50FB79844BF781 ] klwfp C:\windows\system32\DRIVERS\klwfp.sys
13:16:59.0952 0x0b34 klwfp - ok
13:16:59.0968 0x0b34 [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps C:\windows\system32\DRIVERS\kneps.sys
13:16:59.0968 0x0b34 kneps - ok
13:17:00.0015 0x0b34 [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
13:17:00.0015 0x0b34 KSecDD - ok
13:17:00.0031 0x0b34 [ 3DD9C86EA88E8B5A51904AD87E1F2E78, F9EC9A571212117C01934CD29057EB1B3FA095F670294244AF7D9387D3F6E555 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
13:17:00.0077 0x0b34 KSecPkg - ok
13:17:00.0109 0x0b34 [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
13:17:00.0140 0x0b34 ksthunk - ok
13:17:00.0218 0x0b34 [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\windows\system32\msdtckrm.dll
13:17:00.0406 0x0b34 KtmRm - ok
13:17:00.0531 0x0b34 [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer C:\windows\System32\srvsvc.dll
13:17:00.0671 0x0b34 LanmanServer - ok
13:17:00.0702 0x0b34 [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:17:00.0718 0x0b34 LanmanWorkstation - ok
13:17:00.0765 0x0b34 [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
13:17:00.0827 0x0b34 lltdio - ok
13:17:00.0859 0x0b34 [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\windows\System32\lltdsvc.dll
13:17:00.0890 0x0b34 lltdsvc - ok
13:17:00.0906 0x0b34 [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\windows\System32\lmhsvc.dll
13:17:00.0968 0x0b34 lmhosts - ok
13:17:00.0999 0x0b34 [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:17:01.0015 0x0b34 LMS - ok
13:17:01.0046 0x0b34 [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
13:17:01.0062 0x0b34 LSI_SAS - ok
13:17:01.0077 0x0b34 [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
13:17:01.0093 0x0b34 LSI_SAS2 - ok
13:17:01.0109 0x0b34 [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
13:17:01.0109 0x0b34 LSI_SCSI - ok
13:17:01.0140 0x0b34 [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\windows\system32\drivers\lsi_sss.sys
13:17:01.0140 0x0b34 LSI_SSS - ok
13:17:01.0187 0x0b34 [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM C:\windows\System32\lsm.dll
13:17:01.0265 0x0b34 LSM - ok
13:17:01.0296 0x0b34 [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\windows\system32\drivers\luafv.sys
13:17:01.0327 0x0b34 luafv - ok
13:17:01.0343 0x0b34 [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\windows\system32\drivers\megasas.sys
13:17:01.0359 0x0b34 megasas - ok
13:17:01.0374 0x0b34 [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
13:17:01.0390 0x0b34 MegaSR - ok
13:17:01.0421 0x0b34 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\windows\System32\drivers\HECIx64.sys
13:17:01.0421 0x0b34 MEIx64 - ok
13:17:01.0437 0x0b34 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\windows\system32\mmcss.dll
13:17:01.0484 0x0b34 MMCSS - ok
13:17:01.0499 0x0b34 [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\windows\system32\drivers\modem.sys
13:17:01.0531 0x0b34 Modem - ok
13:17:01.0562 0x0b34 [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\windows\System32\drivers\monitor.sys
13:17:01.0593 0x0b34 monitor - ok
13:17:01.0624 0x0b34 [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\windows\System32\drivers\mouclass.sys
13:17:01.0624 0x0b34 mouclass - ok
13:17:01.0656 0x0b34 [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\windows\System32\drivers\mouhid.sys
13:17:01.0703 0x0b34 mouhid - ok
13:17:01.0734 0x0b34 [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
13:17:01.0734 0x0b34 mountmgr - ok
13:17:01.0765 0x0b34 [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
13:17:01.0827 0x0b34 mpsdrv - ok
13:17:01.0890 0x0b34 [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\windows\system32\mpssvc.dll
13:17:01.0906 0x0b34 MpsSvc - ok
13:17:01.0952 0x0b34 [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
13:17:02.0046 0x0b34 MRxDAV - ok
13:17:02.0109 0x0b34 [ 14EE56050E1637926F5CFA65B1F4209B, C654280B4BB461898B43DF350B5BB76C2FDEBD6B49A19D08B2F28D92E2FA3D0D ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
13:17:02.0171 0x0b34 mrxsmb - ok
13:17:02.0234 0x0b34 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
13:17:02.0249 0x0b34 mrxsmb10 - ok
13:17:02.0296 0x0b34 [ 0AA400AB21745F1153ECE75E0186509A, E26696A00008BB8D88ABED6F379FFFAE21ACE9AA7108D9E89A7D99CAF2F23FEF ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
13:17:02.0640 0x0b34 mrxsmb20 - ok
13:17:02.0671 0x0b34 [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\windows\system32\DRIVERS\bridge.sys
13:17:02.0718 0x0b34 MsBridge - ok
13:17:02.0734 0x0b34 [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\windows\System32\msdtc.exe
13:17:02.0781 0x0b34 MSDTC - ok
13:17:02.0812 0x0b34 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\windows\system32\drivers\Msfs.sys
13:17:02.0828 0x0b34 Msfs - ok
13:17:02.0859 0x0b34 [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\windows\System32\drivers\msgpiowin32.sys
13:17:02.0859 0x0b34 msgpiowin32 - ok
13:17:02.0874 0x0b34 [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
13:17:02.0890 0x0b34 mshidkmdf - ok
13:17:02.0890 0x0b34 [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\windows\System32\drivers\mshidumdf.sys
13:17:02.0921 0x0b34 mshidumdf - ok
13:17:02.0937 0x0b34 [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\windows\system32\drivers\msisadrv.sys
13:17:02.0953 0x0b34 msisadrv - ok
13:17:02.0968 0x0b34 [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\windows\system32\iscsiexe.dll
13:17:02.0984 0x0b34 MSiSCSI - ok
13:17:02.0984 0x0b34 msiserver - ok
13:17:03.0015 0x0b34 [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
13:17:03.0046 0x0b34 MSKSSRV - ok
13:17:03.0046 0x0b34 [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\windows\system32\DRIVERS\mslldp.sys
13:17:03.0062 0x0b34 MsLldp - ok
13:17:03.0078 0x0b34 [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
13:17:03.0109 0x0b34 MSPCLOCK - ok
13:17:03.0124 0x0b34 [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
13:17:03.0156 0x0b34 MSPQM - ok
13:17:03.0203 0x0b34 [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\windows\system32\drivers\MsRPC.sys
13:17:03.0218 0x0b34 MsRPC - ok
13:17:03.0234 0x0b34 [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\windows\System32\drivers\mssmbios.sys
13:17:03.0234 0x0b34 mssmbios - ok
13:17:03.0249 0x0b34 [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
13:17:03.0296 0x0b34 MSTEE - ok
13:17:03.0312 0x0b34 [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\windows\System32\drivers\MTConfig.sys
13:17:03.0328 0x0b34 MTConfig - ok
13:17:03.0359 0x0b34 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\windows\system32\Drivers\mup.sys
13:17:03.0359 0x0b34 Mup - ok
13:17:03.0390 0x0b34 [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\windows\system32\drivers\mvumis.sys
13:17:03.0390 0x0b34 mvumis - ok
13:17:03.0437 0x0b34 [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\windows\system32\qagentRT.dll
13:17:03.0468 0x0b34 napagent - ok
13:17:03.0499 0x0b34 [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
13:17:03.0546 0x0b34 NativeWifiP - ok
13:17:03.0562 0x0b34 [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\windows\System32\ncasvc.dll
13:17:03.0593 0x0b34 NcaSvc - ok
13:17:03.0609 0x0b34 [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\windows\System32\NcdAutoSetup.dll
13:17:03.0671 0x0b34 NcdAutoSetup - ok
13:17:03.0718 0x0b34 [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\windows\system32\drivers\ndis.sys
13:17:03.0765 0x0b34 NDIS - ok
13:17:03.0796 0x0b34 [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
13:17:03.0828 0x0b34 NdisCap - ok
13:17:03.0859 0x0b34 [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\windows\system32\DRIVERS\NdisImPlatform.sys
13:17:03.0906 0x0b34 NdisImPlatform - ok
13:17:03.0937 0x0b34 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
13:17:04.0015 0x0b34 NdisTapi - ok
13:17:04.0031 0x0b34 [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
13:17:04.0062 0x0b34 Ndisuio - ok
13:17:04.0078 0x0b34 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
13:17:04.0109 0x0b34 NdisWan - ok
13:17:04.0140 0x0b34 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\windows\system32\DRIVERS\ndiswan.sys
13:17:04.0156 0x0b34 NDISWANLEGACY - ok
13:17:04.0171 0x0b34 [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\windows\system32\drivers\NDProxy.sys
13:17:04.0203 0x0b34 NDProxy - ok
13:17:04.0218 0x0b34 [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\windows\system32\drivers\Ndu.sys
13:17:04.0249 0x0b34 Ndu - ok
13:17:04.0265 0x0b34 [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
13:17:04.0296 0x0b34 NetBIOS - ok
13:17:04.0328 0x0b34 [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
13:17:04.0359 0x0b34 NetBT - ok
13:17:04.0390 0x0b34 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon C:\windows\system32\lsass.exe
13:17:04.0406 0x0b34 Netlogon - ok
13:17:04.0421 0x0b34 [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\windows\System32\netman.dll
13:17:04.0500 0x0b34 Netman - ok
13:17:04.0531 0x0b34 [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\windows\System32\netprofmsvc.dll
13:17:04.0625 0x0b34 netprofm - ok
13:17:04.0687 0x0b34 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:17:04.0703 0x0b34 NetTcpPortSharing - ok
13:17:04.0765 0x0b34 [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
13:17:04.0796 0x0b34 nfrd960 - ok
13:17:04.0875 0x0b34 [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc C:\windows\System32\nlasvc.dll
13:17:04.0968 0x0b34 NlaSvc - ok
13:17:04.0984 0x0b34 [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\windows\system32\drivers\Npfs.sys
13:17:05.0000 0x0b34 Npfs - ok
13:17:05.0015 0x0b34 [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\windows\System32\drivers\npsvctrig.sys
13:17:05.0031 0x0b34 npsvctrig - ok
13:17:05.0062 0x0b34 [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\windows\system32\nsisvc.dll
13:17:05.0078 0x0b34 nsi - ok
13:17:05.0078 0x0b34 [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
13:17:05.0109 0x0b34 nsiproxy - ok
13:17:05.0218 0x0b34 [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs C:\windows\system32\drivers\Ntfs.sys
13:17:05.0328 0x0b34 Ntfs - ok
13:17:05.0359 0x0b34 [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\windows\system32\drivers\Null.sys
13:17:05.0390 0x0b34 Null - ok
13:17:06.0859 0x0b34 [ 5104BAC2DA2A5BDD86AC6B0708B00F06, A02501514F8517CB5A6CFE4352A3D0F864153470015589428A6B14477E791514 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
13:17:07.0328 0x0b34 nvlddmkm - ok
13:17:07.0422 0x0b34 [ 918841B2454F4F2BD94479692079490B, 16667315DE4EB5543E176273362791B157223E775ED1CF285330CC8195E0F1BB ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
13:17:07.0422 0x0b34 nvpciflt - ok
13:17:07.0468 0x0b34 [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
13:17:07.0484 0x0b34 nvraid - ok
13:17:07.0500 0x0b34 [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\windows\system32\drivers\nvstor.sys
13:17:07.0515 0x0b34 nvstor - ok
13:17:07.0704 0x0b34 [ DDFAFCE89A5C93D04712B86F94E9FCBA, 377303D4CAC9E3AD5B58894CF7AECDA4FCD3D721568BE8BACC0A897A0956919A ] nvsvc C:\windows\system32\nvvsvc.exe
13:17:07.0735 0x0b34 nvsvc - ok
13:17:07.0986 0x0b34 [ 249357999355A998AA94A3673C3367EB, D33A231EB1B09A838446CE7C4A057CF0DE7C1C62639703EB920BA554EB8A4E0B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:17:08.0017 0x0b34 nvUpdatusService - ok
13:17:08.0033 0x0b34 [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
13:17:08.0049 0x0b34 nv_agp - ok
13:17:08.0127 0x0b34 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:17:08.0127 0x0b34 ose - ok
13:17:08.0221 0x0b34 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\windows\system32\pnrpsvc.dll
13:17:08.0314 0x0b34 p2pimsvc - ok
13:17:08.0330 0x0b34 [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\windows\system32\p2psvc.dll
13:17:08.0361 0x0b34 p2psvc - ok
13:17:08.0392 0x0b34 [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\windows\System32\drivers\parport.sys
13:17:08.0408 0x0b34 Parport - ok
13:17:08.0439 0x0b34 [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\windows\system32\drivers\partmgr.sys
13:17:08.0439 0x0b34 partmgr - ok
13:17:08.0471 0x0b34 [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\windows\System32\pcasvc.dll
13:17:08.0549 0x0b34 PcaSvc - ok
13:17:08.0580 0x0b34 [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\windows\system32\drivers\pci.sys
13:17:08.0596 0x0b34 pci - ok
13:17:08.0611 0x0b34 [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\windows\system32\drivers\pciide.sys
13:17:08.0627 0x0b34 pciide - ok
13:17:08.0642 0x0b34 [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
13:17:08.0658 0x0b34 pcmcia - ok
13:17:08.0674 0x0b34 [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\windows\system32\drivers\pcw.sys
13:17:08.0674 0x0b34 pcw - ok
13:17:08.0705 0x0b34 [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\windows\system32\drivers\pdc.sys
13:17:08.0721 0x0b34 pdc - ok
13:17:08.0767 0x0b34 [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\windows\system32\drivers\peauth.sys
13:17:08.0846 0x0b34 PEAUTH - ok
13:17:09.0552 0x0b34 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\windows\SysWow64\perfhost.exe
13:17:09.0568 0x0b34 PerfHost - ok
13:17:09.0786 0x0b34 [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\windows\system32\pla.dll
13:17:09.0864 0x0b34 pla - ok
13:17:09.0896 0x0b34 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\windows\system32\umpnpmgr.dll
13:17:09.0911 0x0b34 PlugPlay - ok
13:17:09.0943 0x0b34 [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
13:17:09.0974 0x0b34 PNRPAutoReg - ok
13:17:10.0005 0x0b34 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\windows\system32\pnrpsvc.dll
13:17:10.0021 0x0b34 PNRPsvc - ok
13:17:10.0052 0x0b34 [ 6F5DDC52A9103CC8E1ED5892C1D15613, 9B0DEB0DF5004BB67AE25C8381607C0B75CA356048296F25C0150E3ED4D0F1EF ] Point64 C:\windows\System32\drivers\point64.sys
13:17:10.0068 0x0b34 Point64 - ok
13:17:10.0099 0x0b34 [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\windows\System32\ipsecsvc.dll
13:17:10.0130 0x0b34 PolicyAgent - ok
13:17:10.0161 0x0b34 [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\windows\system32\umpo.dll
13:17:10.0208 0x0b34 Power - ok
13:17:10.0239 0x0b34 [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
13:17:10.0271 0x0b34 PptpMiniport - ok
13:17:10.0946 0x0b34 [ EE553F62E81D7F7F3718DB960A1EF2C0, 84A8C79B4F51D606F567A038280007F278D57BE06AB0F060E4D43AC1347AB459 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
13:17:11.0227 0x0b34 PrintNotify - ok
13:17:11.0243 0x0b34 [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\windows\System32\drivers\processr.sys
13:17:11.0274 0x0b34 Processor - ok
13:17:11.0305 0x0b34 [ 7319B31138CF508E0C4502946657A4B4, 03C57F90F673012B983720D1477822AABA6D6D54F700AB2248CAED6451B37CA3 ] ProfSvc C:\windows\system32\profsvc.dll
13:17:11.0383 0x0b34 ProfSvc - ok
13:17:11.0399 0x0b34 [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\windows\system32\DRIVERS\pacer.sys
13:17:11.0415 0x0b34 Psched - ok
13:17:11.0446 0x0b34 [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\windows\system32\qwave.dll
13:17:11.0461 0x0b34 QWAVE - ok
13:17:11.0493 0x0b34 [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
13:17:11.0508 0x0b34 QWAVEdrv - ok
13:17:11.0540 0x0b34 [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini C:\windows\System32\drivers\RadioHIDMini.sys
13:17:11.0586 0x0b34 RadioHIDMini - ok
13:17:11.0602 0x0b34 [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
13:17:11.0618 0x0b34 RasAcd - ok
13:17:11.0649 0x0b34 [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
13:17:11.0665 0x0b34 RasAgileVpn - ok
13:17:11.0696 0x0b34 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\windows\System32\rasauto.dll
13:17:11.0727 0x0b34 RasAuto - ok
13:17:11.0743 0x0b34 [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
13:17:11.0790 0x0b34 Rasl2tp - ok
13:17:11.0821 0x0b34 [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\windows\System32\rasmans.dll
13:17:11.0852 0x0b34 RasMan - ok
13:17:11.0868 0x0b34 [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
13:17:11.0883 0x0b34 RasPppoe - ok
13:17:11.0883 0x0b34 [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
13:17:11.0915 0x0b34 RasSstp - ok
13:17:11.0961 0x0b34 [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
13:17:12.0104 0x0b34 rdbss - ok
13:17:12.0166 0x0b34 [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\windows\System32\drivers\rdpbus.sys
13:17:12.0244 0x0b34 rdpbus - ok
13:17:12.0260 0x0b34 [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
13:17:12.0323 0x0b34 RDPDR - ok
13:17:12.0354 0x0b34 [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
13:17:12.0354 0x0b34 RdpVideoMiniport - ok
13:17:12.0385 0x0b34 [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
13:17:12.0401 0x0b34 RDPWD - ok
13:17:12.0432 0x0b34 [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\windows\system32\drivers\rdyboost.sys
13:17:12.0448 0x0b34 rdyboost - ok
13:17:12.0479 0x0b34 [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\windows\System32\mprdim.dll
13:17:12.0494 0x0b34 RemoteAccess - ok
13:17:12.0526 0x0b34 [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\windows\system32\regsvc.dll
13:17:12.0557 0x0b34 RemoteRegistry - ok
13:17:12.0588 0x0b34 [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM C:\windows\System32\drivers\rfcomm.sys
13:17:12.0619 0x0b34 RFCOMM - ok
13:17:12.0635 0x0b34 [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
13:17:12.0729 0x0b34 RpcEptMapper - ok
13:17:12.0744 0x0b34 [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\windows\system32\locator.exe
13:17:12.0744 0x0b34 RpcLocator - ok
13:17:12.0791 0x0b34 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\windows\system32\rpcss.dll
13:17:12.0823 0x0b34 RpcSs - ok
13:17:12.0854 0x0b34 [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
13:17:12.0885 0x0b34 rspndr - ok
13:17:12.0916 0x0b34 [ 7D9DA8EC6784A9EE213C676709D46BE6, 9861D1EF107F7D1590B89098EAEA7F509C1EF46999C37703F3766BAD733D8AD2 ] RTL8168 C:\windows\system32\DRIVERS\Rt630x64.sys
13:17:12.0932 0x0b34 RTL8168 - ok
13:17:12.0995 0x0b34 [ 4CA0DBA9E224473D664C25E411F5A3BD, 71423A66165782EFB4DB7BE6CE48DDB463D9F65FD0F266D333A6558791D158E5 ] rtport C:\windows\SysWOW64\drivers\rtport.sys
13:17:12.0995 0x0b34 rtport - ok
13:17:13.0026 0x0b34 [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\windows\System32\drivers\vms3cap.sys
13:17:13.0057 0x0b34 s3cap - ok
13:17:13.0073 0x0b34 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs C:\windows\system32\lsass.exe
13:17:13.0088 0x0b34 SamSs - ok
13:17:13.0088 0x0b34 SBIOSIO - ok
13:17:13.0120 0x0b34 [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
13:17:13.0135 0x0b34 sbp2port - ok
13:17:13.0166 0x0b34 [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\windows\System32\SCardSvr.dll
13:17:13.0198 0x0b34 SCardSvr - ok
13:17:13.0229 0x0b34 [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
13:17:13.0260 0x0b34 scfilter - ok
13:17:13.0307 0x0b34 [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule C:\windows\system32\schedsvc.dll
13:17:13.0401 0x0b34 Schedule - ok
13:17:13.0432 0x0b34 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\windows\System32\certprop.dll
13:17:13.0432 0x0b34 SCPolicySvc - ok
13:17:13.0495 0x0b34 [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\windows\System32\drivers\sdbus.sys
13:17:13.0526 0x0b34 sdbus - ok
13:17:13.0541 0x0b34 [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\windows\System32\SDRSVC.dll
13:17:13.0604 0x0b34 SDRSVC - ok
13:17:13.0620 0x0b34 [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\windows\System32\drivers\sdstor.sys
13:17:13.0620 0x0b34 sdstor - ok
