| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Telekom Abuse Team warnt vor Bedrohung.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.12.2014, 15:44
| #1 | |
| |  Telekom Abuse Team warnt vor Bedrohung. Hallo Trojaner Board, ich habe eine E-Mail der Telekom erhalten, in der auf einen potenziellen Trojanerbefall von mindestens einem Rechner im Netz gesprochen wird. Zitat:
In meinem Haushalt befinden sich derzeit 2 Windows-Rechner, sowie 2 Mac-Books am Netzwerk. Zusätzlich ist das ganze über einen NAS zum Datenaustausch verkoppelt. Ich hoffe jemand von euch kann mir Helfen  Freundliche Grüße |
|
28.12.2014, 16:23
| #2 |
| /// the machine /// TB-Ausbilder    | Telekom Abuse Team warnt vor Bedrohung. hi,
__________________von den Windows Rechnern: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
28.12.2014, 16:50
| #3 |
| | Telekom Abuse Team warnt vor Bedrohung. Schon mal Danke für die Hilfe, habe jetzt auf beiden PCs die Programme laufen lassen.
__________________PC 1: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Pascal (administrator) on PASCALS-PC on 28-12-2014 16:41:03
Running from C:\Users\Pascal\Downloads
Loaded Profile: Pascal (Available profiles: Pascal)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) E:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(BUFFALO INC.) E:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) E:\Program Files\Windows Media Player\wmpnetwk.exe
(Apple Inc.) E:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) E:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(IvoSoft) E:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Valve Corporation) E:\Program Files (x86)\Steam\Steam.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) E:\Program Files (x86)\Battle.net\Battle.net.5383\Battle.net.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer Inc.) E:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) E:\Program Files (x86)\Common Files\Steam\SteamService.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) E:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Pascal\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Oracle Corporation) E:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Skype Technologies S.A.) E:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies) E:\Program Files (x86)\Skype\Updater\Updater.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => E:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [APSDaemon] => E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => E:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => E:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [1941696 2014-12-20] (Valve Corporation)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Battle.net] => E:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2864688 2014-12-10] (Blizzard Entertainment)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [EADM] => E:\Program Files (x86)\Origin\Origin.exe [3618648 2014-11-26] (Electronic Arts)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Skype] => E:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [GoogleChromeAutoLaunch_1BB0B968DB2E1DD5640AAF2B69FD58ED] => E:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
AppInit_DLLs: E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1317152 2013-12-16] (Conduit)
AppInit_DLLs-x32: E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1009440 2013-12-16] (Conduit)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ESO Survey Live.lnk
ShortcutTarget: ESO Survey Live.lnk -> E:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe ()
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> E:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (Buffalo Inc.)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk
ShortcutTarget: NAS Scheduler.lnk -> E:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> E:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1010802133-681624663-1200860190-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1010802133-681624663-1200860190-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP458F5A41-0949-48B7-95C9-4438B8D5A1CF&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1010802133-681624663-1200860190-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: No Name -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\Program Files\Classic Shell\ClassicIEDLL_32.dll No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
Toolbar: HKLM-x32 - No Name - {553891B7-A0D5-4526-BE18-D3CE461D6310} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\9ir82fto.default
FF DefaultSearchEngine: Microsoft (Bing)
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> E:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> E:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> E:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> E:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.11.2 -> E:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.11.2 -> E:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> E:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> E:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> E:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1010802133-681624663-1200860190-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pascal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1010802133-681624663-1200860190-1001: ubisoft.com/uplaypc -> E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\9ir82fto.default\searchplugins\bing-avast.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - E:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - E:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-20]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-31]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-31]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-31]
CHR Extension: (ZenMate) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-12-09]
CHR Extension: (Twitch Live) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2014-08-30]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2014-07-07]
CHR Extension: (Google Wallet) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-31]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-31]
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-29]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-29]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-29]
CHR Extension: (avast! Online Security) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-29]
CHR Extension: (Google Wallet) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-29]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device; E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-06-12] (Apple Inc.)
R2 avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-09] (AVAST Software)
R2 Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
S3 DAUpdaterSvc; E:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-07-19] (BioWare)
R2 GfExperienceService; E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 gupdate; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-10-20] (Google Inc.)
S3 gupdatem; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-10-20] (Google Inc.)
R3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [641352 2014-08-01] (Apple Inc.)
S3 MozillaMaintenance; E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [118896 2014-02-13] (Mozilla Foundation)
R2 NasPmService; E:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251760 2012-03-29] (BUFFALO INC.)