13:17:13.0651 0x0b34 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
13:17:13.0651 0x0b34 secdrv - ok
13:17:13.0682 0x0b34 [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\windows\system32\seclogon.dll
13:17:13.0776 0x0b34 seclogon - ok
13:17:13.0807 0x0b34 [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\windows\system32\sens.dll
13:17:13.0823 0x0b34 SENS - ok
13:17:13.0870 0x0b34 [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\windows\system32\sensrsvc.dll
13:17:13.0932 0x0b34 SensrSvc - ok
13:17:13.0948 0x0b34 [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\windows\system32\drivers\SerCx.sys
13:17:13.0963 0x0b34 SerCx - ok
13:17:13.0995 0x0b34 [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\windows\System32\drivers\serenum.sys
13:17:13.0995 0x0b34 Serenum - ok
13:17:14.0010 0x0b34 [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\windows\System32\drivers\serial.sys
13:17:14.0041 0x0b34 Serial - ok
13:17:14.0057 0x0b34 [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\windows\System32\drivers\sermouse.sys
13:17:14.0073 0x0b34 sermouse - ok
13:17:14.0120 0x0b34 [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\windows\system32\sessenv.dll
13:17:14.0135 0x0b34 SessionEnv - ok
13:17:14.0151 0x0b34 [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\windows\System32\drivers\sfloppy.sys
13:17:14.0182 0x0b34 sfloppy - ok
13:17:14.0213 0x0b34 [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\windows\System32\ipnathlp.dll
13:17:14.0260 0x0b34 SharedAccess - ok
13:17:14.0307 0x0b34 [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:17:14.0416 0x0b34 ShellHWDetection - ok
13:17:14.0432 0x0b34 [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
13:17:14.0448 0x0b34 SiSRaid2 - ok
13:17:14.0463 0x0b34 [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
13:17:14.0479 0x0b34 SiSRaid4 - ok
13:17:14.0541 0x0b34 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:17:14.0557 0x0b34 SkypeUpdate - ok
13:17:14.0588 0x0b34 [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\windows\System32\snmptrap.exe
13:17:14.0620 0x0b34 SNMPTRAP - ok
13:17:14.0651 0x0b34 [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\windows\system32\drivers\spaceport.sys
13:17:14.0666 0x0b34 spaceport - ok
13:17:14.0698 0x0b34 [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\windows\system32\drivers\SpbCx.sys
13:17:14.0729 0x0b34 SpbCx - ok
13:17:14.0760 0x0b34 [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\windows\System32\spoolsv.exe
13:17:14.0807 0x0b34 Spooler - ok
13:17:15.0088 0x0b34 [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc C:\windows\system32\sppsvc.exe
13:17:15.0245 0x0b34 sppsvc - ok
13:17:15.0276 0x0b34 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\windows\system32\DRIVERS\srv.sys
13:17:15.0323 0x0b34 srv - ok
13:17:15.0370 0x0b34 [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
13:17:15.0448 0x0b34 srv2 - ok
13:17:15.0479 0x0b34 [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
13:17:15.0526 0x0b34 srvnet - ok
13:17:15.0557 0x0b34 [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
13:17:15.0573 0x0b34 SSDPSRV - ok
13:17:15.0588 0x0b34 [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\windows\system32\sstpsvc.dll
13:17:15.0604 0x0b34 SstpSvc - ok
13:17:15.0776 0x0b34 [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:17:15.0885 0x0b34 Steam Client Service - ok
13:17:15.0920 0x0b34 [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\windows\system32\drivers\stexstor.sys
13:17:15.0935 0x0b34 stexstor - ok
13:17:16.0013 0x0b34 [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\windows\System32\wiaservc.dll
13:17:16.0185 0x0b34 stisvc - ok
13:17:16.0217 0x0b34 [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\windows\system32\drivers\storahci.sys
13:17:16.0232 0x0b34 storahci - ok
13:17:16.0248 0x0b34 [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\windows\system32\DRIVERS\vmstorfl.sys
13:17:16.0263 0x0b34 storflt - ok
13:17:16.0295 0x0b34 [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\windows\system32\storsvc.dll
13:17:16.0373 0x0b34 StorSvc - ok
13:17:16.0451 0x0b34 [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\windows\system32\drivers\storvsc.sys
13:17:16.0482 0x0b34 storvsc - ok
13:17:16.0498 0x0b34 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\windows\system32\svsvc.dll
13:17:16.0545 0x0b34 svsvc - ok
13:17:16.0560 0x0b34 [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\windows\System32\drivers\swenum.sys
13:17:16.0560 0x0b34 swenum - ok
13:17:16.0592 0x0b34 [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\windows\System32\swprv.dll
13:17:16.0638 0x0b34 swprv - ok
13:17:16.0857 0x0b34 [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\windows\system32\sysmain.dll
13:17:16.0888 0x0b34 SysMain - ok
13:17:16.0970 0x0b34 [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
13:17:17.0032 0x0b34 SystemEventsBroker - ok
13:17:17.0063 0x0b34 [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\windows\System32\TabSvc.dll
13:17:17.0110 0x0b34 TabletInputService - ok
13:17:17.0126 0x0b34 [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\windows\System32\tapisrv.dll
13:17:17.0142 0x0b34 TapiSrv - ok
13:17:17.0534 0x0b34 [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] Tcpip C:\windows\system32\drivers\tcpip.sys
13:17:17.0644 0x0b34 Tcpip - ok
13:17:17.0997 0x0b34 [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
13:17:18.0059 0x0b34 TCPIP6 - ok
13:17:18.0106 0x0b34 [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
13:17:18.0123 0x0b34 tcpipreg - ok
13:17:18.0154 0x0b34 [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx C:\windows\system32\DRIVERS\tdx.sys
13:17:18.0169 0x0b34 tdx - ok
13:17:18.0185 0x0b34 [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\windows\System32\drivers\terminpt.sys
13:17:18.0201 0x0b34 terminpt - ok
13:17:18.0232 0x0b34 [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService C:\windows\System32\termsrv.dll
13:17:18.0294 0x0b34 TermService - ok
13:17:18.0326 0x0b34 [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\windows\system32\themeservice.dll
13:17:18.0373 0x0b34 Themes - ok
13:17:18.0388 0x0b34 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\windows\system32\mmcss.dll
13:17:18.0404 0x0b34 THREADORDER - ok
13:17:18.0466 0x0b34 [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\windows\System32\TimeBrokerServer.dll
13:17:18.0498 0x0b34 TimeBroker - ok
13:17:18.0529 0x0b34 [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\windows\system32\drivers\tpm.sys
13:17:18.0544 0x0b34 TPM - ok
13:17:18.0576 0x0b34 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\windows\System32\trkwks.dll
13:17:18.0591 0x0b34 TrkWks - ok
13:17:18.0669 0x0b34 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:17:18.0779 0x0b34 TrustedInstaller - ok
13:17:18.0795 0x0b34 [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
13:17:18.0826 0x0b34 TsUsbFlt - ok
13:17:18.0841 0x0b34 [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\windows\System32\drivers\TsUsbGD.sys
13:17:18.0857 0x0b34 TsUsbGD - ok
13:17:18.0873 0x0b34 [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
13:17:18.0904 0x0b34 tunnel - ok
13:17:18.0920 0x0b34 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\windows\system32\drivers\uagp35.sys
13:17:18.0920 0x0b34 uagp35 - ok
13:17:18.0935 0x0b34 [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\windows\System32\drivers\uaspstor.sys
13:17:19.0091 0x0b34 UASPStor - ok
13:17:19.0171 0x0b34 [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\windows\System32\drivers\ucx01000.sys
13:17:19.0187 0x0b34 UCX01000 - ok
13:17:19.0251 0x0b34 [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\windows\system32\DRIVERS\udfs.sys
13:17:19.0297 0x0b34 udfs - ok
13:17:19.0360 0x0b34 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\windows\system32\UI0Detect.exe
13:17:19.0391 0x0b34 UI0Detect - ok
13:17:19.0501 0x0b34 [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
13:17:19.0516 0x0b34 uliagpkx - ok
13:17:19.0516 0x0b34 [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\windows\System32\drivers\umbus.sys
13:17:19.0548 0x0b34 umbus - ok
13:17:19.0563 0x0b34 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\windows\System32\drivers\umpass.sys
13:17:19.0579 0x0b34 UmPass - ok
13:17:19.0594 0x0b34 [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\windows\System32\umrdp.dll
13:17:19.0626 0x0b34 UmRdpService - ok
13:17:19.0704 0x0b34 [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:17:19.0719 0x0b34 UNS - ok
13:17:19.0751 0x0b34 [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\windows\System32\upnphost.dll
13:17:19.0782 0x0b34 upnphost - ok
13:17:19.0816 0x0b34 [ 9E9F21FF91D7ECC0BCCB94D3FE52A959, 85461393D62ED939F6741C2D0A90C8AB34F4415173223BB4CFC119715D10E7A7 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
13:17:19.0847 0x0b34 usbaudio - ok
13:17:19.0878 0x0b34 [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\windows\System32\drivers\usbccgp.sys
13:17:19.0925 0x0b34 usbccgp - ok
13:17:19.0956 0x0b34 [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\windows\System32\drivers\usbcir.sys
13:17:19.0988 0x0b34 usbcir - ok
13:17:20.0003 0x0b34 [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\windows\System32\drivers\usbehci.sys
13:17:20.0019 0x0b34 usbehci - ok
13:17:20.0050 0x0b34 [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\windows\System32\drivers\usbhub.sys
13:17:20.0081 0x0b34 usbhub - ok
13:17:20.0222 0x0b34 [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3 C:\windows\System32\drivers\UsbHub3.sys
13:17:20.0332 0x0b34 USBHUB3 - ok
13:17:20.0347 0x0b34 [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\windows\System32\drivers\usbohci.sys
13:17:20.0410 0x0b34 usbohci - ok
13:17:20.0441 0x0b34 [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\windows\System32\drivers\usbprint.sys
13:17:20.0488 0x0b34 usbprint - ok
13:17:20.0519 0x0b34 [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\windows\System32\drivers\USBSTOR.SYS
13:17:20.0535 0x0b34 USBSTOR - ok
13:17:20.0566 0x0b34 [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\windows\System32\drivers\usbuhci.sys
13:17:20.0582 0x0b34 usbuhci - ok
13:17:20.0628 0x0b34 [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
13:17:20.0644 0x0b34 usbvideo - ok
13:17:20.0691 0x0b34 [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\windows\System32\drivers\USBXHCI.SYS
13:17:20.0707 0x0b34 USBXHCI - ok
13:17:20.0722 0x0b34 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc C:\windows\system32\lsass.exe
13:17:20.0738 0x0b34 VaultSvc - ok
13:17:20.0756 0x0b34 [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
13:17:20.0772 0x0b34 vdrvroot - ok
13:17:20.0803 0x0b34 [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\windows\System32\vds.exe
13:17:20.0881 0x0b34 vds - ok
13:17:20.0897 0x0b34 [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\windows\system32\drivers\VerifierExt.sys
13:17:20.0913 0x0b34 VerifierExt - ok
13:17:20.0944 0x0b34 [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp C:\windows\System32\drivers\vhdmp.sys
13:17:20.0960 0x0b34 vhdmp - ok
13:17:20.0975 0x0b34 [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\windows\system32\drivers\viaide.sys
13:17:20.0991 0x0b34 viaide - ok
13:17:21.0006 0x0b34 [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\windows\system32\drivers\vmbus.sys
13:17:21.0022 0x0b34 vmbus - ok
13:17:21.0038 0x0b34 [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\windows\System32\drivers\VMBusHID.sys
13:17:21.0053 0x0b34 VMBusHID - ok
13:17:21.0069 0x0b34 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\windows\System32\ICSvc.dll
13:17:21.0100 0x0b34 vmicheartbeat - ok
13:17:21.0100 0x0b34 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\windows\System32\ICSvc.dll
13:17:21.0116 0x0b34 vmickvpexchange - ok
13:17:21.0131 0x0b34 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\windows\System32\ICSvc.dll
13:17:21.0147 0x0b34 vmicrdv - ok
13:17:21.0147 0x0b34 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\windows\System32\ICSvc.dll
13:17:21.0163 0x0b34 vmicshutdown - ok
13:17:21.0178 0x0b34 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\windows\System32\ICSvc.dll
13:17:21.0194 0x0b34 vmictimesync - ok
13:17:21.0194 0x0b34 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\windows\System32\ICSvc.dll
13:17:21.0210 0x0b34 vmicvss - ok
13:17:21.0241 0x0b34 [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\windows\system32\drivers\volmgr.sys
13:17:21.0241 0x0b34 volmgr - ok
13:17:21.0256 0x0b34 [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
13:17:21.0288 0x0b34 volmgrx - ok
13:17:21.0319 0x0b34 [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap C:\windows\system32\drivers\volsnap.sys
13:17:21.0366 0x0b34 volsnap - ok
13:17:21.0397 0x0b34 [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\windows\System32\drivers\vpci.sys
13:17:21.0413 0x0b34 vpci - ok
13:17:21.0428 0x0b34 [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\windows\system32\drivers\vsmraid.sys
13:17:21.0444 0x0b34 vsmraid - ok
13:17:21.0506 0x0b34 [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS C:\windows\system32\vssvc.exe
13:17:21.0585 0x0b34 VSS - ok
13:17:21.0600 0x0b34 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\windows\system32\drivers\vstxraid.sys
13:17:21.0616 0x0b34 VSTXRAID - ok
13:17:21.0632 0x0b34 [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
13:17:21.0663 0x0b34 vwifibus - ok
13:17:21.0694 0x0b34 [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
13:17:21.0694 0x0b34 vwififlt - ok
13:17:21.0710 0x0b34 [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
13:17:21.0725 0x0b34 vwifimp - ok
13:17:21.0772 0x0b34 [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\windows\system32\w32time.dll
13:17:21.0803 0x0b34 W32Time - ok
13:17:21.0819 0x0b34 [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\windows\System32\drivers\wacompen.sys
13:17:21.0850 0x0b34 WacomPen - ok
13:17:21.0866 0x0b34 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys
13:17:21.0882 0x0b34 Wanarp - ok
13:17:21.0882 0x0b34 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
13:17:21.0897 0x0b34 Wanarpv6 - ok
13:17:21.0975 0x0b34 [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\windows\system32\wbengine.exe
13:17:22.0086 0x0b34 wbengine - ok
13:17:22.0117 0x0b34 [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\windows\System32\wbiosrvc.dll
13:17:22.0148 0x0b34 WbioSrvc - ok
13:17:22.0179 0x0b34 [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc C:\windows\System32\wcmsvc.dll
13:17:22.0336 0x0b34 Wcmsvc - ok
13:17:22.0382 0x0b34 [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\windows\System32\wcncsvc.dll
13:17:22.0429 0x0b34 wcncsvc - ok
13:17:22.0445 0x0b34 [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
13:17:22.0539 0x0b34 WcsPlugInService - ok
13:17:22.0554 0x0b34 [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\windows\system32\drivers\wd.sys
13:17:22.0570 0x0b34 Wd - ok
13:17:22.0586 0x0b34 [ 3772FF85F0098686B0DCD77076AE0786, 8B0221F6003C53856676FFD9CDCFF43DF29B410AB2F340C10BB858F0E6EC14CE ] WdBoot C:\windows\system32\drivers\WdBoot.sys
13:17:22.0601 0x0b34 WdBoot - ok
13:17:22.0632 0x0b34 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
13:17:22.0664 0x0b34 Wdf01000 - ok
13:17:22.0679 0x0b34 [ AB6F7DE8BFBF61A42F8764D9A621BD8B, DEFDC9FDC0B234403EE1339105B8D12B486D77B3BA01A703339B5DB8B95FA4D8 ] WdFilter C:\windows\system32\drivers\WdFilter.sys
13:17:22.0695 0x0b34 WdFilter - ok
13:17:22.0726 0x0b34 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\windows\system32\wdi.dll
13:17:22.0742 0x0b34 WdiServiceHost - ok
13:17:22.0742 0x0b34 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\windows\system32\wdi.dll
13:17:22.0757 0x0b34 WdiSystemHost - ok
13:17:22.0820 0x0b34 [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\windows\System32\webclnt.dll
13:17:22.0851 0x0b34 WebClient - ok
13:17:22.0882 0x0b34 [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\windows\system32\wecsvc.dll
13:17:22.0914 0x0b34 Wecsvc - ok
13:17:22.0929 0x0b34 [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\windows\System32\wercplsupport.dll
13:17:23.0023 0x0b34 wercplsupport - ok
13:17:23.0054 0x0b34 [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\windows\System32\WerSvc.dll
13:17:23.0132 0x0b34 WerSvc - ok
13:17:23.0148 0x0b34 [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS C:\windows\system32\DRIVERS\wfplwfs.sys
13:17:23.0164 0x0b34 WFPLWFS - ok
13:17:23.0195 0x0b34 [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\windows\System32\wiarpc.dll
13:17:23.0211 0x0b34 WiaRpc - ok
13:17:23.0242 0x0b34 [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\windows\system32\drivers\wimmount.sys
13:17:23.0257 0x0b34 WIMMount - ok
13:17:23.0289 0x0b34 WinDefend - ok
13:17:23.0351 0x0b34 [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
13:17:23.0414 0x0b34 WinHttpAutoProxySvc - ok
13:17:23.0476 0x0b34 [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
13:17:23.0507 0x0b34 Winmgmt - ok
13:17:23.0601 0x0b34 [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM C:\windows\system32\WsmSvc.dll
13:17:23.0679 0x0b34 WinRM - ok
13:17:23.0726 0x0b34 [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
13:17:23.0742 0x0b34 WinUsb - ok
13:17:23.0804 0x0b34 [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\windows\System32\wlansvc.dll
13:17:23.0851 0x0b34 WlanSvc - ok
13:17:23.0929 0x0b34 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\windows\system32\wlidsvc.dll
13:17:24.0023 0x0b34 wlidsvc - ok
13:17:24.0039 0x0b34 [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\windows\System32\drivers\wmiacpi.sys
13:17:24.0054 0x0b34 WmiAcpi - ok
13:17:24.0086 0x0b34 [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
13:17:24.0101 0x0b34 wmiApSrv - ok
13:17:24.0133 0x0b34 WMPNetworkSvc - ok
13:17:24.0148 0x0b34 [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\windows\system32\DRIVERS\wpcfltr.sys
13:17:24.0195 0x0b34 wpcfltr - ok
13:17:24.0211 0x0b34 [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\windows\System32\wpcsvc.dll
13:17:24.0226 0x0b34 WPCSvc - ok
13:17:24.0243 0x0b34 [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
13:17:24.0305 0x0b34 WPDBusEnum - ok
13:17:24.0321 0x0b34 [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\windows\system32\drivers\WpdUpFltr.sys
13:17:24.0352 0x0b34 WpdUpFltr - ok
13:17:24.0399 0x0b34 [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
13:17:24.0414 0x0b34 ws2ifsl - ok
13:17:24.0446 0x0b34 [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\windows\system32\wscsvc.dll
13:17:24.0508 0x0b34 wscsvc - ok
13:17:24.0508 0x0b34 WSearch - ok
13:17:24.0696 0x0b34 [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\windows\System32\WSService.dll
13:17:24.0805 0x0b34 WSService - ok
13:17:24.0915 0x0b34 [ 10EA2DBD2820A504D98D19F5EDAAFC04, 5B84D7C169CBAEBCE4A03BB89426E74DBF5AFCA1F8FDE2A5BC1006A8464D7E24 ] wuauserv C:\windows\system32\wuaueng.dll
13:17:25.0086 0x0b34 wuauserv - ok
13:17:25.0102 0x0b34 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
13:17:25.0133 0x0b34 WudfPf - ok
13:17:25.0149 0x0b34 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP C:\windows\system32\DRIVERS\WUDFRd.sys
13:17:25.0180 0x0b34 WUDFSensorLP - ok
13:17:25.0227 0x0b34 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
13:17:25.0227 0x0b34 wudfsvc - ok
13:17:25.0258 0x0b34 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\windows\system32\DRIVERS\WUDFRd.sys
13:17:25.0274 0x0b34 WUDFWpdFs - ok
13:17:25.0274 0x0b34 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp C:\windows\system32\DRIVERS\WUDFRd.sys
13:17:25.0290 0x0b34 WUDFWpdMtp - ok
13:17:25.0336 0x0b34 [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\windows\System32\wwansvc.dll
13:17:25.0368 0x0b34 WwanSvc - ok
13:17:25.0415 0x0b34 [ 918C73F0275D7813E6F01E100B39DBD9, 06D08C9B0894A307A4D215B445A5EA08CD53DEA19526FECBB4ADDB833D1070D1 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
13:17:25.0446 0x0b34 ZAtheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
13:17:27.0871 0x0b34 Detect skipped due to KSN trusted
13:17:27.0871 0x0b34 ZAtheros Bt&Wlan Coex Agent - ok
13:17:27.0887 0x0b34 ================ Scan global ===============================
13:17:27.0996 0x0b34 [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\windows\system32\basesrv.dll
13:17:28.0027 0x0b34 [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\windows\system32\winsrv.dll
13:17:28.0043 0x0b34 [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\windows\system32\sxssrv.dll
13:17:28.0074 0x0b34 [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\windows\system32\services.exe
13:17:28.0090 0x0b34 [ Global ] - ok
13:17:28.0090 0x0b34 ================ Scan MBR ==================================
13:17:28.0090 0x0b34 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:17:28.0246 0x0b34 \Device\Harddisk0\DR0 - ok
13:17:28.0246 0x0b34 ================ Scan VBR ==================================
13:17:28.0246 0x0b34 [ 1FC715F2428BA6E96A6F124B92E56B6A ] \Device\Harddisk0\DR0\Partition1
13:17:28.0278 0x0b34 \Device\Harddisk0\DR0\Partition1 - ok
13:17:28.0293 0x0b34 [ 5DDE506F3FC7D38EA5A21189EB0B01D3 ] \Device\Harddisk0\DR0\Partition2
13:17:28.0293 0x0b34 \Device\Harddisk0\DR0\Partition2 - ok
13:17:28.0309 0x0b34 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
13:17:28.0309 0x0b34 \Device\Harddisk0\DR0\Partition3 - ok
13:17:28.0309 0x0b34 [ BB8589C567F65DF46E5BFA6D7423EA1E ] \Device\Harddisk0\DR0\Partition4
13:17:28.0324 0x0b34 \Device\Harddisk0\DR0\Partition4 - ok
13:17:28.0356 0x0b34 [ E532332B129E69B1D410A7B867757292 ] \Device\Harddisk0\DR0\Partition5
13:17:28.0371 0x0b34 \Device\Harddisk0\DR0\Partition5 - ok
13:17:28.0371 0x0b34 [ EF6FF3C44BF364AA3EA34DF71733DFAE ] \Device\Harddisk0\DR0\Partition6
13:17:28.0371 0x0b34 \Device\Harddisk0\DR0\Partition6 - ok
13:17:28.0371 0x0b34 ================ Scan generic autorun ======================
13:17:28.0793 0x0b34 [ C2A0B14B6E6555CF9D53ECB142465697, 9611506ED174E82516CB1614BFE5730B0BDDE76D58574D0406C1FED873F6308D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:17:29.0012 0x0b34 RtHDVCpl - ok
13:17:29.0059 0x0b34 [ BED2FC346920A8B9F5B6CA9417A50E8F, 8F4B3E6987CA3BDB9D7C6DC59CB6578C26E95760E1D72FF78E89D76787FFECFA ] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
13:17:29.0074 0x0b34 BtTray - ok
13:17:29.0090 0x0b34 [ 4518F9E8966D584FF52B2D3A65E2320D, 9F3225B91B478C8A0B836F2F3E28014F144109C10A445FA162FA2AF6C3B716E9 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
13:17:29.0106 0x0b34 BtvStack - ok
13:17:29.0106 0x0b34 ETDCtrl - ok
13:17:29.0137 0x0b34 [ 895CD1F7D684E8677F2C50A8D2E86DC1, 6B3D2C1BA6D43363F3CD992F1AB5CF0AC9AD846CFD2A8CAE5CEA662DC315F411 ] C:\windows\system32\igfxtray.exe
13:17:29.0137 0x0b34 IgfxTray - ok
13:17:29.0153 0x0b34 [ DB2325FF9DF15B943E9A7E678E2CEF57, C22D257DB000FFB1B90E094CE8358D04A5885E6C789CA2A4125AEFE948C5ECD5 ] C:\windows\system32\hkcmd.exe
13:17:29.0168 0x0b34 HotKeysCmds - ok
13:17:29.0199 0x0b34 [ 1F17B098A2F9F7B7E7B00F4B679F5709, BD80A42D328A0D0C21E10A272E5144ACDEA1311FFD252D4664EE4F5D35B71826 ] C:\windows\system32\igfxpers.exe
13:17:29.0199 0x0b34 Persistence - ok
13:17:29.0246 0x0b34 [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
13:17:29.0262 0x0b34 Intel AppUp(SM) center - ok
13:17:29.0324 0x0b34 [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
13:17:29.0340 0x0b34 CLMLServer_For_P2G8 - ok
13:17:29.0356 0x0b34 [ 44C5C8A5DF192FDC4D530F57612FA49C, DD8D69698361CBD042AEB69BC040DAD92BB642429B68A9169247E1A8A96D391D ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
13:17:29.0371 0x0b34 CLVirtualDrive - ok
13:17:29.0418 0x0b34 [ AE29724E282EDBE7D0F49E9982642EFD, E7637C08A35F1D7AF810500804FAC45557C5598FA887BE26484B50D305213658 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
13:17:29.0434 0x0b34 RemoteControl10 - ok
13:17:29.0465 0x0b34 [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:17:29.0465 0x0b34 SunJavaUpdateSched - ok
13:17:29.0574 0x0b34 [ 776F1F9447FDA3F568EC6D1FB74DDD27, A53409B29ACDDB901D395EC4217F5BF366B3F8AFF2817B007AC7558505D18863 ] C:\Program Files (x86)\Steam\Steam.exe
13:17:29.0621 0x0b34 Steam - ok
13:17:29.0621 0x0b34 Waiting for KSN requests completion. In queue: 14
13:17:30.0646 0x0b34 Waiting for KSN requests completion. In queue: 12
13:17:31.0650 0x0b34 Waiting for KSN requests completion. In queue: 12
13:17:32.0652 0x0b34 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
13:17:32.0699 0x0b34 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
13:17:32.0699 0x0b34 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x41010 ( enabled )
13:17:35.0044 0x0b34 ============================================================
13:17:35.0044 0x0b34 Scan finished
13:17:35.0044 0x0b34 ============================================================
13:17:35.0044 0x0930 Detected object count: 0
13:17:35.0044 0x0930 Actual detected object count: 0
|
|
17.10.2014, 12:45
| #4 |
| | Windows 8: langsames Internet und Umleitungen auf Werbeseiten Ich habe das Programm noch einmal laufen lassen und es sind 2 Bedrohungen gefunden worden. Code:
ATTFilter 13:27:33.0332 0x132c TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
13:27:33.0332 0x132c UEFI system
13:27:35.0535 0x132c ============================================================
13:27:35.0535 0x132c Current date / time: 2014/10/17 13:27:35.0535
13:27:35.0535 0x132c SystemInfo:
13:27:35.0535 0x132c
13:27:35.0535 0x132c OS Version: 6.2.9200 ServicePack: 0.0
13:27:35.0535 0x132c Product type: Workstation
13:27:35.0535 0x132c ComputerName: ELIAS-PC
13:27:35.0535 0x132c UserName: Elias
13:27:35.0535 0x132c Windows directory: C:\windows
13:27:35.0535 0x132c System windows directory: C:\windows
13:27:35.0535 0x132c Running under WOW64
13:27:35.0535 0x132c Processor architecture: Intel x64
13:27:35.0535 0x132c Number of processors: 4
13:27:35.0535 0x132c Page size: 0x1000
13:27:35.0535 0x132c Boot type: Normal boot
13:27:35.0535 0x132c ============================================================
13:27:37.0020 0x132c KLMD registered as C:\windows\system32\drivers\94036558.sys
13:27:37.0567 0x132c System UUID: {D8B20880-A826-136F-A4B7-110A8B966F26}
13:27:38.0348 0x132c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:27:38.0364 0x132c ============================================================
13:27:38.0364 0x132c \Device\Harddisk0\DR0:
13:27:38.0364 0x132c GPT partitions:
13:27:38.0364 0x132c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {118EA028-1713-43C0-909C-37C4E9E17B62}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
13:27:38.0364 0x132c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {14AC08E6-8D77-4270-80B7-27F9676D7685}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
13:27:38.0364 0x132c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {11BD816E-0D91-424D-AC43-6C9107922E53}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
13:27:38.0364 0x132c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {15F4A025-5EF9-49D1-8C93-8EE5F0688354}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x370FA801
13:27:38.0364 0x132c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3F8CDA94-01D3-48DB-AD67-9852013F4EAC}, Name: Basic data partition, StartLBA 0x372CB001, BlocksNum 0x2EBB000
13:27:38.0364 0x132c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F98CC789-F9B9-40F0-4173-636C65706975}, Name: Basic data partition, StartLBA 0x3A186001, BlocksNum 0x200000
13:27:38.0364 0x132c MBR partitions:
13:27:38.0364 0x132c ============================================================
13:27:38.0379 0x132c C: <-> \Device\Harddisk0\DR0\Partition4
13:27:38.0379 0x132c ============================================================
13:27:38.0379 0x132c Initialize success
13:27:38.0379 0x132c ============================================================
13:28:10.0275 0x111c ============================================================
13:28:10.0275 0x111c Scan started
13:28:10.0275 0x111c Mode: Manual; SigCheck; TDLFS;
13:28:10.0275 0x111c ============================================================
13:28:10.0275 0x111c KSN ping started
13:28:10.0290 0x111c KSN ping finished: false
13:28:12.0072 0x111c ================ Scan system memory ========================
13:28:12.0072 0x111c System memory - ok
13:28:12.0072 0x111c ================ Scan services =============================
13:28:12.0541 0x111c [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\windows\System32\drivers\1394ohci.sys
13:28:12.0681 0x111c 1394ohci - ok
13:28:12.0728 0x111c [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\windows\system32\drivers\3ware.sys
13:28:12.0744 0x111c 3ware - ok
13:28:12.0791 0x111c [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\windows\system32\drivers\ACPI.sys
13:28:12.0806 0x111c ACPI - ok
13:28:12.0822 0x111c [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\windows\system32\Drivers\acpiex.sys
13:28:12.0838 0x111c acpiex - ok
13:28:12.0853 0x111c [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\windows\System32\drivers\acpipagr.sys
13:28:12.0869 0x111c acpipagr - ok
13:28:12.0900 0x111c [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\windows\System32\drivers\acpipmi.sys
13:28:12.0963 0x111c AcpiPmi - ok
13:28:12.0978 0x111c [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\windows\System32\drivers\acpitime.sys
13:28:13.0009 0x111c acpitime - ok
13:28:13.0056 0x111c [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\windows\system32\drivers\adp94xx.sys
13:28:13.0072 0x111c adp94xx - ok
13:28:13.0088 0x111c [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\windows\system32\drivers\adpahci.sys
13:28:13.0103 0x111c adpahci - ok
13:28:13.0197 0x111c [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\windows\system32\drivers\adpu320.sys
13:28:13.0244 0x111c adpu320 - ok
13:28:13.0291 0x111c [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc C:\windows\System32\aelupsvc.dll
13:28:13.0431 0x111c AeLookupSvc - ok
13:28:13.0650 0x111c [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD C:\windows\system32\drivers\afd.sys
13:28:13.0869 0x111c AFD - ok
13:28:13.0916 0x111c [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\windows\system32\drivers\agp440.sys
13:28:13.0931 0x111c agp440 - ok
13:28:13.0963 0x111c [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\windows\System32\alg.exe
13:28:14.0134 0x111c ALG - ok
13:28:14.0181 0x111c [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
13:28:14.0306 0x111c AllUserInstallAgent - ok
13:28:14.0384 0x111c [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\windows\System32\drivers\amdk8.sys
13:28:14.0525 0x111c AmdK8 - ok
13:28:14.0572 0x111c [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\windows\System32\drivers\amdppm.sys
13:28:14.0634 0x111c AmdPPM - ok
13:28:14.0728 0x111c [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\windows\system32\drivers\amdsata.sys
13:28:14.0760 0x111c amdsata - ok
13:28:14.0838 0x111c [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
13:28:14.0853 0x111c amdsbs - ok
13:28:14.0931 0x111c [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\windows\system32\drivers\amdxata.sys
13:28:14.0963 0x111c amdxata - ok
13:28:14.0994 0x111c [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\windows\system32\drivers\appid.sys
13:28:15.0197 0x111c AppID - ok
13:28:15.0228 0x111c [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\windows\System32\appidsvc.dll
13:28:15.0306 0x111c AppIDSvc - ok
13:28:15.0338 0x111c [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\windows\System32\appinfo.dll
13:28:15.0541 0x111c Appinfo - ok
13:28:15.0588 0x111c [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\windows\system32\drivers\arc.sys
13:28:15.0588 0x111c arc - ok
13:28:15.0603 0x111c [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\windows\system32\drivers\arcsas.sys
13:28:15.0635 0x111c arcsas - ok
13:28:15.0650 0x111c [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
13:28:15.0697 0x111c AsyncMac - ok
13:28:15.0728 0x111c [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\windows\system32\drivers\atapi.sys
13:28:15.0728 0x111c atapi - ok
13:28:15.0760 0x111c [ 4885C14A6AB6969B5773A42DA0BA3DA4, E317E1E299543FBD9853C71E1CF8019343B6234B9AAF56ABF48C41BB7743490B ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
13:28:15.0775 0x111c AthBTPort - ok
13:28:15.0931 0x111c [ 7CA5397A47843B0BD36898F32F2D403B, 40BACD955FDF2E469AA20910203CEB97B7C7D94C04E15723D99ED2C577AD14CF ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
13:28:15.0947 0x111c AtherosSvc - ok
13:28:16.0400 0x111c [ F17ABC4AA1FE4989E812858261414FE5, 6C24F7F498AB7D02DF35E1FD7621C29E81BD4C774F37AAC04A49B35A930775A2 ] athr C:\windows\system32\DRIVERS\athw8x.sys
13:28:16.0681 0x111c athr - ok
13:28:16.0713 0x111c [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
13:28:16.0822 0x111c AudioEndpointBuilder - ok
13:28:16.0853 0x111c [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv C:\windows\System32\Audiosrv.dll
13:28:16.0900 0x111c Audiosrv - ok
13:28:16.0994 0x111c [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
13:28:16.0994 0x111c AVP - ok
13:28:17.0041 0x111c [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\windows\System32\AxInstSV.dll
13:28:17.0103 0x111c AxInstSV - ok
13:28:17.0135 0x111c [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
13:28:17.0166 0x111c b06bdrv - ok
13:28:17.0182 0x111c [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\windows\System32\drivers\BasicDisplay.sys
13:28:17.0275 0x111c BasicDisplay - ok
13:28:17.0291 0x111c [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\windows\System32\drivers\BasicRender.sys
13:28:17.0307 0x111c BasicRender - ok
13:28:17.0338 0x111c [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\windows\System32\bdesvc.dll
13:28:17.0400 0x111c BDESVC - ok
13:28:17.0416 0x111c [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\windows\system32\drivers\Beep.sys
13:28:17.0478 0x111c Beep - ok
13:28:17.0525 0x111c [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE C:\windows\System32\bfe.dll
13:28:17.0603 0x111c BFE - ok
13:28:17.0635 0x111c [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\windows\System32\qmgr.dll
13:28:17.0791 0x111c BITS - ok
13:28:17.0807 0x111c [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
13:28:17.0885 0x111c bowser - ok
13:28:17.0900 0x111c [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
13:28:17.0963 0x111c BrokerInfrastructure - ok
13:28:17.0978 0x111c [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\windows\System32\browser.dll
13:28:18.0072 0x111c Browser - ok
13:28:18.0150 0x111c [ 942F3F6286056D6BBB5B02ED2B7088BD, 9F187C480BD40815ECFFC208BD1B00ACDFAD16899B4C8BE79C803FE48E322EA0 ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
13:28:18.0182 0x111c BTATH_A2DP - ok
13:28:18.0182 0x111c [ 43C965027229D9FF6E52E4C71C03B09E, AF0E39EAD8B17A65F885272BEF12BF91578289C183FB39BB803183BE0E5547D1 ] btath_avdt C:\windows\system32\drivers\btath_avdt.sys
13:28:18.0213 0x111c btath_avdt - ok
13:28:18.0228 0x111c [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9 ] BTATH_BUS C:\windows\System32\drivers\btath_bus.sys
13:28:18.0228 0x111c BTATH_BUS - ok
13:28:18.0244 0x111c [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F ] BTATH_HCRP C:\windows\System32\drivers\btath_hcrp.sys
13:28:18.0260 0x111c BTATH_HCRP - ok
13:28:18.0275 0x111c [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
13:28:18.0291 0x111c BTATH_LWFLT - ok
13:28:18.0307 0x111c [ EC7BB341229E9E6B04349580F55218B2, 4227CE6787DD1432EB054B1EE85C399188A61B23E2E8B0B615DA101C4AABD6C0 ] BTATH_RCP C:\windows\System32\drivers\btath_rcp.sys
13:28:18.0307 0x111c BTATH_RCP - ok
13:28:18.0338 0x111c [ CBF4EF7E9FE86CE0CAB0A6472DE34A1C, 7E4B410E1BC0BBC3B7CECF4B7396070E3FFB99D73CF185CBF38E65A79DDBB780 ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
13:28:18.0416 0x111c BtFilter - ok
13:28:18.0432 0x111c [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg C:\windows\System32\drivers\BthAvrcpTg.sys
13:28:18.0478 0x111c BthAvrcpTg - ok
13:28:18.0510 0x111c [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum C:\windows\System32\drivers\BthEnum.sys
13:28:18.0603 0x111c BthEnum - ok
13:28:18.0619 0x111c [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\windows\System32\drivers\bthhfenum.sys
13:28:18.0713 0x111c BthHFEnum - ok
13:28:18.0744 0x111c [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\windows\System32\drivers\BthHFHid.sys
13:28:18.0822 0x111c bthhfhid - ok
13:28:18.0853 0x111c [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum C:\windows\system32\DRIVERS\BthLEEnum.sys
13:28:18.0885 0x111c BthLEEnum - ok
13:28:18.0916 0x111c [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\windows\System32\drivers\bthmodem.sys
13:28:18.0932 0x111c BTHMODEM - ok
13:28:18.0978 0x111c [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
13:28:19.0025 0x111c BthPan - ok
13:28:19.0072 0x111c [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
13:28:19.0119 0x111c BTHPORT - ok
13:28:19.0150 0x111c [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\windows\system32\bthserv.dll
13:28:19.0166 0x111c bthserv - ok
13:28:19.0197 0x111c [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
13:28:19.0213 0x111c BTHUSB - ok
13:28:19.0244 0x111c [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
13:28:19.0291 0x111c cdfs - ok
13:28:19.0307 0x111c [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\windows\System32\drivers\cdrom.sys
13:28:19.0369 0x111c cdrom - ok
13:28:19.0400 0x111c [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\windows\System32\certprop.dll
13:28:19.0432 0x111c CertPropSvc - ok
13:28:19.0447 0x111c [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\windows\System32\drivers\circlass.sys
13:28:19.0478 0x111c circlass - ok
13:28:19.0510 0x111c [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS C:\windows\system32\drivers\CLFS.sys
13:28:19.0525 0x111c CLFS - ok
13:28:19.0978 0x111c [ EDAD3D6932E4CB7D92F19FEE0238C29D, 8AE3F923CDBBF08ABB401B53D7E743DBD91C64E28AB7A17D7BAB1EF585A8FE4F ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
13:28:20.0104 0x111c ClickToRunSvc - ok
13:28:20.0135 0x111c [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\windows\system32\DRIVERS\CLVirtualDrive.sys
13:28:20.0135 0x111c CLVirtualDrive - ok
13:28:20.0150 0x111c [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\windows\System32\drivers\CmBatt.sys
13:28:20.0197 0x111c CmBatt - ok
13:28:20.0307 0x111c [ DBF9E5346431557BF56F41E7F8EC0DC1, D5FA34C873DA9BE40301D53198355556506AB5145B78B14D0AA88570A0058589 ] CNG C:\windows\system32\Drivers\cng.sys
13:28:20.0338 0x111c CNG - ok
13:28:20.0369 0x111c [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\windows\System32\drivers\CompositeBus.sys
13:28:20.0400 0x111c CompositeBus - ok
13:28:20.0400 0x111c COMSysApp - ok
13:28:20.0432 0x111c [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\windows\system32\drivers\condrv.sys
13:28:20.0479 0x111c condrv - ok
13:28:20.0713 0x111c [ C6D620A69098AB17EBD5C0CAADA1D7DC, 26E52579F2CB12121F927039E9068AA0515803653BEE1101C3FCF4DF696C19C2 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
13:28:20.0744 0x111c cphs - ok
13:28:20.0775 0x111c [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\windows\system32\cryptsvc.dll
13:28:20.0838 0x111c CryptSvc - ok
13:28:20.0869 0x111c [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\windows\system32\drivers\dam.sys
13:28:20.0885 0x111c dam - ok
13:28:20.0932 0x111c [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\windows\system32\rpcss.dll