R2 NvNetworkService; E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-26] (Electronic Arts)
S3 ose; E:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
R3 osppsvc; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-08-15] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-08-12] ()
R2 Razer Game Scanner Service; E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-31] ()
R2 SkypeUpdate; E:\Program Files (x86)\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
R3 Steam Client Service; E:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-12-20] (Valve Corporation)
R2 Stereo Service; E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [410768 2014-12-13] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-09] ()
S3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [37888 2014-09-02] (LogMeIn Inc.) [File not signed]
R3 NvStreamKms; E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-09-05] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-10-31] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-28 16:41 - 2014-12-28 16:41 - 00024387 _____ () C:\Users\Pascal\Downloads\FRST.txt
2014-12-28 16:41 - 2014-12-28 16:41 - 00000000 ____D () C:\FRST
2014-12-28 16:29 - 2014-12-28 16:29 - 02123264 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64.exe
2014-12-28 01:34 - 2014-12-28 16:40 - 00000000 ____D () E:\Program Files (x86)\Mod Organizer
2014-12-28 01:34 - 2014-12-28 01:34 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mod Organizer
2014-12-27 19:52 - 2014-12-27 19:52 - 00002032 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-12-27 19:52 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-12-27 19:51 - 2014-12-27 19:52 - 00000000 ____D () C:\WINDOWS\LastGood
2014-12-27 19:51 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-27 19:51 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00834880 _____ () C:\WINDOWS\system32\nvmcumd.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-12-27 19:51 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-12-27 19:51 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-12-27 19:51 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2014-12-27 04:12 - 2014-12-27 18:55 - 00000000 ____D () C:\ENB FXAA SweetFX Manager
2014-12-26 02:06 - 2014-12-27 21:03 - 00000000 ____D () C:\Users\Pascal\Downloads\Skyrim
2014-12-26 01:33 - 2014-12-26 01:34 - 18816637 _____ () C:\Users\Pascal\Desktop\Mod Organizer v1_2_14 installer-1334-1-2-14.exe
2014-12-25 23:00 - 2014-12-25 23:00 - 00012678 _____ () C:\Users\Pascal\Desktop\Mods.csv
2014-12-25 18:22 - 2014-12-25 18:22 - 00000000 ____D () C:\Users\Pascal\AppData\Local\RzStats
2014-12-24 16:10 - 2014-12-24 16:10 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-12-24 16:10 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-24 16:10 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-24 01:20 - 2014-11-17 22:37 - 00129600 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2014-12-24 01:19 - 2014-12-24 01:19 - 00068072 _____ () C:\WINDOWS\DPINST.LOG
2014-12-24 01:19 - 2014-10-31 23:27 - 00037184 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2014-12-12 15:47 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-12 15:47 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-10 23:18 - 2014-12-10 23:18 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-10 16:02 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 16:02 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 16:02 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 16:02 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 15:56 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 15:56 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 15:56 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 15:56 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 15:56 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 15:56 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 15:56 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 15:56 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 15:56 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 15:56 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 15:56 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 15:56 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 15:56 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 15:56 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 15:56 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 15:56 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 15:56 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 15:56 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 15:56 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 15:56 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 15:56 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 15:56 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 15:56 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 15:56 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 15:56 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 15:56 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 15:56 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 15:56 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 15:56 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 15:56 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 15:56 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 15:56 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 15:56 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 15:56 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 15:56 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 15:56 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 15:56 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 15:56 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 15:56 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 15:55 - 2014-12-04 00:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-10 15:55 - 2014-12-04 00:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-10 15:55 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 15:55 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 15:55 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 15:55 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 15:55 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-04 16:15 - 2014-12-04 16:15 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Risk_of_Rain
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-28 16:41 - 2013-10-20 19:13 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Skype
2014-12-28 16:38 - 2014-03-16 19:13 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\ClassicShell
2014-12-28 16:37 - 2013-10-20 15:26 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Battle.net
2014-12-28 16:35 - 2013-10-20 12:09 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1010802133-681624663-1200860190-1001
2014-12-28 16:21 - 2014-03-31 14:49 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-28 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-28 15:59 - 2014-03-16 16:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-28 15:48 - 2013-10-20 14:21 - 00000000 ____D () E:\Program Files (x86)\Steam