13:28:21.0025 0x111c DcomLaunch - ok
13:28:21.0072 0x111c [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc C:\windows\System32\defragsvc.dll
13:28:21.0150 0x111c defragsvc - ok
13:28:21.0166 0x111c [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\windows\system32\das.dll
13:28:21.0275 0x111c DeviceAssociationService - ok
13:28:21.0307 0x111c [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\windows\system32\umpnpmgr.dll
13:28:21.0338 0x111c DeviceInstall - ok
13:28:21.0369 0x111c [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc C:\windows\system32\Drivers\dfsc.sys
13:28:21.0447 0x111c Dfsc - ok
13:28:21.0494 0x111c [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\windows\system32\dhcpcore.dll
13:28:21.0572 0x111c Dhcp - ok
13:28:21.0604 0x111c [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\windows\system32\drivers\discache.sys
13:28:21.0619 0x111c discache - ok
13:28:21.0635 0x111c [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk C:\windows\system32\drivers\disk.sys
13:28:21.0650 0x111c disk - ok
13:28:21.0650 0x111c [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\windows\System32\drivers\dmvsc.sys
13:28:21.0729 0x111c dmvsc - ok
13:28:21.0760 0x111c [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache C:\windows\System32\dnsrslvr.dll
13:28:21.0838 0x111c Dnscache - ok
13:28:21.0869 0x111c [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\windows\System32\dot3svc.dll
13:28:21.0916 0x111c dot3svc - ok
13:28:21.0932 0x111c [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\windows\system32\dps.dll
13:28:21.0947 0x111c DPS - ok
13:28:21.0979 0x111c [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
13:28:22.0072 0x111c drmkaud - ok
13:28:22.0104 0x111c [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc C:\windows\System32\DeviceSetupManager.dll
13:28:22.0135 0x111c DsmSvc - ok
13:28:22.0260 0x111c [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
13:28:22.0322 0x111c DXGKrnl - ok
13:28:22.0354 0x111c [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\windows\System32\eapsvc.dll
13:28:22.0400 0x111c Eaphost - ok
13:28:22.0635 0x111c [ 843E8B2127D7283845E29E6176C15887, F755EB9B8DEAE9B5E90D7729A3A9B3B74B3D1B6A2775BDC82624F4D80D0DCCD3 ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
13:28:22.0682 0x111c Easy Launcher - ok
13:28:23.0182 0x111c [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\windows\system32\drivers\evbda.sys
13:28:23.0354 0x111c ebdrv - ok
13:28:23.0385 0x111c [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS C:\windows\System32\lsass.exe
13:28:23.0447 0x111c EFS - ok
13:28:23.0463 0x111c [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\windows\system32\drivers\EhStorClass.sys
13:28:23.0479 0x111c EhStorClass - ok
13:28:23.0494 0x111c [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\windows\system32\drivers\EhStorTcgDrv.sys
13:28:23.0510 0x111c EhStorTcgDrv - ok
13:28:23.0541 0x111c [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\windows\System32\drivers\errdev.sys
13:28:23.0541 0x111c ErrDev - ok
13:28:23.0572 0x111c [ 6073E00157E6D99FC8D0D0CC8EF61DF9, E30A7F1FD5E15F0705CB382CF7D9A879C56AE58947A7AB81AC3F47DCE2678B04 ] ETD C:\windows\system32\DRIVERS\ETD.sys
13:28:23.0588 0x111c ETD - ok
13:28:23.0635 0x111c [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\windows\system32\es.dll
13:28:23.0697 0x111c EventSystem - ok
13:28:23.0729 0x111c [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\windows\system32\drivers\exfat.sys
13:28:23.0744 0x111c exfat - ok
13:28:23.0776 0x111c [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\windows\system32\drivers\fastfat.sys
13:28:23.0776 0x111c fastfat - ok
13:28:23.0822 0x111c [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\windows\system32\fxssvc.exe
13:28:23.0885 0x111c Fax - ok
13:28:23.0916 0x111c [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\windows\System32\drivers\fdc.sys
13:28:23.0947 0x111c fdc - ok
13:28:23.0979 0x111c [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\windows\system32\fdPHost.dll
13:28:24.0010 0x111c fdPHost - ok
13:28:24.0026 0x111c [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\windows\system32\fdrespub.dll
13:28:24.0088 0x111c FDResPub - ok
13:28:24.0119 0x111c [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\windows\system32\fhsvc.dll
13:28:24.0182 0x111c fhsvc - ok
13:28:24.0197 0x111c [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
13:28:24.0213 0x111c FileInfo - ok
13:28:24.0229 0x111c [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\windows\system32\drivers\filetrace.sys
13:28:24.0260 0x111c Filetrace - ok
13:28:24.0276 0x111c [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\windows\System32\drivers\flpydisk.sys
13:28:24.0291 0x111c flpydisk - ok
13:28:24.0322 0x111c [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
13:28:24.0338 0x111c FltMgr - ok
13:28:24.0557 0x111c [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache C:\windows\system32\FntCache.dll
13:28:24.0651 0x111c FontCache - ok
13:28:24.0776 0x111c [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:28:24.0791 0x111c FontCache3.0.0.0 - ok
13:28:24.0823 0x111c [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
13:28:24.0838 0x111c FsDepends - ok
13:28:24.0869 0x111c [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
13:28:24.0869 0x111c Fs_Rec - ok
13:28:24.0916 0x111c [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
13:28:24.0932 0x111c fvevol - ok
13:28:24.0963 0x111c [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\windows\System32\drivers\fxppm.sys
13:28:25.0010 0x111c FxPPM - ok
13:28:25.0041 0x111c [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
13:28:25.0041 0x111c gagp30kx - ok
13:28:25.0073 0x111c [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\windows\System32\drivers\vmgencounter.sys
13:28:25.0088 0x111c gencounter - ok
13:28:25.0119 0x111c [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101 C:\windows\system32\Drivers\msgpioclx.sys
13:28:25.0135 0x111c GPIOClx0101 - ok
13:28:25.0182 0x111c [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\windows\System32\gpsvc.dll
13:28:25.0276 0x111c gpsvc - ok
13:28:25.0323 0x111c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:28:25.0354 0x111c gupdate - ok
13:28:25.0354 0x111c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:28:25.0354 0x111c gupdatem - ok
13:28:25.0385 0x111c [ 4373CB2FFCF35EAAA853DB2FE45A40DC, 3FCF6A53AF63722FAAD6ABC94DA093EBD766B0728CD0E64EAB1BEC369CC998C9 ] Hamachi C:\windows\system32\DRIVERS\Hamdrv.sys
13:28:25.0385 0x111c Hamachi - ok
13:28:25.0432 0x111c [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
13:28:25.0479 0x111c HdAudAddService - ok
13:28:25.0526 0x111c [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus C:\windows\System32\drivers\HDAudBus.sys
13:28:25.0573 0x111c HDAudBus - ok
13:28:25.0588 0x111c [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\windows\System32\drivers\HidBatt.sys
13:28:25.0604 0x111c HidBatt - ok
13:28:25.0635 0x111c [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\windows\System32\drivers\hidbth.sys
13:28:25.0682 0x111c HidBth - ok
13:28:25.0713 0x111c [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\windows\System32\drivers\hidi2c.sys
13:28:25.0823 0x111c hidi2c - ok
13:28:25.0854 0x111c [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\windows\System32\drivers\hidir.sys
13:28:25.0885 0x111c HidIr - ok
13:28:25.0916 0x111c [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\windows\System32\hidserv.dll
13:28:25.0932 0x111c hidserv - ok
13:28:25.0963 0x111c [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\windows\System32\drivers\hidusb.sys
13:28:26.0088 0x111c HidUsb - ok
13:28:26.0119 0x111c [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\windows\system32\kmsvc.dll
13:28:26.0166 0x111c hkmsvc - ok
13:28:26.0198 0x111c [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:28:26.0244 0x111c HomeGroupListener - ok
13:28:26.0291 0x111c [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:28:26.0354 0x111c HomeGroupProvider - ok
13:28:26.0369 0x111c [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
13:28:26.0385 0x111c HpSAMD - ok
13:28:26.0416 0x111c [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP C:\windows\system32\drivers\HTTP.sys
13:28:26.0479 0x111c HTTP - ok
13:28:26.0510 0x111c [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
13:28:26.0510 0x111c hwpolicy - ok
13:28:26.0541 0x111c [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\windows\System32\drivers\hyperkbd.sys
13:28:26.0573 0x111c hyperkbd - ok
13:28:26.0588 0x111c [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\windows\system32\DRIVERS\HyperVideo.sys
13:28:26.0604 0x111c HyperVideo - ok
13:28:26.0635 0x111c [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\windows\System32\drivers\i8042prt.sys
13:28:26.0698 0x111c i8042prt - ok
13:28:26.0729 0x111c [ 050F2539E14F9D5E90A4B61738EC29BD, 0E65468B9F452FA7DB6DF2C1B2B2E9439C79031E27054FBDBDFE28A9F98721D7 ] iaStorA C:\windows\system32\drivers\iaStorA.sys
13:28:26.0744 0x111c iaStorA - ok
13:28:26.0838 0x111c [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
13:28:26.0885 0x111c iaStorV - ok
13:28:27.0026 0x111c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:28:27.0057 0x111c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
13:28:27.0104 0x111c IDriverT ( UnsignedFile.Multi.Generic ) - warning
13:28:27.0870 0x111c [ 11A31FC2481BFE69B0507ED8C80215F4, 8A1E90611F749E8F04B6D86E835E981CAC16D0841305CADB19E58682DA006698 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
13:28:28.0323 0x111c igfx - ok
13:28:28.0354 0x111c [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\windows\system32\drivers\iirsp.sys
13:28:28.0354 0x111c iirsp - ok
13:28:28.0416 0x111c [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT C:\windows\System32\ikeext.dll
13:28:28.0479 0x111c IKEEXT - ok
13:28:28.0791 0x111c [ 8524178B895E4BC04776B319DA3A70EC, A635EADF6E8BD985B730F2737E8DA36AC71E8FEB759787ECB24D955176622AD2 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
13:28:28.0932 0x111c IntcAzAudAddService - ok
13:28:29.0026 0x111c [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
13:28:29.0135 0x111c IntcDAud - ok
13:28:29.0354 0x111c [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:28:29.0401 0x111c Intel(R) Capability Licensing Service Interface - ok
13:28:29.0463 0x111c [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:28:29.0495 0x111c Intel(R) ME Service - ok
13:28:29.0510 0x111c [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\windows\system32\drivers\intelide.sys
13:28:29.0526 0x111c intelide - ok
13:28:29.0573 0x111c [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\windows\System32\drivers\intelppm.sys
13:28:29.0588 0x111c intelppm - ok
13:28:29.0620 0x111c [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
13:28:29.0651 0x111c IpFilterDriver - ok
13:28:29.0776 0x111c [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\windows\System32\iphlpsvc.dll
13:28:29.0854 0x111c iphlpsvc - ok
13:28:29.0901 0x111c [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV C:\windows\System32\drivers\IPMIDrv.sys
13:28:30.0042 0x111c IPMIDRV - ok
13:28:30.0073 0x111c [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\windows\system32\drivers\ipnat.sys
13:28:30.0120 0x111c IPNAT - ok
13:28:30.0135 0x111c [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\windows\system32\drivers\irenum.sys
13:28:30.0276 0x111c IRENUM - ok
13:28:30.0292 0x111c [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\windows\system32\drivers\isapnp.sys
13:28:30.0307 0x111c isapnp - ok
13:28:30.0401 0x111c [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt C:\windows\System32\drivers\msiscsi.sys
13:28:30.0448 0x111c iScsiPrt - ok
13:28:30.0542 0x111c [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
13:28:30.0557 0x111c iumsvc - ok
13:28:30.0588 0x111c [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:28:30.0604 0x111c jhi_service - ok
13:28:30.0620 0x111c [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\windows\System32\drivers\kbdclass.sys
13:28:30.0635 0x111c kbdclass - ok
13:28:30.0667 0x111c [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\windows\System32\drivers\kbdhid.sys
13:28:30.0698 0x111c kbdhid - ok
13:28:30.0713 0x111c [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\windows\system32\DRIVERS\kdnic.sys
13:28:30.0823 0x111c kdnic - ok
13:28:30.0838 0x111c [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso C:\windows\system32\lsass.exe
13:28:30.0854 0x111c KeyIso - ok
13:28:30.0901 0x111c [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1 C:\windows\system32\DRIVERS\kl1.sys
13:28:30.0932 0x111c kl1 - ok
13:28:30.0979 0x111c [ 2248A9F2B7704271C72E306001C7FBE0, FEC8E10F4FAB332E36C1C5801396174B4CE21186431A2A234CE49695C4674ACA ] klelam C:\windows\system32\DRIVERS\klelam.sys
13:28:30.0979 0x111c klelam - ok
13:28:31.0010 0x111c [ BC996B5D96CB7463268DE67E2D99F496, F2763242B69B1290FCAF54B6353BC1469C47D774724249D4CB9BFEC100890970 ] klflt C:\windows\system32\DRIVERS\klflt.sys
13:28:31.0026 0x111c klflt - ok
13:28:31.0120 0x111c [ E8D6C80D4E11383CEE269F9C27E6464C, 5E9EAD64AE221AE8BF87730A7FDDF8023805184D12A058A147ECD887FA3D3012 ] KLIF C:\windows\system32\DRIVERS\klif.sys
13:28:31.0151 0x111c KLIF - ok
13:28:31.0229 0x111c [ B6822DEFE601629F19E0A2D7F0D623F2, FD71A2AA3FC4698B5436D185E2F2A3EB6A111AE8F35606E1658E2D18CE744F13 ] KLIM6 C:\windows\system32\DRIVERS\klim6.sys
13:28:31.0245 0x111c KLIM6 - ok
13:28:31.0276 0x111c [ B45DEC5BD71885E833DF3D837CE7C606, 8A81802122EE6BD791E36F9F27D921C9BC4D5B6604C0A79F9F1D806AD44B9869 ] klkbdflt C:\windows\system32\DRIVERS\klkbdflt.sys
13:28:31.0307 0x111c klkbdflt - ok
13:28:31.0323 0x111c [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt C:\windows\system32\DRIVERS\klmouflt.sys
13:28:31.0338 0x111c klmouflt - ok
13:28:31.0354 0x111c [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\windows\system32\DRIVERS\klpd.sys
13:28:31.0370 0x111c klpd - ok
13:28:31.0385 0x111c [ EAAF7E0936CC5474F433B684A2C68CF2, 5E5E5D324000F2209C7E32DC965FBD822850B4E1351887A93B50FB79844BF781 ] klwfp C:\windows\system32\DRIVERS\klwfp.sys
13:28:31.0401 0x111c klwfp - ok
13:28:31.0479 0x111c [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps C:\windows\system32\DRIVERS\kneps.sys
13:28:31.0495 0x111c kneps - ok
13:28:31.0557 0x111c [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
13:28:31.0573 0x111c KSecDD - ok
13:28:31.0635 0x111c [ 3DD9C86EA88E8B5A51904AD87E1F2E78, F9EC9A571212117C01934CD29057EB1B3FA095F670294244AF7D9387D3F6E555 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
13:28:31.0651 0x111c KSecPkg - ok
13:28:31.0698 0x111c [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
13:28:31.0729 0x111c ksthunk - ok
13:28:31.0776 0x111c [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\windows\system32\msdtckrm.dll
13:28:31.0807 0x111c KtmRm - ok
13:28:31.0839 0x111c [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer C:\windows\System32\srvsvc.dll
13:28:31.0917 0x111c LanmanServer - ok
13:28:31.0932 0x111c [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:28:31.0948 0x111c LanmanWorkstation - ok
13:28:31.0964 0x111c [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
13:28:31.0995 0x111c lltdio - ok
13:28:32.0026 0x111c [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\windows\System32\lltdsvc.dll
13:28:32.0057 0x111c lltdsvc - ok
13:28:32.0073 0x111c [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\windows\System32\lmhsvc.dll
13:28:32.0135 0x111c lmhosts - ok
13:28:32.0167 0x111c [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:28:32.0182 0x111c LMS - ok
13:28:32.0214 0x111c [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
13:28:32.0245 0x111c LSI_SAS - ok
13:28:32.0276 0x111c [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
13:28:32.0292 0x111c LSI_SAS2 - ok
13:28:32.0354 0x111c [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
13:28:32.0370 0x111c LSI_SCSI - ok
13:28:32.0401 0x111c [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\windows\system32\drivers\lsi_sss.sys
13:28:32.0417 0x111c LSI_SSS - ok
13:28:32.0510 0x111c [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM C:\windows\System32\lsm.dll
13:28:32.0573 0x111c LSM - ok
13:28:32.0604 0x111c [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\windows\system32\drivers\luafv.sys
13:28:32.0698 0x111c luafv - ok
13:28:32.0714 0x111c [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\windows\system32\drivers\megasas.sys
13:28:32.0729 0x111c megasas - ok
13:28:32.0823 0x111c [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
13:28:32.0901 0x111c MegaSR - ok
13:28:32.0964 0x111c [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\windows\System32\drivers\HECIx64.sys
13:28:32.0979 0x111c MEIx64 - ok
13:28:33.0026 0x111c [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\windows\system32\mmcss.dll
13:28:33.0151 0x111c MMCSS - ok
13:28:33.0182 0x111c [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\windows\system32\drivers\modem.sys
13:28:33.0229 0x111c Modem - ok
13:28:33.0276 0x111c [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\windows\System32\drivers\monitor.sys
13:28:33.0339 0x111c monitor - ok
13:28:33.0370 0x111c [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\windows\System32\drivers\mouclass.sys
13:28:33.0385 0x111c mouclass - ok
13:28:33.0432 0x111c [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\windows\System32\drivers\mouhid.sys
13:28:33.0557 0x111c mouhid - ok
13:28:33.0589 0x111c [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
13:28:33.0620 0x111c mountmgr - ok
13:28:33.0651 0x111c [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
13:28:33.0839 0x111c mpsdrv - ok
13:28:34.0057 0x111c [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\windows\system32\mpssvc.dll
13:28:34.0167 0x111c MpsSvc - ok
13:28:34.0198 0x111c [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
13:28:34.0339 0x111c MRxDAV - ok
13:28:34.0495 0x111c [ 14EE56050E1637926F5CFA65B1F4209B, C654280B4BB461898B43DF350B5BB76C2FDEBD6B49A19D08B2F28D92E2FA3D0D ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
13:28:34.0557 0x111c mrxsmb - ok
13:28:34.0682 0x111c [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
13:28:34.0714 0x111c mrxsmb10 - ok
13:28:34.0823 0x111c [ 0AA400AB21745F1153ECE75E0186509A, E26696A00008BB8D88ABED6F379FFFAE21ACE9AA7108D9E89A7D99CAF2F23FEF ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
13:28:35.0229 0x111c mrxsmb20 - ok
13:28:35.0276 0x111c [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\windows\system32\DRIVERS\bridge.sys
13:28:35.0370 0x111c MsBridge - ok
13:28:35.0401 0x111c [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\windows\System32\msdtc.exe
13:28:35.0620 0x111c MSDTC - ok
13:28:35.0682 0x111c [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\windows\system32\drivers\Msfs.sys
13:28:35.0698 0x111c Msfs - ok
13:28:35.0932 0x111c [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\windows\System32\drivers\msgpiowin32.sys
13:28:36.0089 0x111c msgpiowin32 - ok
13:28:36.0401 0x111c [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
13:28:36.0479 0x111c mshidkmdf - ok
13:28:36.0558 0x111c [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\windows\System32\drivers\mshidumdf.sys
13:28:36.0776 0x111c mshidumdf - ok
13:28:36.0995 0x111c [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\windows\system32\drivers\msisadrv.sys
13:28:37.0011 0x111c msisadrv - ok
13:28:37.0308 0x111c [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\windows\system32\iscsiexe.dll
13:28:37.0542 0x111c MSiSCSI - ok
13:28:37.0542 0x111c msiserver - ok
13:28:37.0792 0x111c [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
13:28:38.0104 0x111c MSKSSRV - ok
13:28:38.0198 0x111c [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\windows\system32\DRIVERS\mslldp.sys
13:28:38.0245 0x111c MsLldp - ok
13:28:38.0511 0x111c [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
13:28:38.0901 0x111c MSPCLOCK - ok
13:28:39.0042 0x111c [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
13:28:39.0370 0x111c MSPQM - ok
13:28:39.0651 0x111c [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\windows\system32\drivers\MsRPC.sys
13:28:39.0683 0x111c MsRPC - ok
13:28:39.0901 0x111c [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\windows\System32\drivers\mssmbios.sys
13:28:40.0589 0x111c mssmbios - ok
13:28:40.0745 0x111c [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
13:28:41.0542 0x111c MSTEE - ok
13:28:41.0667 0x111c [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\windows\System32\drivers\MTConfig.sys
13:28:42.0120 0x111c MTConfig - ok
13:28:42.0292 0x111c [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\windows\system32\Drivers\mup.sys
13:28:42.0355 0x111c Mup - ok
13:28:42.0480 0x111c [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\windows\system32\drivers\mvumis.sys
13:28:42.0886 0x111c mvumis - ok
13:28:43.0152 0x111c [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\windows\system32\qagentRT.dll
13:28:43.0277 0x111c napagent - ok
13:28:43.0605 0x111c [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
13:28:43.0902 0x111c NativeWifiP - ok
13:28:43.0933 0x111c [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\windows\System32\ncasvc.dll
13:28:43.0980 0x111c NcaSvc - ok
13:28:44.0011 0x111c [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\windows\System32\NcdAutoSetup.dll
13:28:44.0074 0x111c NcdAutoSetup - ok
13:28:44.0120 0x111c [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\windows\system32\drivers\ndis.sys
13:28:44.0152 0x111c NDIS - ok
13:28:44.0183 0x111c [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
13:28:44.0199 0x111c NdisCap - ok
13:28:44.0214 0x111c [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\windows\system32\DRIVERS\NdisImPlatform.sys
13:28:44.0308 0x111c NdisImPlatform - ok
13:28:44.0339 0x111c [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
13:28:44.0433 0x111c NdisTapi - ok
13:28:44.0464 0x111c [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
13:28:44.0495 0x111c Ndisuio - ok
13:28:44.0511 0x111c [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
13:28:44.0542 0x111c NdisWan - ok
13:28:44.0574 0x111c [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\windows\system32\DRIVERS\ndiswan.sys
13:28:44.0574 0x111c NDISWANLEGACY - ok
13:28:44.0605 0x111c [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\windows\system32\drivers\NDProxy.sys
13:28:44.0636 0x111c NDProxy - ok
13:28:44.0652 0x111c [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\windows\system32\drivers\Ndu.sys
13:28:44.0683 0x111c Ndu - ok
13:28:44.0699 0x111c [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
13:28:44.0714 0x111c NetBIOS - ok
13:28:44.0730 0x111c [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
13:28:44.0777 0x111c NetBT - ok
13:28:44.0792 0x111c [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon C:\windows\system32\lsass.exe
13:28:44.0808 0x111c Netlogon - ok
13:28:44.0824 0x111c [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\windows\System32\netman.dll
13:28:44.0855 0x111c Netman - ok
13:28:44.0902 0x111c [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\windows\System32\netprofmsvc.dll
13:28:44.0964 0x111c netprofm - ok
13:28:45.0074 0x111c [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:28:45.0089 0x111c NetTcpPortSharing - ok
13:28:45.0120 0x111c [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
13:28:45.0136 0x111c nfrd960 - ok
13:28:45.0183 0x111c [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc C:\windows\System32\nlasvc.dll
13:28:45.0308 0x111c NlaSvc - ok
13:28:45.0370 0x111c [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\windows\system32\drivers\Npfs.sys
13:28:45.0386 0x111c Npfs - ok
13:28:45.0402 0x111c [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\windows\System32\drivers\npsvctrig.sys
13:28:45.0449 0x111c npsvctrig - ok
13:28:45.0495 0x111c [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\windows\system32\nsisvc.dll
13:28:45.0511 0x111c nsi - ok
13:28:45.0574 0x111c [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
13:28:45.0652 0x111c nsiproxy - ok
13:28:45.0902 0x111c [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs C:\windows\system32\drivers\Ntfs.sys
13:28:45.0995 0x111c Ntfs - ok
13:28:46.0042 0x111c [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\windows\system32\drivers\Null.sys
13:28:46.0074 0x111c Null - ok
13:28:47.0386 0x111c [ 5104BAC2DA2A5BDD86AC6B0708B00F06, A02501514F8517CB5A6CFE4352A3D0F864153470015589428A6B14477E791514 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
13:28:47.0824 0x111c nvlddmkm - ok
13:28:47.0855 0x111c [ 918841B2454F4F2BD94479692079490B, 16667315DE4EB5543E176273362791B157223E775ED1CF285330CC8195E0F1BB ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
13:28:47.0871 0x111c nvpciflt - ok
13:28:47.0933 0x111c [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
13:28:47.0933 0x111c nvraid - ok
13:28:48.0011 0x111c [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\windows\system32\drivers\nvstor.sys
13:28:48.0027 0x111c nvstor - ok
13:28:48.0089 0x111c [ DDFAFCE89A5C93D04712B86F94E9FCBA, 377303D4CAC9E3AD5B58894CF7AECDA4FCD3D721568BE8BACC0A897A0956919A ] nvsvc C:\windows\system32\nvvsvc.exe
13:28:48.0105 0x111c nvsvc - ok
13:28:48.0199 0x111c [ 249357999355A998AA94A3673C3367EB, D33A231EB1B09A838446CE7C4A057CF0DE7C1C62639703EB920BA554EB8A4E0B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:28:48.0261 0x111c nvUpdatusService - ok
13:28:48.0277 0x111c [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
13:28:48.0292 0x111c nv_agp - ok
13:28:48.0355 0x111c [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:28:48.0386 0x111c ose - ok
13:28:48.0433 0x111c [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\windows\system32\pnrpsvc.dll
13:28:48.0496 0x111c p2pimsvc - ok
13:28:48.0527 0x111c [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\windows\system32\p2psvc.dll
13:28:48.0558 0x111c p2psvc - ok
13:28:48.0589 0x111c [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\windows\System32\drivers\parport.sys
13:28:48.0605 0x111c Parport - ok
13:28:48.0636 0x111c [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\windows\system32\drivers\partmgr.sys
13:28:48.0636 0x111c partmgr - ok
13:28:48.0668 0x111c [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\windows\System32\pcasvc.dll
13:28:48.0746 0x111c PcaSvc - ok
13:28:48.0777 0x111c [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\windows\system32\drivers\pci.sys
13:28:48.0793 0x111c pci - ok
13:28:48.0793 0x111c [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\windows\system32\drivers\pciide.sys
13:28:48.0808 0x111c pciide - ok
13:28:48.0824 0x111c [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
13:28:48.0839 0x111c pcmcia - ok
13:28:48.0855 0x111c [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\windows\system32\drivers\pcw.sys
13:28:48.0855 0x111c pcw - ok
13:28:48.0902 0x111c [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\windows\system32\drivers\pdc.sys
13:28:48.0902 0x111c pdc - ok
13:28:48.0949 0x111c [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\windows\system32\drivers\peauth.sys
13:28:49.0043 0x111c PEAUTH - ok
13:28:49.0449 0x111c [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\windows\SysWow64\perfhost.exe
13:28:49.0496 0x111c PerfHost - ok
13:28:49.0746 0x111c [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\windows\system32\pla.dll
13:28:49.0839 0x111c pla - ok
13:28:49.0871 0x111c [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\windows\system32\umpnpmgr.dll
13:28:49.0886 0x111c PlugPlay - ok
13:28:49.0933 0x111c [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
13:28:49.0980 0x111c PNRPAutoReg - ok
13:28:50.0011 0x111c [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\windows\system32\pnrpsvc.dll
13:28:50.0027 0x111c PNRPsvc - ok
13:28:50.0043 0x111c [ 6F5DDC52A9103CC8E1ED5892C1D15613, 9B0DEB0DF5004BB67AE25C8381607C0B75CA356048296F25C0150E3ED4D0F1EF ] Point64 C:\windows\System32\drivers\point64.sys
13:28:50.0074 0x111c Point64 - ok
13:28:50.0105 0x111c [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\windows\System32\ipsecsvc.dll
13:28:50.0136 0x111c PolicyAgent - ok
13:28:50.0168 0x111c [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\windows\system32\umpo.dll
13:28:50.0230 0x111c Power - ok
13:28:50.0261 0x111c [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
13:28:50.0277 0x111c PptpMiniport - ok
13:28:50.0933 0x111c [ EE553F62E81D7F7F3718DB960A1EF2C0, 84A8C79B4F51D606F567A038280007F278D57BE06AB0F060E4D43AC1347AB459 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
13:28:51.0277 0x111c PrintNotify - ok
13:28:51.0308 0x111c [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\windows\System32\drivers\processr.sys
13:28:51.0340 0x111c Processor - ok
13:28:51.0355 0x111c [ 7319B31138CF508E0C4502946657A4B4, 03C57F90F673012B983720D1477822AABA6D6D54F700AB2248CAED6451B37CA3 ] ProfSvc C:\windows\system32\profsvc.dll
13:28:51.0418 0x111c ProfSvc - ok
13:28:51.0433 0x111c [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\windows\system32\DRIVERS\pacer.sys
13:28:51.0449 0x111c Psched - ok
13:28:51.0480 0x111c [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\windows\system32\qwave.dll
13:28:51.0527 0x111c QWAVE - ok
13:28:51.0543 0x111c [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
13:28:51.0574 0x111c QWAVEdrv - ok
13:28:51.0605 0x111c [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini C:\windows\System32\drivers\RadioHIDMini.sys
13:28:51.0636 0x111c RadioHIDMini - ok
13:28:51.0652 0x111c [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
13:28:51.0668 0x111c RasAcd - ok
13:28:51.0668 0x111c [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
13:28:51.0683 0x111c RasAgileVpn - ok
13:28:51.0715 0x111c [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\windows\System32\rasauto.dll
13:28:51.0746 0x111c RasAuto - ok
13:28:51.0777 0x111c [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
13:28:51.0793 0x111c Rasl2tp - ok
13:28:51.0808 0x111c [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\windows\System32\rasmans.dll
13:28:51.0840 0x111c RasMan - ok
13:28:51.0855 0x111c [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
13:28:51.0871 0x111c RasPppoe - ok
13:28:51.0886 0x111c [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
13:28:51.0902 0x111c RasSstp - ok
13:28:51.0949 0x111c [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
13:28:52.0027 0x111c rdbss - ok
13:28:52.0043 0x111c [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\windows\System32\drivers\rdpbus.sys
13:28:52.0090 0x111c rdpbus - ok
13:28:52.0105 0x111c [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
13:28:52.0152 0x111c RDPDR - ok
13:28:52.0183 0x111c [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
13:28:52.0199 0x111c RdpVideoMiniport - ok
13:28:52.0230 0x111c [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
13:28:52.0246 0x111c RDPWD - ok
13:28:52.0277 0x111c [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\windows\system32\drivers\rdyboost.sys
13:28:52.0293 0x111c rdyboost - ok
13:28:52.0308 0x111c [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\windows\System32\mprdim.dll
13:28:52.0340 0x111c RemoteAccess - ok
13:28:52.0371 0x111c [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\windows\system32\regsvc.dll
13:28:52.0402 0x111c RemoteRegistry - ok
13:28:52.0433 0x111c [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM C:\windows\System32\drivers\rfcomm.sys
13:28:52.0465 0x111c RFCOMM - ok
13:28:52.0480 0x111c [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
13:28:52.0558 0x111c RpcEptMapper - ok
13:28:52.0574 0x111c [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\windows\system32\locator.exe
13:28:52.0590 0x111c RpcLocator - ok
13:28:52.0636 0x111c [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\windows\system32\rpcss.dll
13:28:52.0652 0x111c RpcSs - ok
13:28:52.0699 0x111c [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
13:28:52.0746 0x111c rspndr - ok
13:28:52.0793 0x111c [ 7D9DA8EC6784A9EE213C676709D46BE6, 9861D1EF107F7D1590B89098EAEA7F509C1EF46999C37703F3766BAD733D8AD2 ] RTL8168 C:\windows\system32\DRIVERS\Rt630x64.sys
13:28:52.0808 0x111c RTL8168 - ok
13:28:52.0871 0x111c [ 4CA0DBA9E224473D664C25E411F5A3BD, 71423A66165782EFB4DB7BE6CE48DDB463D9F65FD0F266D333A6558791D158E5 ] rtport C:\windows\SysWOW64\drivers\rtport.sys
13:28:52.0886 0x111c rtport - ok
13:28:52.0902 0x111c [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\windows\System32\drivers\vms3cap.sys
13:28:52.0918 0x111c s3cap - ok
13:28:52.0949 0x111c [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs C:\windows\system32\lsass.exe
13:28:52.0949 0x111c SamSs - ok
13:28:52.0949 0x111c SBIOSIO - ok
13:28:52.0965 0x111c [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
13:28:52.0980 0x111c sbp2port - ok
13:28:53.0011 0x111c [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\windows\System32\SCardSvr.dll
13:28:53.0043 0x111c SCardSvr - ok
13:28:53.0074 0x111c [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
13:28:53.0090 0x111c scfilter - ok
13:28:53.0152 0x111c [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule C:\windows\system32\schedsvc.dll
13:28:53.0277 0x111c Schedule - ok
13:28:53.0293 0x111c [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\windows\System32\certprop.dll
13:28:53.0308 0x111c SCPolicySvc - ok
13:28:53.0355 0x111c [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\windows\System32\drivers\sdbus.sys
13:28:53.0387 0x111c sdbus - ok
13:28:53.0418 0x111c [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\windows\System32\SDRSVC.dll
13:28:53.0480 0x111c SDRSVC - ok
13:28:53.0496 0x111c [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\windows\System32\drivers\sdstor.sys
13:28:53.0511 0x111c sdstor - ok
13:28:53.0543 0x111c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
13:28:53.0558 0x111c secdrv - ok
13:28:53.0590 0x111c [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\windows\system32\seclogon.dll
13:28:53.0637 0x111c seclogon - ok
13:28:53.0668 0x111c [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\windows\system32\sens.dll
13:28:53.0683 0x111c SENS - ok
13:28:53.0715 0x111c [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\windows\system32\sensrsvc.dll
13:28:53.0777 0x111c SensrSvc - ok
13:28:53.0808 0x111c [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\windows\system32\drivers\SerCx.sys
13:28:53.0824 0x111c SerCx - ok
13:28:53.0840 0x111c [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\windows\System32\drivers\serenum.sys
13:28:53.0855 0x111c Serenum - ok
13:28:53.0871 0x111c [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\windows\System32\drivers\serial.sys
13:28:53.0902 0x111c Serial - ok
13:28:53.0918 0x111c [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\windows\System32\drivers\sermouse.sys
13:28:53.0918 0x111c sermouse - ok
13:28:53.0965 0x111c [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\windows\system32\sessenv.dll
13:28:53.0980 0x111c SessionEnv - ok
13:28:53.0996 0x111c [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\windows\System32\drivers\sfloppy.sys
13:28:54.0012 0x111c sfloppy - ok
13:28:54.0058 0x111c [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\windows\System32\ipnathlp.dll
13:28:54.0090 0x111c SharedAccess - ok
13:28:54.0152 0x111c [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:28:54.0262 0x111c ShellHWDetection - ok
13:28:54.0277 0x111c [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
13:28:54.0277 0x111c SiSRaid2 - ok
13:28:54.0308 0x111c [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
13:28:54.0324 0x111c SiSRaid4 - ok
13:28:54.0387 0x111c [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:28:54.0387 0x111c SkypeUpdate - ok
13:28:54.0433 0x111c [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\windows\System32\snmptrap.exe
13:28:54.0465 0x111c SNMPTRAP - ok
13:28:54.0496 0x111c [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\windows\system32\drivers\spaceport.sys
13:28:54.0512 0x111c spaceport - ok
13:28:54.0527 0x111c [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\windows\system32\drivers\SpbCx.sys
13:28:54.0558 0x111c SpbCx - ok
13:28:54.0605 0x111c [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\windows\System32\spoolsv.exe
13:28:54.0637 0x111c Spooler - ok
13:28:55.0090 0x111c [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc C:\windows\system32\sppsvc.exe
13:28:55.0371 0x111c sppsvc - ok
13:28:55.0402 0x111c [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\windows\system32\DRIVERS\srv.sys
13:28:55.0433 0x111c srv - ok
13:28:55.0480 0x111c [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
13:28:55.0559 0x111c srv2 - ok
13:28:55.0590 0x111c [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
13:28:55.0605 0x111c srvnet - ok
13:28:55.0637 0x111c [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
13:28:55.0652 0x111c SSDPSRV - ok
13:28:55.0668 0x111c [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\windows\system32\sstpsvc.dll
13:28:55.0683 0x111c SstpSvc - ok
13:28:55.0730 0x111c [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:28:55.0793 0x111c Steam Client Service - ok
13:28:55.0840 0x111c [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\windows\system32\drivers\stexstor.sys
13:28:55.0855 0x111c stexstor - ok
13:28:55.0949 0x111c [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\windows\System32\wiaservc.dll
13:28:56.0012 0x111c stisvc - ok
13:28:56.0043 0x111c [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\windows\system32\drivers\storahci.sys
13:28:56.0059 0x111c storahci - ok
13:28:56.0074 0x111c [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\windows\system32\DRIVERS\vmstorfl.sys
13:28:56.0074 0x111c storflt - ok
13:28:56.0105 0x111c [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\windows\system32\storsvc.dll
13:28:56.0184 0x111c StorSvc - ok
13:28:56.0215 0x111c [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\windows\system32\drivers\storvsc.sys
13:28:56.0215 0x111c storvsc - ok
13:28:56.0230 0x111c [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\windows\system32\svsvc.dll
13:28:56.0246 0x111c svsvc - ok
13:28:56.0262 0x111c [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\windows\System32\drivers\swenum.sys
13:28:56.0277 0x111c swenum - ok
13:28:56.0293 0x111c [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\windows\System32\swprv.dll
13:28:56.0340 0x111c swprv - ok
13:28:56.0527 0x111c [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\windows\system32\sysmain.dll
13:28:56.0637 0x111c SysMain - ok
13:28:56.0652 0x111c [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
13:28:56.0715 0x111c SystemEventsBroker - ok
13:28:56.0746 0x111c [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\windows\System32\TabSvc.dll
13:28:56.0777 0x111c TabletInputService - ok
13:28:56.0793 0x111c [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\windows\System32\tapisrv.dll
13:28:56.0824 0x111c TapiSrv - ok
13:28:56.0965 0x111c [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] Tcpip C:\windows\system32\drivers\tcpip.sys
13:28:57.0059 0x111c Tcpip - ok
13:28:57.0371 0x111c [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
13:28:57.0434 0x111c TCPIP6 - ok
13:28:57.0496 0x111c [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
13:28:57.0527 0x111c tcpipreg - ok