2014-12-28 15:25 - 2014-08-06 00:56 - 01618609 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-28 14:54 - 2013-10-20 14:10 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{61CE681B-6CA3-4450-AB68-D7D283842AA0}
2014-12-28 14:51 - 2014-03-31 14:49 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-28 03:05 - 2014-08-06 15:59 - 00000000 ____D () E:\Program Files (x86)\RivaTuner Statistics Server
2014-12-28 00:34 - 2013-11-05 18:57 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\TS3Client
2014-12-27 19:52 - 2014-08-11 00:05 - 00005484 _____ () C:\WINDOWS\setupact.log
2014-12-27 19:52 - 2014-03-16 16:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-27 19:52 - 2013-10-20 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-27 18:29 - 2014-10-07 18:19 - 00000000 ___RD () E:\Program Files (x86)\Skype
2014-12-27 18:29 - 2013-10-20 19:13 - 00000000 ____D () C:\ProgramData\Skype
2014-12-27 17:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-26 20:33 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-26 20:33 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-26 20:33 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-26 20:27 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-26 02:05 - 2013-10-26 21:17 - 00322560 ___SH () C:\Users\Pascal\Desktop\Thumbs.db
2014-12-26 02:04 - 2014-08-05 22:28 - 00090624 ___SH () C:\Users\Pascal\Downloads\Thumbs.db
2014-12-25 22:43 - 2014-04-06 00:55 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\vlc
2014-12-25 18:15 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-25 17:48 - 2013-08-22 15:44 - 05074848 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-24 14:38 - 2013-12-25 00:59 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Razer
2014-12-24 01:20 - 2013-12-25 00:59 - 00000000 ____D () C:\ProgramData\Razer
2014-12-24 01:19 - 2013-12-25 00:00 - 00000000 ____D () E:\Program Files (x86)\Razer
2014-12-20 02:18 - 2013-11-14 23:22 - 00000000 ____D () E:\Program Files (x86)\StarCraft II
2014-12-19 14:47 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-19 11:48 - 2014-04-19 18:42 - 00000000 ____D () E:\Program Files (x86)\World of Warcraft
2014-12-18 21:34 - 2014-07-06 15:31 - 00000000 ____D () C:\Users\Pascal\.gimp-2.8
2014-12-14 20:14 - 2013-11-24 21:45 - 00000000 ____D () C:\ProgramData\Origin
2014-12-14 18:44 - 2014-11-26 18:53 - 00001205 _____ () C:\Users\Public\Desktop\Dragon Age Inquisition.lnk
2014-12-14 18:37 - 2013-11-24 21:45 - 00000000 ____D () E:\Program Files (x86)\Origin
2014-12-13 11:08 - 2014-11-21 14:18 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-13 11:08 - 2014-06-29 01:26 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-13 11:08 - 2014-03-16 16:58 - 00074056 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-12-13 11:08 - 2014-03-16 16:58 - 00060560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 14128496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 03293136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 00027983 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-12-13 09:03 - 2014-03-16 16:58 - 06859408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 03513488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-12-13 09:03 - 2014-03-16 16:58 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-12-13 01:12 - 2014-06-12 14:34 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-06-12 14:34 - 01291464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-12-13 01:12 - 2013-10-28 16:17 - 02824504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-12-13 01:12 - 2013-10-28 16:17 - 02210040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-12-13 00:11 - 2014-03-16 16:58 - 04151176 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-12-12 17:10 - 2013-10-25 16:19 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-11 19:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-11 14:03 - 2013-10-20 15:26 - 00000000 ____D () E:\Program Files (x86)\Battle.net
2014-12-11 14:02 - 2014-08-14 15:14 - 00044654 _____ () C:\WINDOWS\PFRO.log
2014-12-10 23:18 - 2014-07-09 22:18 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-10 23:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 23:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-10 16:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-10 16:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-10 16:55 - 2013-10-20 14:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 16:55 - 2013-10-20 12:39 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-10 16:52 - 2013-10-20 12:39 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-09 21:02 - 2013-10-20 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-12-09 18:59 - 2014-03-16 16:27 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-09 14:24 - 2014-07-12 16:52 - 00000000 ____D () E:\Program Files (x86)\Diablo III Public Test
2014-12-08 14:02 - 2014-03-20 21:03 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-12-05 20:42 - 2014-04-06 00:55 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\dvdcss
2014-12-04 21:15 - 2014-01-25 15:24 - 00000000 ____D () E:\Program Files (x86)\Hearthstone
Some content of TEMP:
====================
C:\Users\Pascal\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Pascal\AppData\Local\Temp\jre-8u20-windows-au.exe
C:\Users\Pascal\AppData\Local\Temp\jre-8u25-windows-au.exe
C:\Users\Pascal\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Pascal\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Pascal\AppData\Local\Temp\nvStInst.exe
C:\Users\Pascal\AppData\Local\Temp\pyl4699.tmp.exe
C:\Users\Pascal\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pascal\AppData\Local\Temp\sonarinst.exe
C:\Users\Pascal\AppData\Local\Temp\__pythonRunner.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-19 14:47
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Pascal at 2014-12-28 16:41:24
Running from C:\Users\Pascal\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version: - Jagex Limited)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version: - Cold Beam Games)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BRINK (HKLM-x32\...\Steam App 22350) (Version: - Splash Damage)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version: - )
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version: - Techland)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CastleStorm (HKLM-x32\...\Steam App 241410) (Version: - Zen Studios)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Cities in Motion (HKLM-x32\...\Steam App 73010) (Version: - Colossal Order Ltd.)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
CodeBlocks (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version: - Relic)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - bgs.bethsoft.com)
Cyberduck 4.4.5 (14721) (HKLM-x32\...\Cyberduck) (Version: 4.4.5 (14721) - )
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version: - Blizzard Entertainment)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.2.24.20 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.233.190 - Electronic Arts Inc.)
DLC Quest (HKLM-x32\...\Steam App 230050) (Version: - Going Loud Studios)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dragon Age Awakening Redesigned (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Awakening Redesigned) (Version: - )
Dragon Age II (HKLM-x32\...\Steam App 47900) (Version: - BioWare)
Dragon Age Redesigned © Morrigan (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned © Morrigan) (Version: - )
Dragon Age Redesigned- Leliana's Song (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned- Leliana's Song) (Version: - )
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned Oghren©) (Version: - )
Dragon Age Redesigned© Zevran (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Zevran) (Version: - )
Dragon Age Redesigned© (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned©) (Version: - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Leliana) (Version: - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Sten) (Version: - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Wynne) (Version: - )
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.3 - Electronic Arts)
DuckTales Remastered (HKLM-x32\...\Steam App 237630) (Version: - WayForward)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version: - AMPLITUDE Studios)
Endless Space (HKLM-x32\...\Steam App 208140) (Version: - Amplitude Studios)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
ESO Survey Live version 1.4.5 (HKLM-x32\...\17CBAF83-B4D1-41CC-B7DC-BFF1D4B9DDAC-live_is1) (Version: 1.4.5 - Immersyve, Inc.)
EVE Online (HKLM-x32\...\Steam App 8500) (Version: - CCP)
Evolve (HKLM-x32\...\Steam App 273350) (Version: - Turtle Rock Studios)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version: - )
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FIFA 12 (HKLM-x32\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.6.0.0 - Electronic Arts)
FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version: - Black Forest Games)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version: - Robotronic Games)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gunpoint (HKLM-x32\...\Steam App 206190) (Version: - Suspicious Developments)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearts of Iron III (HKLM-x32\...\Steam App 25890) (Version: - Paradox Development Studio)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218011FF}) (Version: 8.0.110 - Oracle Corporation)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Minifigures Online (HKLM-x32\...\LEGO Minifigures Online_is1) (Version: 1.0.0 - Funcom)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games)
MouseCraft (HKLM-x32\...\Steam App 252750) (Version: - Crunching Koalas)
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Firefox 32.0.3 (x86 de) (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.2 - Black Tree Gaming)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version: - Vitali Kirpu)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version: - Uber Entertainment)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.2.0 - Electronic Arts)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version: - Roccat GmbH)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Sanctum (HKLM-x32\...\Steam App 91600) (Version: - Coffee Stain Studios)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
ShootMania Storm (HKLM-x32\...\Steam App 229870) (Version: - Nadeo)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Solar 2 (HKLM-x32\...\Steam App 97000) (Version: - Murudai)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - )
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam Marines (HKLM-x32\...\Steam App 253630) (Version: - )
SteamWorld Dig (HKLM-x32\...\Steam App 252410) (Version: - Image&Form)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version: - Test3 Projects)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Crew (Beta) (HKLM-x32\...\Uplay Install 750) (Version: - Ubisoft)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version: - Bethesda Game Studios®)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Swapper (HKLM-x32\...\Steam App 231160) (Version: - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED)
Thinking with Time Machine (HKLM-x32\...\Steam App 286080) (Version: - Stridemann)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version: - Giant Army)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visitenkarten (HKLM-x32\...\{B3C40846-559F-4334-BAD5-E138F483A5C5}) (Version: - )
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 3.0.4.3 - Wrye & Wrye Bash Development Team)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
27-12-2014 18:19:32 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {31603D6A-F053-4F98-836F-425073C5D8B6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {715327AB-EB6B-49DD-B8C7-2ED805EEF144} - System32\Tasks\avast! Emergency Update => E:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-09] (AVAST Software)
Task: {83214325-2D0C-46EE-933F-0679FAD52A3B} - System32\Tasks\Apple\AppleSoftwareUpdate => E:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8DDC57E8-CFCE-4711-98E3-1F35528EC83C} - System32\Tasks\GoogleUpdateTaskMachineUA => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-20] (Google Inc.)
Task: {9B5AA326-9FC9-49CD-8D15-A3E8C9AC1690} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {B4142FBD-2FAA-49A4-9616-B898AD227D3F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {CC8A2D10-AD23-424F-BAD2-9E2DCFEF69C9} - System32\Tasks\GoogleUpdateTaskMachineCore => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-20] (Google Inc.)