13:28:57.0559 0x111c [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx C:\windows\system32\DRIVERS\tdx.sys
13:28:57.0574 0x111c tdx - ok
13:28:57.0590 0x111c [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\windows\System32\drivers\terminpt.sys
13:28:57.0605 0x111c terminpt - ok
13:28:57.0762 0x111c [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService C:\windows\System32\termsrv.dll
13:28:57.0855 0x111c TermService - ok
13:28:57.0887 0x111c [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\windows\system32\themeservice.dll
13:28:57.0918 0x111c Themes - ok
13:28:57.0949 0x111c [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\windows\system32\mmcss.dll
13:28:57.0949 0x111c THREADORDER - ok
13:28:58.0012 0x111c [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\windows\System32\TimeBrokerServer.dll
13:28:58.0043 0x111c TimeBroker - ok
13:28:58.0074 0x111c [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\windows\system32\drivers\tpm.sys
13:28:58.0090 0x111c TPM - ok
13:28:58.0106 0x111c [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\windows\System32\trkwks.dll
13:28:58.0137 0x111c TrkWks - ok
13:28:58.0199 0x111c [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:28:58.0309 0x111c TrustedInstaller - ok
13:28:58.0324 0x111c [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
13:28:58.0371 0x111c TsUsbFlt - ok
13:28:58.0387 0x111c [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\windows\System32\drivers\TsUsbGD.sys
13:28:58.0402 0x111c TsUsbGD - ok
13:28:58.0418 0x111c [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
13:28:58.0434 0x111c tunnel - ok
13:28:58.0465 0x111c [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\windows\system32\drivers\uagp35.sys
13:28:58.0481 0x111c uagp35 - ok
13:28:58.0496 0x111c [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\windows\System32\drivers\uaspstor.sys
13:28:58.0512 0x111c UASPStor - ok
13:28:58.0559 0x111c [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\windows\System32\drivers\ucx01000.sys
13:28:58.0574 0x111c UCX01000 - ok
13:28:58.0621 0x111c [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\windows\system32\DRIVERS\udfs.sys
13:28:58.0652 0x111c udfs - ok
13:28:58.0684 0x111c [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\windows\system32\UI0Detect.exe
13:28:58.0715 0x111c UI0Detect - ok
13:28:58.0746 0x111c [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
13:28:58.0746 0x111c uliagpkx - ok
13:28:58.0762 0x111c [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\windows\System32\drivers\umbus.sys
13:28:58.0793 0x111c umbus - ok
13:28:58.0809 0x111c [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\windows\System32\drivers\umpass.sys
13:28:58.0809 0x111c UmPass - ok
13:28:58.0871 0x111c [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\windows\System32\umrdp.dll
13:28:58.0934 0x111c UmRdpService - ok
13:28:59.0121 0x111c [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:28:59.0137 0x111c UNS - ok
13:28:59.0184 0x111c [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\windows\System32\upnphost.dll
13:28:59.0199 0x111c upnphost - ok
13:28:59.0231 0x111c [ 9E9F21FF91D7ECC0BCCB94D3FE52A959, 85461393D62ED939F6741C2D0A90C8AB34F4415173223BB4CFC119715D10E7A7 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
13:28:59.0262 0x111c usbaudio - ok
13:28:59.0293 0x111c [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\windows\System32\drivers\usbccgp.sys
13:28:59.0340 0x111c usbccgp - ok
13:28:59.0371 0x111c [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\windows\System32\drivers\usbcir.sys
13:28:59.0387 0x111c usbcir - ok
13:28:59.0418 0x111c [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\windows\System32\drivers\usbehci.sys
13:28:59.0434 0x111c usbehci - ok
13:28:59.0465 0x111c [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\windows\System32\drivers\usbhub.sys
13:28:59.0481 0x111c usbhub - ok
13:28:59.0527 0x111c [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3 C:\windows\System32\drivers\UsbHub3.sys
13:28:59.0543 0x111c USBHUB3 - ok
13:28:59.0590 0x111c [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\windows\System32\drivers\usbohci.sys
13:28:59.0652 0x111c usbohci - ok
13:28:59.0684 0x111c [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\windows\System32\drivers\usbprint.sys
13:28:59.0731 0x111c usbprint - ok
13:28:59.0762 0x111c [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\windows\System32\drivers\USBSTOR.SYS
13:28:59.0777 0x111c USBSTOR - ok
13:28:59.0809 0x111c [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\windows\System32\drivers\usbuhci.sys
13:28:59.0824 0x111c usbuhci - ok
13:28:59.0871 0x111c [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
13:28:59.0887 0x111c usbvideo - ok
13:28:59.0934 0x111c [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\windows\System32\drivers\USBXHCI.SYS
13:28:59.0949 0x111c USBXHCI - ok
13:28:59.0965 0x111c [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc C:\windows\system32\lsass.exe
13:28:59.0981 0x111c VaultSvc - ok
13:29:00.0027 0x111c [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
13:29:00.0043 0x111c vdrvroot - ok
13:29:00.0090 0x111c [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\windows\System32\vds.exe
13:29:00.0168 0x111c vds - ok
13:29:00.0199 0x111c [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\windows\system32\drivers\VerifierExt.sys
13:29:00.0231 0x111c VerifierExt - ok
13:29:00.0262 0x111c [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp C:\windows\System32\drivers\vhdmp.sys
13:29:00.0277 0x111c vhdmp - ok
13:29:00.0309 0x111c [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\windows\system32\drivers\viaide.sys
13:29:00.0309 0x111c viaide - ok
13:29:00.0324 0x111c [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\windows\system32\drivers\vmbus.sys
13:29:00.0340 0x111c vmbus - ok
13:29:00.0356 0x111c [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\windows\System32\drivers\VMBusHID.sys
13:29:00.0371 0x111c VMBusHID - ok
13:29:00.0402 0x111c [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\windows\System32\ICSvc.dll
13:29:00.0418 0x111c vmicheartbeat - ok
13:29:00.0418 0x111c [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\windows\System32\ICSvc.dll
13:29:00.0434 0x111c vmickvpexchange - ok
13:29:00.0434 0x111c [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\windows\System32\ICSvc.dll
13:29:00.0449 0x111c vmicrdv - ok
13:29:00.0465 0x111c [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\windows\System32\ICSvc.dll
13:29:00.0481 0x111c vmicshutdown - ok
13:29:00.0543 0x111c [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\windows\System32\ICSvc.dll
13:29:00.0543 0x111c vmictimesync - ok
13:29:00.0574 0x111c [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\windows\System32\ICSvc.dll
13:29:00.0590 0x111c vmicvss - ok
13:29:00.0606 0x111c [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\windows\system32\drivers\volmgr.sys
13:29:00.0621 0x111c volmgr - ok
13:29:00.0699 0x111c [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
13:29:00.0715 0x111c volmgrx - ok
13:29:00.0793 0x111c [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap C:\windows\system32\drivers\volsnap.sys
13:29:00.0824 0x111c volsnap - ok
13:29:00.0856 0x111c [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\windows\System32\drivers\vpci.sys
13:29:00.0871 0x111c vpci - ok
13:29:00.0903 0x111c [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\windows\system32\drivers\vsmraid.sys
13:29:00.0918 0x111c vsmraid - ok
13:29:01.0121 0x111c [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS C:\windows\system32\vssvc.exe
13:29:01.0246 0x111c VSS - ok
13:29:01.0293 0x111c [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\windows\system32\drivers\vstxraid.sys
13:29:01.0324 0x111c VSTXRAID - ok
13:29:01.0340 0x111c [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
13:29:01.0403 0x111c vwifibus - ok
13:29:01.0449 0x111c [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
13:29:01.0465 0x111c vwififlt - ok
13:29:01.0496 0x111c [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
13:29:01.0528 0x111c vwifimp - ok
13:29:01.0637 0x111c [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\windows\system32\w32time.dll
13:29:01.0684 0x111c W32Time - ok
13:29:01.0699 0x111c [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\windows\System32\drivers\wacompen.sys
13:29:01.0746 0x111c WacomPen - ok
13:29:01.0809 0x111c [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys
13:29:01.0840 0x111c Wanarp - ok
13:29:01.0840 0x111c [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
13:29:01.0840 0x111c Wanarpv6 - ok
13:29:02.0137 0x111c [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\windows\system32\wbengine.exe
13:29:02.0403 0x111c wbengine - ok
13:29:02.0512 0x111c [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\windows\System32\wbiosrvc.dll
13:29:02.0574 0x111c WbioSrvc - ok
13:29:02.0606 0x111c [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc C:\windows\System32\wcmsvc.dll
13:29:02.0668 0x111c Wcmsvc - ok
13:29:02.0699 0x111c [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\windows\System32\wcncsvc.dll
13:29:02.0746 0x111c wcncsvc - ok
13:29:02.0778 0x111c [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
13:29:02.0856 0x111c WcsPlugInService - ok
13:29:02.0871 0x111c [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\windows\system32\drivers\wd.sys
13:29:02.0887 0x111c Wd - ok
13:29:02.0903 0x111c [ 3772FF85F0098686B0DCD77076AE0786, 8B0221F6003C53856676FFD9CDCFF43DF29B410AB2F340C10BB858F0E6EC14CE ] WdBoot C:\windows\system32\drivers\WdBoot.sys
13:29:02.0918 0x111c WdBoot - ok
13:29:02.0965 0x111c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
13:29:02.0996 0x111c Wdf01000 - ok
13:29:03.0012 0x111c [ AB6F7DE8BFBF61A42F8764D9A621BD8B, DEFDC9FDC0B234403EE1339105B8D12B486D77B3BA01A703339B5DB8B95FA4D8 ] WdFilter C:\windows\system32\drivers\WdFilter.sys
13:29:03.0028 0x111c WdFilter - ok
13:29:03.0043 0x111c [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\windows\system32\wdi.dll
13:29:03.0074 0x111c WdiServiceHost - ok
13:29:03.0074 0x111c [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\windows\system32\wdi.dll
13:29:03.0090 0x111c WdiSystemHost - ok
13:29:03.0184 0x111c [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\windows\System32\webclnt.dll
13:29:03.0309 0x111c WebClient - ok
13:29:03.0387 0x111c [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\windows\system32\wecsvc.dll
13:29:03.0434 0x111c Wecsvc - ok
13:29:03.0465 0x111c [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\windows\System32\wercplsupport.dll
13:29:03.0559 0x111c wercplsupport - ok
13:29:03.0575 0x111c [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\windows\System32\WerSvc.dll
13:29:03.0653 0x111c WerSvc - ok
13:29:03.0684 0x111c [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS C:\windows\system32\DRIVERS\wfplwfs.sys
13:29:03.0700 0x111c WFPLWFS - ok
13:29:03.0731 0x111c [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\windows\System32\wiarpc.dll
13:29:03.0746 0x111c WiaRpc - ok
13:29:03.0778 0x111c [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\windows\system32\drivers\wimmount.sys
13:29:03.0793 0x111c WIMMount - ok
13:29:03.0825 0x111c WinDefend - ok
13:29:03.0950 0x111c [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
13:29:04.0059 0x111c WinHttpAutoProxySvc - ok
13:29:04.0137 0x111c [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
13:29:04.0184 0x111c Winmgmt - ok
13:29:04.0637 0x111c [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM C:\windows\system32\WsmSvc.dll
13:29:04.0762 0x111c WinRM - ok
13:29:04.0825 0x111c [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
13:29:04.0840 0x111c WinUsb - ok
13:29:05.0075 0x111c [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\windows\System32\wlansvc.dll
13:29:05.0184 0x111c WlanSvc - ok
13:29:05.0450 0x111c [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\windows\system32\wlidsvc.dll
13:29:05.0575 0x111c wlidsvc - ok
13:29:05.0606 0x111c [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\windows\System32\drivers\wmiacpi.sys
13:29:05.0606 0x111c WmiAcpi - ok
13:29:05.0637 0x111c [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
13:29:05.0653 0x111c wmiApSrv - ok
13:29:05.0684 0x111c WMPNetworkSvc - ok
13:29:05.0700 0x111c [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\windows\system32\DRIVERS\wpcfltr.sys
13:29:05.0778 0x111c wpcfltr - ok
13:29:05.0809 0x111c [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\windows\System32\wpcsvc.dll
13:29:05.0809 0x111c WPCSvc - ok
13:29:05.0840 0x111c [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
13:29:05.0887 0x111c WPDBusEnum - ok
13:29:05.0903 0x111c [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\windows\system32\drivers\WpdUpFltr.sys
13:29:05.0950 0x111c WpdUpFltr - ok
13:29:05.0965 0x111c [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
13:29:05.0981 0x111c ws2ifsl - ok
13:29:06.0012 0x111c [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\windows\system32\wscsvc.dll
13:29:06.0059 0x111c wscsvc - ok
13:29:06.0059 0x111c WSearch - ok
13:29:06.0215 0x111c [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\windows\System32\WSService.dll
13:29:06.0340 0x111c WSService - ok
13:29:06.0903 0x111c [ 10EA2DBD2820A504D98D19F5EDAAFC04, 5B84D7C169CBAEBCE4A03BB89426E74DBF5AFCA1F8FDE2A5BC1006A8464D7E24 ] wuauserv C:\windows\system32\wuaueng.dll
13:29:07.0106 0x111c wuauserv - ok
13:29:07.0137 0x111c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
13:29:07.0153 0x111c WudfPf - ok
13:29:07.0184 0x111c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFSensorLP C:\windows\system32\DRIVERS\WUDFRd.sys
13:29:07.0215 0x111c WUDFSensorLP - ok
13:29:07.0247 0x111c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
13:29:07.0262 0x111c wudfsvc - ok
13:29:07.0262 0x111c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\windows\system32\DRIVERS\WUDFRd.sys
13:29:07.0278 0x111c WUDFWpdFs - ok
13:29:07.0293 0x111c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp C:\windows\system32\DRIVERS\WUDFRd.sys
13:29:07.0293 0x111c WUDFWpdMtp - ok
13:29:07.0418 0x111c [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\windows\System32\wwansvc.dll
13:29:07.0465 0x111c WwanSvc - ok
13:29:07.0544 0x111c [ 918C73F0275D7813E6F01E100B39DBD9, 06D08C9B0894A307A4D215B445A5EA08CD53DEA19526FECBB4ADDB833D1070D1 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
13:29:07.0575 0x111c ZAtheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
13:29:07.0575 0x111c ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - warning
13:29:07.0590 0x111c ================ Scan global ===============================
13:29:07.0637 0x111c [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\windows\system32\basesrv.dll
13:29:07.0668 0x111c [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\windows\system32\winsrv.dll
13:29:07.0700 0x111c [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\windows\system32\sxssrv.dll
13:29:07.0731 0x111c [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\windows\system32\services.exe
13:29:07.0747 0x111c [ Global ] - ok
13:29:07.0747 0x111c ================ Scan MBR ==================================
13:29:07.0762 0x111c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:29:08.0528 0x111c \Device\Harddisk0\DR0 - ok
13:29:08.0528 0x111c ================ Scan VBR ==================================
13:29:08.0544 0x111c [ 1FC715F2428BA6E96A6F124B92E56B6A ] \Device\Harddisk0\DR0\Partition1
13:29:08.0606 0x111c \Device\Harddisk0\DR0\Partition1 - ok
13:29:08.0653 0x111c [ 5DDE506F3FC7D38EA5A21189EB0B01D3 ] \Device\Harddisk0\DR0\Partition2
13:29:08.0684 0x111c \Device\Harddisk0\DR0\Partition2 - ok
13:29:08.0715 0x111c [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
13:29:08.0715 0x111c \Device\Harddisk0\DR0\Partition3 - ok
13:29:08.0731 0x111c [ BB8589C567F65DF46E5BFA6D7423EA1E ] \Device\Harddisk0\DR0\Partition4
13:29:08.0747 0x111c \Device\Harddisk0\DR0\Partition4 - ok
13:29:08.0778 0x111c [ E532332B129E69B1D410A7B867757292 ] \Device\Harddisk0\DR0\Partition5
13:29:08.0825 0x111c \Device\Harddisk0\DR0\Partition5 - ok
13:29:08.0887 0x111c [ EF6FF3C44BF364AA3EA34DF71733DFAE ] \Device\Harddisk0\DR0\Partition6
13:29:08.0919 0x111c \Device\Harddisk0\DR0\Partition6 - ok
13:29:08.0919 0x111c ================ Scan generic autorun ======================
13:29:10.0387 0x111c [ C2A0B14B6E6555CF9D53ECB142465697, 9611506ED174E82516CB1614BFE5730B0BDDE76D58574D0406C1FED873F6308D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:29:10.0762 0x111c RtHDVCpl - ok
13:29:10.0934 0x111c [ BED2FC346920A8B9F5B6CA9417A50E8F, 8F4B3E6987CA3BDB9D7C6DC59CB6578C26E95760E1D72FF78E89D76787FFECFA ] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
13:29:10.0981 0x111c BtTray - ok
13:29:10.0997 0x111c [ 4518F9E8966D584FF52B2D3A65E2320D, 9F3225B91B478C8A0B836F2F3E28014F144109C10A445FA162FA2AF6C3B716E9 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
13:29:10.0997 0x111c BtvStack - ok
13:29:10.0997 0x111c ETDCtrl - ok
13:29:11.0028 0x111c [ 895CD1F7D684E8677F2C50A8D2E86DC1, 6B3D2C1BA6D43363F3CD992F1AB5CF0AC9AD846CFD2A8CAE5CEA662DC315F411 ] C:\windows\system32\igfxtray.exe
13:29:11.0044 0x111c IgfxTray - ok
13:29:11.0059 0x111c [ DB2325FF9DF15B943E9A7E678E2CEF57, C22D257DB000FFB1B90E094CE8358D04A5885E6C789CA2A4125AEFE948C5ECD5 ] C:\windows\system32\hkcmd.exe
13:29:11.0075 0x111c HotKeysCmds - ok
13:29:11.0106 0x111c [ 1F17B098A2F9F7B7E7B00F4B679F5709, BD80A42D328A0D0C21E10A272E5144ACDEA1311FFD252D4664EE4F5D35B71826 ] C:\windows\system32\igfxpers.exe
13:29:11.0122 0x111c Persistence - ok
13:29:11.0184 0x111c [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
13:29:11.0184 0x111c Intel AppUp(SM) center - ok
13:29:11.0262 0x111c [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
13:29:11.0278 0x111c CLMLServer_For_P2G8 - ok
13:29:11.0309 0x111c [ 44C5C8A5DF192FDC4D530F57612FA49C, DD8D69698361CBD042AEB69BC040DAD92BB642429B68A9169247E1A8A96D391D ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
13:29:11.0325 0x111c CLVirtualDrive - ok
13:29:11.0372 0x111c [ AE29724E282EDBE7D0F49E9982642EFD, E7637C08A35F1D7AF810500804FAC45557C5598FA887BE26484B50D305213658 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
13:29:11.0403 0x111c RemoteControl10 - ok
13:29:11.0450 0x111c [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:29:11.0466 0x111c SunJavaUpdateSched - ok
13:29:11.0700 0x111c [ 776F1F9447FDA3F568EC6D1FB74DDD27, A53409B29ACDDB901D395EC4217F5BF366B3F8AFF2817B007AC7558505D18863 ] C:\Program Files (x86)\Steam\Steam.exe
13:29:11.0809 0x111c Steam - ok
13:29:11.0903 0x111c AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
13:29:11.0934 0x111c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
13:29:11.0950 0x111c FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x41010 ( enabled )
13:29:11.0950 0x111c ============================================================
13:29:11.0950 0x111c Scan finished
13:29:11.0950 0x111c ============================================================
13:29:11.0950 0x0e00 Detected object count: 2
13:29:11.0950 0x0e00 Actual detected object count: 2
13:35:24.0603 0x0e00 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
13:35:24.0603 0x0e00 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:35:24.0603 0x0e00 ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - skipped by user
13:35:24.0603 0x0e00 ZAtheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
18.10.2014, 22:05
| #5 |
| Ruhe in Frieden † 2019 | Windows 8: langsames Internet und Umleitungen auf Werbeseiten Hallo, nein, das sind legitime Treiber.  Kannst du mir noch beantworten welche Seiten das sind und wohin du umgeleitet wirst? Passiert das in allen Browsern? Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 Starte noch einmal FRST.