Task: {DA482AF7-E48A-45C4-A620-18B49C75E965} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-05-30 10:32 - 2013-05-30 10:32 - 00034304 _____ () C:\WINDOWS\System32\ssd3clm.dll
2014-08-15 16:48 - 2014-08-15 16:48 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-10-31 23:27 - 2014-10-31 23:27 - 00183488 _____ () E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-03-16 16:58 - 2014-12-13 09:03 - 00117576 _____ () E:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () E:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-03-16 23:35 - 2008-07-11 15:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2014-03-16 23:35 - 2008-07-11 15:03 - 00282112 ____N () C:\Windows\System\HsMgr64.exe
2013-12-17 17:34 - 2014-12-13 01:13 - 00708240 _____ () E:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2013-12-17 17:34 - 2014-12-13 01:13 - 00854160 _____ () E:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-11-20 09:23 - 2014-11-20 09:23 - 00289792 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2014-08-09 21:06 - 2014-08-09 21:06 - 00301152 _____ () E:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-12-26 19:21 - 2014-12-26 19:21 - 02908160 _____ () E:\Program Files\AVAST Software\Avast\defs\14122601\algo.dll
2014-12-27 19:47 - 2014-12-27 19:47 - 02908160 _____ () E:\Program Files\AVAST Software\Avast\defs\14122701\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-03 14:09 - 2014-12-01 22:31 - 02396672 _____ () E:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-03 14:09 - 2014-12-01 22:31 - 00479744 _____ () E:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-03 14:09 - 2014-12-01 22:31 - 00332800 _____ () E:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-03 14:09 - 2014-12-01 22:31 - 00442880 _____ () E:\Program Files (x86)\Steam\libavutil-54.dll
2014-11-13 14:10 - 2014-11-11 19:47 - 00774656 _____ () E:\Program Files (x86)\Steam\SDL2.dll
2014-12-03 14:09 - 2014-12-02 01:29 - 05002752 _____ () E:\Program Files (x86)\Steam\v8.dll
2014-12-21 11:34 - 2014-12-20 00:38 - 02226880 _____ () E:\Program Files (x86)\Steam\video.dll
2014-12-03 14:09 - 2014-12-02 01:29 - 01612800 _____ () E:\Program Files (x86)\Steam\icui18n.dll
2014-12-03 14:09 - 2014-12-02 01:29 - 01210368 _____ () E:\Program Files (x86)\Steam\icuuc.dll
2014-12-03 14:09 - 2014-12-01 22:31 - 00485888 _____ () E:\Program Files (x86)\Steam\libswscale-3.dll
2014-12-21 11:34 - 2014-12-20 00:38 - 00696000 _____ () E:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-06-01 10:08 - 2014-06-01 10:08 - 00035328 _____ () E:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () E:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () E:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 26065408 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\libcef.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00739840 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\libGLESv2.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00907776 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\platforms\qwindows.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00130048 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\libEGL.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00020992 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qgif.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00021504 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qico.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00205312 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qjpeg.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00225792 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qmng.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00015872 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qsvg.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00312832 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qtiff.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00010240 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQuick.2\qtquick2plugin.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00054272 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00010240 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQml\Models.2\modelsplugin.dll
2014-12-21 11:34 - 2014-12-20 00:38 - 34641288 _____ () E:\Program Files (x86)\Steam\bin\libcef.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 01077064 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 00211272 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 09009480 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 01677128 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-08-09 21:06 - 2014-08-09 21:06 - 19329904 _____ () E:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-24 14:38 - 2014-01-04 01:20 - 34755072 _____ () C:\Users\Pascal\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2014-11-20 07:02 - 2014-11-20 07:02 - 00193024 _____ () C:\ProgramData\Razer\Synapse\RzStats\RigWrapper.dll
2014-12-24 14:38 - 2014-01-04 01:20 - 00970240 _____ () C:\Users\Pascal\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\ffmpegsumo.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 14913352 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2014-06-16 15:45 - 2014-06-16 15:45 - 03022960 _____ () E:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-16 15:45 - 2014-06-16 15:45 - 00158832 _____ () E:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-16 15:45 - 2014-06-16 15:45 - 00023152 _____ () E:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Pascal\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "ESO Survey Live.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "NAS Scheduler.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "BUFFALO NAS Navigator2.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "EADM"
========================= Accounts: ==========================
Administrator (S-1-5-21-1010802133-681624663-1200860190-500 - Administrator - Disabled)
Gast (S-1-5-21-1010802133-681624663-1200860190-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1010802133-681624663-1200860190-1004 - Limited - Enabled)
Pascal (S-1-5-21-1010802133-681624663-1200860190-1001 - Administrator - Enabled) => C:\Users\Pascal
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/27/2014 07:51:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvcplui.exe, Version: 8.0.800.0, Zeitstempel: 0x5463d697
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000000002da0f02
ID des fehlerhaften Prozesses: 0x5c0c
Startzeit der fehlerhaften Anwendung: 0xnvcplui.exe0
Pfad der fehlerhaften Anwendung: nvcplui.exe1
Pfad des fehlerhaften Moduls: nvcplui.exe2
Berichtskennung: nvcplui.exe3
Vollständiger Name des fehlerhaften Pakets: nvcplui.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvcplui.exe5
Error: (12/27/2014 07:51:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvcplui.exe, Version: 8.0.800.0, Zeitstempel: 0x5463d697
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000002da0f02
ID des fehlerhaften Prozesses: 0x5c0c
Startzeit der fehlerhaften Anwendung: 0xnvcplui.exe0
Pfad der fehlerhaften Anwendung: nvcplui.exe1
Pfad des fehlerhaften Moduls: nvcplui.exe2
Berichtskennung: nvcplui.exe3
Vollständiger Name des fehlerhaften Pakets: nvcplui.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvcplui.exe5
Error: (12/27/2014 06:19:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
System Error:
0xC0000039 (unresolvable).
Error: (12/27/2014 06:19:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
System Error:
0xC0000039 (unresolvable).
Error: (12/27/2014 06:09:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkyrimLauncher.exe, Version: 1.3.22.0, Zeitstempel: 0x4f3956c2
Name des fehlerhaften Moduls: enbhelper.dll, Version: 0.0.0.0, Zeitstempel: 0x52505db0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000110e
ID des fehlerhaften Prozesses: 0x4ebc
Startzeit der fehlerhaften Anwendung: 0xSkyrimLauncher.exe0
Pfad der fehlerhaften Anwendung: SkyrimLauncher.exe1
Pfad des fehlerhaften Moduls: SkyrimLauncher.exe2
Berichtskennung: SkyrimLauncher.exe3
Vollständiger Name des fehlerhaften Pakets: SkyrimLauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkyrimLauncher.exe5
Error: (12/27/2014 03:18:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GameScannerService.exe, Version: 1.0.6.2565, Zeitstempel: 0x54540ccd
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008af3e
ID des fehlerhaften Prozesses: 0x6ec
Startzeit der fehlerhaften Anwendung: 0xGameScannerService.exe0
Pfad der fehlerhaften Anwendung: GameScannerService.exe1
Pfad des fehlerhaften Moduls: GameScannerService.exe2
Berichtskennung: GameScannerService.exe3
Vollständiger Name des fehlerhaften Pakets: GameScannerService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GameScannerService.exe5
Error: (12/27/2014 02:48:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.11.12 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2488
Startzeit: 01d02174e1b5f24a
Endzeit: 4294967295
Anwendungspfad: E:\Program Files (x86)\Java\jre8\bin\javaw.exe
Berichts-ID: 79300537-8d6a-11e4-bf1d-bc5ff4bc94c0
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/27/2014 02:17:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ModOrganizer.exe, Version: 1.2.14.0, Zeitstempel: 0x54315b0e
Name des fehlerhaften Moduls: ModOrganizer.exe, Version: 1.2.14.0, Zeitstempel: 0x54315b0e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00027edf
ID des fehlerhaften Prozesses: 0x1568
Startzeit der fehlerhaften Anwendung: 0xModOrganizer.exe0
Pfad der fehlerhaften Anwendung: ModOrganizer.exe1
Pfad des fehlerhaften Moduls: ModOrganizer.exe2
Berichtskennung: ModOrganizer.exe3
Vollständiger Name des fehlerhaften Pakets: ModOrganizer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ModOrganizer.exe5
Error: (12/27/2014 02:17:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.11.12 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 25e8
Startzeit: 01d0216f709bec51
Endzeit: 4294967295
Anwendungspfad: E:\Program Files (x86)\Java\jre8\bin\javaw.exe
Berichts-ID: 1eebb338-8d66-11e4-bf1d-bc5ff4bc94c0
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/27/2014 01:52:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.11.12 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2f20
Startzeit: 01d0216caeb4880c
Endzeit: 11
Anwendungspfad: E:\Program Files (x86)\Java\jre8\bin\javaw.exe
Berichts-ID: 9144d531-8d62-11e4-bf1d-bc5ff4bc94c0
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
System errors:
=============
Error: (12/28/2014 04:36:21 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (12/28/2014 04:35:51 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/28/2014 03:50:20 AM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
Error: (12/28/2014 03:50:16 AM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}
Error: (12/27/2014 08:18:36 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {0002DF01-0000-0000-C000-000000000046}
Error: (12/27/2014 08:14:22 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {0002DF01-0000-0000-C000-000000000046}
Error: (12/27/2014 08:13:00 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {0002DF01-0000-0000-C000-000000000046}
Error: (12/27/2014 07:51:56 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {0002DF01-0000-0000-C000-000000000046}
Error: (12/27/2014 07:51:26 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {0002DF01-0000-0000-C000-000000000046}
Error: (12/27/2014 06:20:27 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Microsoft Office Sessions:
=========================
Error: (12/27/2014 07:51:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvcplui.exe8.0.800.05463d697unknown0.0.0.000000000c000041d0000000002da0f025c0c01d02205f5e0594dE:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exeunknown572f8286-8df9-11e4-bf1d-bc5ff4bc94c0