|
|
19.10.2014, 09:04
| #6 |
| | Windows 8: langsames Internet und Umleitungen auf Werbeseiten Hallo! Das Umleiten passiert nur über eine Seite für Erwachsene und nur über Chrome. Umgeleitet wird man dann auf ähnliche Seiten mit Inhalten für Erwachsene. Das ist hier alles anonym oder? Fixlog.txt Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-10-2014
Ran by Elias at 2014-10-19 08:54:24 Run:1
Running from C:\Users\Elias\Desktop
Loaded Profiles: UpdatusUser & Elias (Available profiles: UpdatusUser & Elias)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
*****************
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa" => Key deleted successfully.
"https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa" => File/Directory not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
==== End of Fixlog ====
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 19.10.2014 Suchlauf-Zeit: 08:59:31 Logdatei: mbam.txt Administrator: Nein Version: 2.00.3.1025 Malware Datenbank: v2014.10.19.02 Rootkit Datenbank: v2014.10.17.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8 CPU: x64 Dateisystem: NTFS Benutzer: Elias Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 430772 Verstrichene Zeit: 26 Min, 30 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by Elias (administrator) on ELIAS-PC on 19-10-2014 09:44:44
Running from C:\Users\Elias\Desktop
Loaded Profiles: UpdatusUser & Elias (Available profiles: UpdatusUser & Elias)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
() C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3777642976-2438380877-1723110391-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1939136 2014-08-28] (Valve Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Elias\AppData\Roaming\Mozilla\Firefox\Profiles\cyltjadc.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-18]
Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR Profile: C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-21]
CHR Extension: (Google-Suche) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-21]
CHR Extension: (AdBlock) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-12]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-02-18]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-02-18]
CHR Extension: (Virtual Keyboard) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-02-18]
CHR Extension: (Google Wallet) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Google Mail) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-21]
CHR Extension: (Anti-Banner) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-02-18]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-18] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-02-18] (Kaspersky Lab)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-26] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-26] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-26] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-02-18] (Kaspersky Lab ZAO)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-09-15] (Windows (R) 2003 DDK 3790 provider)
S3 SBIOSIO; \??\C:\windiag\SBIOSIO64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-19 09:44 - 2014-10-19 09:45 - 00020005 _____ () C:\Users\Elias\Desktop\FRST.txt
2014-10-19 09:41 - 2014-10-19 09:41 - 00001187 _____ () C:\Users\Elias\Desktop\mbam.txt
2014-10-19 05:36 - 2014-10-19 05:36 - 00000000 ___RD () C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-10-18 13:33 - 2014-10-18 13:34 - 00001566 _____ () C:\windows\comsetup.log
2014-10-18 13:24 - 2014-10-18 13:40 - 00032388 _____ () C:\windows\diagwrn.xml
2014-10-18 13:24 - 2014-10-18 13:40 - 00032388 _____ () C:\windows\diagerr.xml
2014-10-17 19:36 - 2014-10-19 08:59 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-17 19:36 - 2014-10-17 19:36 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-17 19:36 - 2014-10-17 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-10-17 19:36 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-17 19:36 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-10-17 19:36 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-10-17 13:28 - 2014-10-17 13:28 - 00000020 ___SH () C:\Users\TEMP.Elias-PC\ntuser.ini
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Vorlagen
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Startmenü
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Netzwerkumgebung
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Lokale Einstellungen
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Eigene Dateien
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Druckumgebung
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Documents\Eigene Musik
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Documents\Eigene Bilder
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\AppData\Local\Verlauf
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\AppData\Local\Anwendungsdaten
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 _SHDL () C:\Users\TEMP.Elias-PC\Anwendungsdaten
2014-10-17 13:28 - 2014-10-17 13:28 - 00000000 ____D () C:\Users\TEMP.Elias-PC
2014-10-17 13:28 - 2014-07-12 00:03 - 00000000 ___RD () C:\Users\TEMP.Elias-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-17 13:28 - 2014-06-23 10:17 - 00000000 ___RD () C:\Users\TEMP.Elias-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-17 13:28 - 2013-08-21 12:51 - 00002249 _____ () C:\Users\TEMP.Elias-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-10-17 13:28 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\TEMP.Elias-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-17 13:28 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\TEMP.Elias-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-17 13:16 - 2014-10-17 13:28 - 00000000 ____D () C:\Users\TEMP
2014-10-17 13:11 - 2014-10-17 13:11 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Elias\Downloads\tdsskiller.exe
2014-10-16 20:44 - 2014-10-16 20:44 - 00380416 _____ () C:\Users\Elias\Downloads\Gmer-19357 (1).exe
2014-10-16 20:38 - 2014-10-16 20:39 - 00042810 _____ () C:\Users\Elias\Downloads\FRST.txt
2014-10-16 20:38 - 2014-10-16 20:39 - 00035637 _____ () C:\Users\Elias\Downloads\Addition.txt
2014-10-16 20:37 - 2014-10-19 09:44 - 00000000 ____D () C:\FRST
2014-10-16 20:36 - 2014-10-16 20:36 - 02112000 _____ (Farbar) C:\Users\Elias\Desktop\FRST64.exe
2014-10-16 20:35 - 2014-10-16 20:35 - 00000472 _____ () C:\Users\Elias\Downloads\defogger_disable.log
2014-10-16 20:35 - 2014-10-16 20:35 - 00000000 _____ () C:\Users\Elias\defogger_reenable
2014-10-16 20:33 - 2014-10-16 20:33 - 00050477 _____ () C:\Users\Elias\Downloads\Defogger.exe
2014-10-16 19:27 - 2014-10-16 19:27 - 00449032 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-16 17:11 - 2014-09-30 00:49 - 00705480 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-10-16 17:11 - 2014-09-30 00:49 - 00104904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-16 17:01 - 2014-10-16 17:01 - 04714656 _____ (Avira Operations GmbH & Co. KG) C:\Users\Elias\Downloads\avira_de_av___ws.exe
2014-10-16 13:49 - 2014-07-12 06:41 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\KBDRUM.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRUM.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-16 13:49 - 2014-07-12 06:15 - 00006144 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-16 13:49 - 2014-07-12 02:02 - 00478352 _____ () C:\windows\SysWOW64\locale.nls
2014-10-16 13:49 - 2014-07-12 02:00 - 00478352 _____ () C:\windows\system32\locale.nls
2014-10-16 13:49 - 2014-07-09 00:33 - 00181248 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe
2014-10-16 13:49 - 2014-07-09 00:32 - 01539584 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2014-10-16 13:49 - 2014-07-09 00:32 - 00340480 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2014-10-16 13:49 - 2014-07-09 00:30 - 01220608 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2014-10-16 13:49 - 2014-07-07 07:52 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2014-10-16 13:49 - 2014-07-07 07:52 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2014-10-16 13:49 - 2014-07-04 12:52 - 00328000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-10-16 13:49 - 2014-07-03 03:59 - 01824784 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-10-16 13:49 - 2014-07-03 02:30 - 01408952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-10-16 13:49 - 2014-06-28 09:01 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2014-10-16 13:49 - 2014-06-28 08:57 - 00209920 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-10-16 13:49 - 2014-06-28 08:56 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2014-10-16 13:49 - 2014-06-25 09:09 - 00733184 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2014-10-16 13:49 - 2014-06-25 09:07 - 01023488 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-10-16 13:49 - 2014-06-18 01:27 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-10-16 13:49 - 2014-06-18 01:23 - 02238464 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-10-16 13:49 - 2014-06-11 16:47 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-10-16 13:49 - 2014-06-11 06:40 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-10-16 13:49 - 2014-06-11 00:44 - 01403896 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-10-16 13:49 - 2014-05-30 01:31 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-10-16 13:49 - 2014-05-30 01:03 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-10-16 13:49 - 2014-02-04 12:57 - 01271664 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-16 13:48 - 2014-10-10 06:47 - 00693248 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-16 13:48 - 2014-10-10 06:47 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-16 13:48 - 2014-10-08 06:26 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-16 13:48 - 2014-09-13 07:29 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-16 13:48 - 2014-09-13 06:02 - 00068096 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-16 13:48 - 2014-09-03 04:48 - 00510464 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-16 13:48 - 2014-09-03 04:21 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-16 13:48 - 2014-08-02 00:08 - 00388729 _____ () C:\windows\system32\ApnDatabase.xml
2014-10-16 13:48 - 2014-07-24 15:50 - 00447296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-10-16 13:48 - 2014-07-17 01:28 - 00027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2014-10-16 13:48 - 2014-07-17 00:59 - 00305664 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2014-10-16 13:48 - 2014-07-17 00:59 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2014-10-16 13:48 - 2014-07-12 08:45 - 01549824 _____ (Microsoft Corporation) C:\windows\system32\msdtctm.dll
2014-10-16 13:48 - 2014-07-12 06:36 - 00674304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-10-16 13:48 - 2014-07-12 06:36 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-10-16 13:48 - 2014-07-12 06:34 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-10-16 13:48 - 2014-07-12 06:34 - 00250368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-10-16 13:48 - 2014-07-07 07:53 - 01125376 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-16 13:48 - 2014-07-07 07:52 - 03248128 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-16 13:48 - 2014-07-07 07:52 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-16 13:48 - 2014-07-07 07:52 - 00300544 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-16 13:48 - 2014-07-07 07:51 - 05982208 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-16 13:48 - 2014-07-07 06:01 - 01049600 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-16 13:48 - 2014-07-07 06:01 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-16 13:48 - 2014-07-07 06:00 - 05095424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-16 13:48 - 2014-07-07 05:59 - 00269312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-16 13:48 - 2014-06-28 08:57 - 01341952 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2014-10-16 13:48 - 2014-06-28 04:23 - 01126400 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2014-10-16 13:47 - 2014-09-28 06:18 - 04068352 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-16 13:47 - 2014-09-20 07:18 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-16 13:47 - 2014-09-20 07:17 - 02236928 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 01407488 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 19280896 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 15399424 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 02655232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-16 13:47 - 2014-09-20 07:15 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-16 13:47 - 2014-09-20 07:15 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-16 13:47 - 2014-09-20 07:15 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 13757952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 02861568 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 02055168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 01762816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 01180672 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-16 13:47 - 2014-09-20 05:56 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-16 13:47 - 2014-09-20 05:56 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-16 13:47 - 2014-09-20 05:56 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-16 13:47 - 2014-09-20 05:38 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-16 13:47 - 2014-09-20 05:33 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-16 13:47 - 2014-09-20 03:06 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-10-16 13:47 - 2014-09-18 01:24 - 02416128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-16 13:47 - 2014-09-18 00:56 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-16 13:47 - 2014-08-30 07:48 - 10115072 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-10-16 13:47 - 2014-08-30 07:46 - 02306560 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-10-16 13:47 - 2014-08-30 06:05 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-10-16 13:47 - 2014-08-30 06:03 - 02037760 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-10-16 13:47 - 2014-06-13 01:34 - 00754176 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-10-16 13:47 - 2014-06-13 01:29 - 02146304 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-10-15 22:59 - 2014-10-17 19:36 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-10-15 22:45 - 2014-10-15 22:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Elias\Downloads\mbam-setup-2.0.3.1025.exe
2014-09-25 20:35 - 2014-08-21 01:40 - 00732880 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-09-25 20:35 - 2014-08-20 19:05 - 00694784 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-09-25 20:35 - 2014-08-20 19:05 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2014-09-25 20:35 - 2014-08-20 19:05 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 20:35 - 2014-08-20 19:02 - 00567808 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-09-25 20:35 - 2014-08-20 19:02 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 20:35 - 2014-06-24 09:35 - 00010450 _____ () C:\windows\system32\autoconfig.cab
2014-09-25 20:35 - 2014-06-24 08:40 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2014-09-24 17:19 - 2014-10-18 13:26 - 00000000 ___HD () C:\$Windows.~BT
2014-09-23 14:32 - 2014-08-09 10:30 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2014-09-23 14:32 - 2014-08-09 10:29 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2014-09-20 14:44 - 2014-08-28 13:34 - 00059400 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-09-20 14:44 - 2014-08-28 08:05 - 00630272 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-09-20 14:44 - 2014-08-28 08:05 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-09-20 14:44 - 2014-08-28 08:05 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 03285504 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 01623552 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll
2014-09-20 14:44 - 2014-08-01 01:40 - 01287680 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-09-20 14:44 - 2014-06-05 03:12 - 00678600 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2014-09-20 14:44 - 2014-06-04 01:12 - 00536776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2014-09-20 14:43 - 2014-08-28 08:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-09-20 14:43 - 2014-08-28 08:02 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-09-20 14:42 - 2014-07-24 05:33 - 00875688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2014-09-20 14:42 - 2014-07-24 05:33 - 00869544 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-19 09:43 - 2014-02-18 21:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-10-19 09:42 - 2012-09-10 13:53 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-10-19 09:09 - 2012-12-21 16:10 - 00001126 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-19 09:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-10-19 08:54 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\Registration
2014-10-19 05:50 - 2012-09-10 12:50 - 01928551 _____ () C:\windows\WindowsUpdate.log
2014-10-19 05:46 - 2012-12-18 20:14 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3777642976-2438380877-1723110391-1002
2014-10-19 05:40 - 2012-09-10 13:47 - 00000000 ____D () C:\ProgramData\WinClon
2014-10-19 05:37 - 2012-12-21 16:10 - 00001122 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-18 13:40 - 2012-07-26 09:21 - 00552778 _____ () C:\windows\setupact.log
2014-10-18 13:40 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-10-18 13:38 - 2012-07-26 10:13 - 00004081 _____ () C:\windows\DtcInstall.log
2014-10-18 13:02 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-10-17 15:01 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-10-17 13:26 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-16 20:49 - 2013-01-06 23:19 - 00000000 ____D () C:\Users\Elias\AppData\Local\CrashDumps
2014-10-16 20:35 - 2012-12-18 20:05 - 00000000 ____D () C:\Users\Elias
2014-10-16 19:27 - 2012-08-05 23:07 - 02609624 _____ () C:\windows\PFRO.log
2014-10-16 17:08 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-10-16 17:06 - 2014-07-12 00:03 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-16 17:06 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-16 17:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-10-16 15:20 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-10-16 15:17 - 2013-08-02 13:23 - 00000000 ____D () C:\windows\system32\MRT
2014-10-16 15:13 - 2012-12-19 19:14 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-14 12:36 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-10-13 22:32 - 2013-01-11 22:17 - 00000000 ____D () C:\Users\Elias\AppData\Roaming\CyberLink
2014-10-13 22:07 - 2012-09-10 16:51 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-10-13 22:07 - 2012-09-10 16:51 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-10-13 22:07 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-23 03:51 - 2013-08-21 12:37 - 00000000 ____D () C:\Program Files\Microsoft Office 15
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-15 15:02
==================== End Of Log ============================
--- --- --- |
|
20.10.2014, 00:45
| #7 | |
| Ruhe in Frieden † 2019 | Windows 8: langsames Internet und Umleitungen auf Werbeseiten Hallo, Zitat:
Schritt 1 Es klingt sehr danach, dass du ein paar Cookies von diesen Webseiten bekommen hast. Folge bitte dieser Anleitung lösche die Cookies und deaktiviere sie und teste danach ob es besser ist Schritt 2 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 3 Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern  ESET Online Scanner
Schritt 4 Starte noch einmal FRST.