Error: (12/27/2014 07:51:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvcplui.exe8.0.800.05463d697unknown0.0.0.000000000c00000050000000002da0f025c0c01d02205f5e0594dE:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exeunknown5683051c-8df9-11e4-bf1d-bc5ff4bc94c0
Error: (12/27/2014 06:19:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
System Error:
0xC0000039 (unresolvable)
Error: (12/27/2014 06:19:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
System Error:
0xC0000039 (unresolvable)
Error: (12/27/2014 06:09:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SkyrimLauncher.exe1.3.22.04f3956c2enbhelper.dll0.0.0.052505db0c00000050000110e4ebc01d021f7e35f58c8C:\Skyrim\steamapps\common\Skyrim\SkyrimLauncher.exeC:\Skyrim\steamapps\common\Skyrim\enbseries\enbhelper.dll27945158-8deb-11e4-bf1d-bc5ff4bc94c0
Error: (12/27/2014 03:18:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GameScannerService.exe1.0.6.256554540ccdMSVCR100.dll10.0.40219.3254df2be1ec00004170008af3e6ec01d02141f0d1c42fE:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exeC:\WINDOWS\SYSTEM32\MSVCR100.dllaeb39e62-8d6e-11e4-bf1d-bc5ff4bc94c0
Error: (12/27/2014 02:48:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.11.12248801d02174e1b5f24a4294967295E:\Program Files (x86)\Java\jre8\bin\javaw.exe79300537-8d6a-11e4-bf1d-bc5ff4bc94c0
Error: (12/27/2014 02:17:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ModOrganizer.exe1.2.14.054315b0eModOrganizer.exe1.2.14.054315b0ec000000500027edf156801d021427862da2cE:\Program Files (x86)\Mod Organizer\ModOrganizer.exeE:\Program Files (x86)\Mod Organizer\ModOrganizer.exe23552f29-8d66-11e4-bf1d-bc5ff4bc94c0
Error: (12/27/2014 02:17:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.11.1225e801d0216f709bec514294967295E:\Program Files (x86)\Java\jre8\bin\javaw.exe1eebb338-8d66-11e4-bf1d-bc5ff4bc94c0
Error: (12/27/2014 01:52:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.11.122f2001d0216caeb4880c11E:\Program Files (x86)\Java\jre8\bin\javaw.exe9144d531-8d62-11e4-bf1d-bc5ff4bc94c0
CodeIntegrity Errors:
===================================
Date: 2014-09-04 00:25:19.004
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\Hamdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-08-09 23:48:39.975
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-18 23:58:22.793
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Pascal\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-07-18 23:58:22.738
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 21%
Total physical RAM: 16315.5 MB
Available physical RAM: 12801.49 MB
Total Pagefile: 18747.5 MB
Available Pagefile: 14629.28 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:110.93 GB) (Free:28.46 GB) NTFS
Drive e: (Daten) (Fixed) (Total:931.51 GB) (Free:149.58 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 3964B577)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CB3FFC79)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
28.12.2014, 16:51
| #4 |
| | Telekom Abuse Team warnt vor Bedrohung. PC2: FRST.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Hartmut und Marion (administrator) on WOHNZIMMER-PC on 28-12-2014 16:33:48
Running from C:\Users\Hartmut und Marion\Downloads
Loaded Profiles: Hartmut und Marion & UpdatusUser (Available profiles: Hartmut und Marion & UpdatusUser & Marion)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Software 2000 Limited) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
(Freedom Scientific, Inc.) C:\Program Files\Freedom Scientific\Shared\fsSynth\1.0\x86\fsSynth32.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Freedom Scientific LLC.) C:\Program Files\Freedom Scientific\JAWS\15.0\fsATProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()
HKLM\...\Run: [JAWS] => C:\Program Files\Freedom Scientific\JAWS\15.0\jfw.exe [7308104 2014-10-14] (Freedom Scientific, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-03-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-01] (Atheros Commnucations)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKU\S-1-5-21-4274152114-28096137-2579490511-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-4274152114-28096137-2579490511-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-4274152114-28096137-2579490511-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
HKU\S-1-5-21-4274152114-28096137-2579490511-1000\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
Startup: C:\Users\Hartmut und Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.)