|
|
20.10.2014, 14:54
| #8 |
| | Windows 8: langsames Internet und Umleitungen auf Werbeseiten Hallo. Ich habe die Cookies entfernt und deaktiviert, jedoch hat das nicht geholfen. Fixlog.txt Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-10-2014
Ran by Elias at 2014-10-20 13:30:24 Run:2
Running from C:\Users\Elias\Desktop
Loaded Profiles: UpdatusUser & Elias (Available profiles: UpdatusUser & Elias)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
emptytemp:
*****************
EmptyTemp: => Removed 170.5 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=7964102df17f9042b44cc96d54d64272
# engine=20685
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-10-20 01:15:50
# local_time=2014-10-20 03:15:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 6170 45285372 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 10299497 22169670 0 0
# scanned=247541
# found=1
# cleaned=0
# scan_time=5151
sh=88B5EAB437C8875F4A7874455F3D72AAF066AC62 ft=1 fh=c71c0011e8464a4f vn="Variante von Win32/InstallCore.JW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Elias\Downloads\COMPUTER_BILD-Download-Manager_fuer_Norton_Removal_Tool.exe"
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-10-2014
Ran by Elias (administrator) on ELIAS-PC on 20-10-2014 15:29:46
Running from C:\Users\Elias\Desktop
Loaded Profiles: UpdatusUser & Elias (Available profiles: UpdatusUser & Elias)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
() C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\e4e6f6daeab33b577e75eac9fa527eeb\windowsstoresetupbox.exe
(Microsoft Corporation) C:\$Windows.~BT\Sources\SetupHost.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe
(Microsoft Corporation) C:\$Windows.~BT\Scratch\180B55C0-36D3-4503-B60D-5A520D5BE0BA\DismHost.exe
(Microsoft Corporation) C:\$Windows.~BT\Scratch\57643C7A-BCDB-44F7-9F3B-D7738E9AA9BF\DismHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3777642976-2438380877-1723110391-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1939136 2014-08-28] (Valve Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - {29B1A520-C273-44ED-A82A-DB524E785CA0} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Elias\AppData\Roaming\Mozilla\Firefox\Profiles\cyltjadc.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-02-18]
Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR Profile: C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-21]
CHR Extension: (Google-Suche) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-21]
CHR Extension: (AdBlock) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-12]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-02-18]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-02-18]
CHR Extension: (Virtual Keyboard) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-02-18]
CHR Extension: (Google Wallet) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Google Mail) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-21]
CHR Extension: (Anti-Banner) - C:\Users\Elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-02-18]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-18] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-02-18] (Kaspersky Lab)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-26] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-26] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-03-26] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-02-18] (Kaspersky Lab ZAO)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-09-15] (Windows (R) 2003 DDK 3790 provider)
S3 SBIOSIO; \??\C:\windiag\SBIOSIO64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-20 15:29 - 2014-10-20 15:30 - 00020520 _____ () C:\Users\Elias\Desktop\FRST.txt
2014-10-20 13:44 - 2014-10-20 13:44 - 02347384 _____ (ESET) C:\Users\Elias\Downloads\esetsmartinstaller_deu.exe
2014-10-20 13:33 - 2014-10-20 13:33 - 00000000 ___RD () C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-10-20 13:30 - 2014-10-20 13:30 - 00000000 ____D () C:\Users\Elias\Desktop\FRST-OlderVersion
2014-10-18 13:33 - 2014-10-19 13:56 - 00003131 _____ () C:\windows\comsetup.log
2014-10-18 13:24 - 2014-10-20 15:28 - 00066678 _____ () C:\windows\diagwrn.xml
2014-10-18 13:24 - 2014-10-20 15:28 - 00066678 _____ () C:\windows\diagerr.xml
2014-10-17 19:36 - 2014-10-19 08:59 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-17 19:36 - 2014-10-17 19:36 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-17 19:36 - 2014-10-17 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-10-17 19:36 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-17 19:36 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-10-17 19:36 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-10-17 13:16 - 2014-10-17 13:28 - 00000000 ____D () C:\Users\TEMP
2014-10-17 13:11 - 2014-10-17 13:11 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Elias\Downloads\tdsskiller.exe
2014-10-16 20:44 - 2014-10-16 20:44 - 00380416 _____ () C:\Users\Elias\Downloads\Gmer-19357 (1).exe
2014-10-16 20:38 - 2014-10-16 20:39 - 00042810 _____ () C:\Users\Elias\Downloads\FRST.txt
2014-10-16 20:38 - 2014-10-16 20:39 - 00035637 _____ () C:\Users\Elias\Downloads\Addition.txt
2014-10-16 20:37 - 2014-10-20 15:29 - 00000000 ____D () C:\FRST
2014-10-16 20:36 - 2014-10-20 13:30 - 02111488 _____ (Farbar) C:\Users\Elias\Desktop\FRST64.exe
2014-10-16 20:35 - 2014-10-16 20:35 - 00000472 _____ () C:\Users\Elias\Downloads\defogger_disable.log
2014-10-16 20:35 - 2014-10-16 20:35 - 00000000 _____ () C:\Users\Elias\defogger_reenable
2014-10-16 20:33 - 2014-10-16 20:33 - 00050477 _____ () C:\Users\Elias\Downloads\Defogger.exe
2014-10-16 19:27 - 2014-10-16 19:27 - 00449032 _____ () C:\windows\system32\FNTCACHE.DAT
2014-10-16 17:11 - 2014-09-30 00:49 - 00705480 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-10-16 17:11 - 2014-09-30 00:49 - 00104904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-16 17:01 - 2014-10-16 17:01 - 04714656 _____ (Avira Operations GmbH & Co. KG) C:\Users\Elias\Downloads\avira_de_av___ws.exe
2014-10-16 13:49 - 2014-07-12 06:41 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\KBDRUM.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-10-16 13:49 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRUM.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-10-16 13:49 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-10-16 13:49 - 2014-07-12 06:15 - 00006144 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-10-16 13:49 - 2014-07-12 02:02 - 00478352 _____ () C:\windows\SysWOW64\locale.nls
2014-10-16 13:49 - 2014-07-12 02:00 - 00478352 _____ () C:\windows\system32\locale.nls
2014-10-16 13:49 - 2014-07-09 00:33 - 00181248 _____ (Microsoft Corp.) C:\windows\system32\Defrag.exe
2014-10-16 13:49 - 2014-07-09 00:32 - 01539584 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2014-10-16 13:49 - 2014-07-09 00:32 - 00340480 _____ (Microsoft Corporation) C:\windows\system32\defragsvc.dll
2014-10-16 13:49 - 2014-07-09 00:30 - 01220608 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2014-10-16 13:49 - 2014-07-07 07:52 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2014-10-16 13:49 - 2014-07-07 07:52 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2014-10-16 13:49 - 2014-07-04 12:52 - 00328000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2014-10-16 13:49 - 2014-07-03 03:59 - 01824784 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-10-16 13:49 - 2014-07-03 02:30 - 01408952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-10-16 13:49 - 2014-06-28 09:01 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2014-10-16 13:49 - 2014-06-28 08:57 - 00209920 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2014-10-16 13:49 - 2014-06-28 08:56 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2014-10-16 13:49 - 2014-06-25 09:09 - 00733184 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2014-10-16 13:49 - 2014-06-25 09:07 - 01023488 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-10-16 13:49 - 2014-06-18 01:27 - 02032640 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-10-16 13:49 - 2014-06-18 01:23 - 02238464 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-10-16 13:49 - 2014-06-11 16:47 - 02842112 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2014-10-16 13:49 - 2014-06-11 06:40 - 02620928 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2014-10-16 13:49 - 2014-06-11 00:44 - 01403896 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2014-10-16 13:49 - 2014-05-30 01:31 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-10-16 13:49 - 2014-05-30 01:03 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-10-16 13:49 - 2014-02-04 12:57 - 01271664 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2014-10-16 13:48 - 2014-10-10 06:47 - 00693248 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-10-16 13:48 - 2014-10-10 06:47 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-10-16 13:48 - 2014-10-08 06:26 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-10-16 13:48 - 2014-09-13 07:29 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-10-16 13:48 - 2014-09-13 06:02 - 00068096 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-10-16 13:48 - 2014-09-03 04:48 - 00510464 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2014-10-16 13:48 - 2014-09-03 04:21 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2014-10-16 13:48 - 2014-08-02 00:08 - 00388729 _____ () C:\windows\system32\ApnDatabase.xml
2014-10-16 13:48 - 2014-07-24 15:50 - 00447296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-10-16 13:48 - 2014-07-17 01:28 - 00027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2014-10-16 13:48 - 2014-07-17 00:59 - 00305664 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2014-10-16 13:48 - 2014-07-17 00:59 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2014-10-16 13:48 - 2014-07-12 08:45 - 01549824 _____ (Microsoft Corporation) C:\windows\system32\msdtctm.dll
2014-10-16 13:48 - 2014-07-12 06:36 - 00674304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-10-16 13:48 - 2014-07-12 06:36 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2014-10-16 13:48 - 2014-07-12 06:34 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2014-10-16 13:48 - 2014-07-12 06:34 - 00250368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2014-10-16 13:48 - 2014-07-07 07:53 - 01125376 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2014-10-16 13:48 - 2014-07-07 07:52 - 03248128 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-10-16 13:48 - 2014-07-07 07:52 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-10-16 13:48 - 2014-07-07 07:52 - 00300544 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2014-10-16 13:48 - 2014-07-07 07:51 - 05982208 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-10-16 13:48 - 2014-07-07 06:01 - 01049600 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2014-10-16 13:48 - 2014-07-07 06:01 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2014-10-16 13:48 - 2014-07-07 06:00 - 05095424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-10-16 13:48 - 2014-07-07 05:59 - 00269312 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-10-16 13:48 - 2014-06-28 08:57 - 01341952 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2014-10-16 13:48 - 2014-06-28 04:23 - 01126400 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2014-10-16 13:47 - 2014-09-28 06:18 - 04068352 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-10-16 13:47 - 2014-09-20 07:18 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-10-16 13:47 - 2014-09-20 07:17 - 02236928 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 01407488 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-10-16 13:47 - 2014-09-20 07:17 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 19280896 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 15399424 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 02655232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-10-16 13:47 - 2014-09-20 07:16 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-10-16 13:47 - 2014-09-20 07:15 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-10-16 13:47 - 2014-09-20 07:15 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-10-16 13:47 - 2014-09-20 07:15 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 13757952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 02861568 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 02055168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 01762816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 01180672 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-10-16 13:47 - 2014-09-20 05:57 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-10-16 13:47 - 2014-09-20 05:56 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-10-16 13:47 - 2014-09-20 05:56 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-10-16 13:47 - 2014-09-20 05:56 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-10-16 13:47 - 2014-09-20 05:38 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-10-16 13:47 - 2014-09-20 05:33 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-10-16 13:47 - 2014-09-20 03:06 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-10-16 13:47 - 2014-09-18 01:24 - 02416128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-10-16 13:47 - 2014-09-18 00:56 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-10-16 13:47 - 2014-08-30 07:48 - 10115072 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-10-16 13:47 - 2014-08-30 07:46 - 02306560 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-10-16 13:47 - 2014-08-30 06:05 - 08858112 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-10-16 13:47 - 2014-08-30 06:03 - 02037760 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-10-16 13:47 - 2014-06-13 01:34 - 00754176 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-10-16 13:47 - 2014-06-13 01:29 - 02146304 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-10-15 22:59 - 2014-10-17 19:36 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-10-15 22:45 - 2014-10-15 22:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Elias\Downloads\mbam-setup-2.0.3.1025.exe
2014-09-25 20:35 - 2014-08-21 01:40 - 00732880 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-09-25 20:35 - 2014-08-20 19:05 - 00694784 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-09-25 20:35 - 2014-08-20 19:05 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2014-09-25 20:35 - 2014-08-20 19:05 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 20:35 - 2014-08-20 19:02 - 00567808 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-09-25 20:35 - 2014-08-20 19:02 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-25 20:35 - 2014-06-24 09:35 - 00010450 _____ () C:\windows\system32\autoconfig.cab
2014-09-25 20:35 - 2014-06-24 08:40 - 00125952 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2014-09-24 17:19 - 2014-10-20 15:28 - 00000000 ___HD () C:\$Windows.~BT
2014-09-23 14:32 - 2014-08-09 10:30 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2014-09-23 14:32 - 2014-08-09 10:29 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2014-09-20 14:44 - 2014-08-28 13:34 - 00059400 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-09-20 14:44 - 2014-08-28 08:05 - 00630272 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-09-20 14:44 - 2014-08-28 08:05 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-09-20 14:44 - 2014-08-28 08:05 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 03285504 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 01623552 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-09-20 14:44 - 2014-08-28 08:01 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll
2014-09-20 14:44 - 2014-08-01 01:40 - 01287680 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2014-09-20 14:44 - 2014-06-05 03:12 - 00678600 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2014-09-20 14:44 - 2014-06-04 01:12 - 00536776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2014-09-20 14:43 - 2014-08-28 08:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-09-20 14:43 - 2014-08-28 08:02 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-09-20 14:42 - 2014-07-24 05:33 - 00875688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2014-09-20 14:42 - 2014-07-24 05:33 - 00869544 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-20 15:28 - 2012-07-26 09:21 - 01075221 _____ () C:\windows\setupact.log
2014-10-20 15:24 - 2012-09-10 12:50 - 01089792 _____ () C:\windows\WindowsUpdate.log
2014-10-20 15:21 - 2014-02-18 21:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-10-20 15:09 - 2012-12-21 16:10 - 00001126 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-20 15:02 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-10-20 14:42 - 2012-09-10 13:53 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-10-20 14:09 - 2012-12-21 16:10 - 00001122 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-20 13:38 - 2012-12-18 20:14 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3777642976-2438380877-1723110391-1002
2014-10-20 13:37 - 2012-09-10 13:47 - 00000000 ____D () C:\ProgramData\WinClon
2014-10-20 13:32 - 2012-08-05 23:07 - 02612758 _____ () C:\windows\PFRO.log
2014-10-20 13:32 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-20 13:30 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\Registration
2014-10-19 14:00 - 2012-07-26 10:13 - 00004793 _____ () C:\windows\DtcInstall.log
2014-10-18 13:40 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-10-18 13:02 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-10-17 15:01 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-10-16 20:49 - 2013-01-06 23:19 - 00000000 ____D () C:\Users\Elias\AppData\Local\CrashDumps
2014-10-16 20:35 - 2012-12-18 20:05 - 00000000 ____D () C:\Users\Elias
2014-10-16 17:08 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-10-16 17:06 - 2014-07-12 00:03 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-10-16 17:06 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-16 17:05 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-10-16 15:20 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-10-16 15:17 - 2013-08-02 13:23 - 00000000 ____D () C:\windows\system32\MRT
2014-10-16 15:13 - 2012-12-19 19:14 - 103265616 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-10-14 12:36 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-10-13 22:32 - 2013-01-11 22:17 - 00000000 ____D () C:\Users\Elias\AppData\Roaming\CyberLink
2014-10-13 22:07 - 2012-09-10 16:51 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-10-13 22:07 - 2012-09-10 16:51 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-10-13 22:07 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-23 03:51 - 2013-08-21 12:37 - 00000000 ____D () C:\Program Files\Microsoft Office 15
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-15 15:02
==================== End Of Log ============================
--- --- --- |
|
20.10.2014, 22:15
| #9 |
| Ruhe in Frieden † 2019 | Windows 8: langsames Internet und Umleitungen auf Werbeseiten Hallo, da seh ich so nichts Malwaremässiges. ESET hat nur einen Installer von Chip gefunden, lad dir Programme lieber direkt beim Hersteller herunter und nicht bei Chip oder gar Softonic. Probiere mal, ob es mit einem adblocker besser ist. Ich empfehle Adblockplus, auch kannst du NoScript ausprobieren. Wir räumen hier eben schnell auf. Schritt 1 Falls Du Malwarebytes-Antimalware und den ESET-Onlinescan nicht mehr benötigst, kannst Du beide Programme einfach über die Programmdeinstallation deinstallieren. Ich empfehle Dir aber zumindest Malwarebytes zu behalten, und damit einmal die Woche einen Kontrollscan zu machen. Schritt 2 Downloade dir bitte delfix auf deinen Desktop.
Updates / Programme aktualisieren
Java ist eine große Sicherheitslücke auf deinem System, es werden immer wieder neue Schwachstellen entdeckt, die ausgenutzt werden um Rechner zu infizieren. Sofern du Java nicht zwingend benötigst, solltest du es komplett deinstallieren. Windows XP Gehe auf: Start --> Systemsteuerung --> Software --> Javaversionen auswählen --> entfernen Windows Vista Gehe auf: Start --> Systemsteuerung -- > Programme --> Programme deinstallieren --> Javaversionen suchen --> entfernen Windows 7 Dazu gehe auf: den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Javaversionen auswählen --> entfernen Windows 8 Dazu drücke auf: Windowstaste und X dann: Programme und Funktionen -->Javaversionen auswählen --> entfernen Falls du Java doch unbedingt benötigst, dann
und sorge dafür, dass Java automatisch updated. Dazu:
Hier findest du eine Anleitung dazu. Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems. Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür
Aktualität des Systems Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.
Antivirensoftware
Zusätzlicher Schutz
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Systemleistung Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu die Datenträgerbereinigung von Windows. Windows Vista
Windows 7
Windows 8
Halte dich fern von jeglichen Registry Cleanern. Diese schaden deinem System mehr als dass sie es schneller machen. Verhaltensregeln zum sichereren Surfen
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind. Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun. Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun. |
|
21.10.2014, 13:52
| #10 |
| | Windows 8: langsames Internet und Umleitungen auf Werbeseiten Hallo! Schön zu hören dass mein PC doch nicht infiziert ist. Ich habe deine Schritte befolgt und will mich zum Ende recht herzlich für deine Hilfe bedanken!!! Helios |
|
21.10.2014, 23:10
| #11 |
| Ruhe in Frieden † 2019 | Windows 8: langsames Internet und Umleitungen auf Werbeseiten Hallo, gern geschehen. Somit ist dieses Thema erledigt, falls du noch Fragen haben solltest oder es Probleme gibt, so schicke mir bitte eine PN Jeder andere bitte hier klicken und einen eigenen Thread erstellen |
|
| Themen zu Windows 8: langsames Internet und Umleitungen auf Werbeseiten |
| adware, bestimmte seiten, cpu, ebanking, fehlercode 0x40000015, fehlercode 0xc0000005, fehlercode 70, iexplore.exe, installation, internet langsam, kaspersky, mozilla, office 365, problem, programm, realtek, registry, security, software, svchost.exe, system, umleitung auf andere seiten, warnung, win32/installcore.jw, windows, windowsapps |
Linear-Darstellung