Startup: C:\Users\Hartmut und Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Hartmut und Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk
ShortcutTarget: NAS Scheduler.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4274152114-28096137-2579490511-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKU\S-1-5-21-4274152114-28096137-2579490511-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Hartmut und Marion\AppData\Roaming\Mozilla\Firefox\Profiles\lsrcai77.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: iCloud Bookmarks - C:\Users\Hartmut und Marion\AppData\Roaming\Mozilla\Firefox\Profiles\lsrcai77.default\Extensions\firefoxdav@icloud.com [2014-11-20]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-23]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-10-12] (ABBYY)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [76448 2011-03-01] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-12] (AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 JTVNCProxy_15.0; C:\Program Files\Freedom Scientific\JAWS\15.0\JTVNCProxy.exe [20808 2014-10-14] (Freedom Scientific BLV Group LLC)
R2 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251760 2012-03-29] (BUFFALO INC.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-12] ()
R1 Freedom Scientific Kernel Manager; C:\Windows\System32\fsKMgr.dll [29712 2014-07-25] (Freedom Scientific, Inc.)
S3 FSBRLDSP; C:\Windows\System32\DRIVERS\FSBRLDSP.sys [46440 2012-09-13] (Freedom Scientific BLV Group, LLC.)
R3 fsvidmir_service; C:\Windows\System32\DRIVERS\fsvidmir.sys [15856 2014-07-25] (Freedom Scientific, Inc.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2013-02-23] (Qualcomm Atheros Co., Ltd.)
S3 PowerBrl; C:\Windows\system32\Drivers\powerbrl.sys [18720 2014-10-14] (Freedom Scientific BLV Group, LLC.)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc.)
S3 STHDA; system32\DRIVERS\stwrt64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-28 16:33 - 2014-12-28 16:34 - 00011054 _____ () C:\Users\Hartmut und Marion\Downloads\FRST.txt
2014-12-28 16:33 - 2014-12-28 16:33 - 02123264 _____ (Farbar) C:\Users\Hartmut und Marion\Downloads\FRST64.exe
2014-12-28 16:33 - 2014-12-28 16:33 - 00000000 ____D () C:\FRST
2014-12-24 15:44 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-24 15:44 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-24 15:39 - 2014-12-24 15:39 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-14 14:21 - 2014-12-14 14:21 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-09 21:03 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-09 21:03 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-09 21:03 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-09 21:03 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-09 21:03 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-09 21:03 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-09 21:03 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-09 21:03 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-09 21:03 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-09 21:03 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-09 20:39 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 20:39 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 20:39 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 20:39 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 20:39 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 20:39 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 20:39 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 20:39 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 20:38 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 20:38 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 20:38 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 20:38 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 20:38 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 20:38 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 20:38 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 20:38 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 20:38 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 20:38 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 20:38 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 20:38 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 20:38 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 20:38 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 20:38 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 20:38 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 20:38 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 20:38 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 20:38 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 20:38 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 20:38 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 20:38 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 20:38 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 20:38 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 20:38 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 20:38 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 20:38 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 20:38 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 20:38 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 20:38 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 20:38 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 20:38 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 20:38 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 20:38 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 20:38 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 20:38 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 20:38 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 20:38 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 20:38 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 20:38 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 20:38 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 20:38 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 20:38 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 20:38 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 20:38 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 20:38 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 20:38 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 20:38 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 20:38 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 20:38 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 20:38 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 20:38 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 20:38 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 20:38 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 20:38 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 20:38 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 20:38 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 20:36 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 20:36 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 20:36 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 20:36 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 20:36 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 20:36 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 20:36 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 20:36 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 20:36 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 20:36 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 20:36 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 20:36 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 20:36 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 20:36 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-01 07:00 - 2014-12-01 07:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-28 16:33 - 2013-02-23 17:32 - 00000000 ____D () C:\Users\Hartmut und Marion\Documents\Outlook-Dateien
2014-12-28 16:32 - 2014-01-14 20:10 - 00000000 ____D () C:\Users\Hartmut und Marion\AppData\Local\50134896-6E1D-452D-8201-714E0BCD48B0.aplzod
2014-12-28 16:19 - 2013-02-23 14:23 - 01876057 _____ () C:\Windows\WindowsUpdate.log
2014-12-28 16:18 - 2009-07-14 05:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-28 16:18 - 2009-07-14 05:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-28 16:15 - 2014-04-21 17:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-28 16:08 - 2011-04-12 08:43 - 00702942 _____ () C:\Windows\system32\perfh007.dat
2014-12-28 16:08 - 2011-04-12 08:43 - 00150582 _____ () C:\Windows\system32\perfc007.dat
2014-12-28 16:08 - 2009-07-14 06:13 - 01629284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-28 16:04 - 2013-10-11 21:04 - 00000000 ____D () C:\Users\Hartmut und Marion\AppData\Local\CrashDumps
2014-12-28 16:04 - 2013-02-23 17:53 - 00000000 ___RD () C:\Users\Hartmut und Marion\Dropbox
2014-12-28 16:04 - 2013-02-23 17:50 - 00000000 ____D () C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox
2014-12-28 16:03 - 2014-08-26 19:04 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-12-28 16:03 - 2013-02-23 17:04 - 00000087 _____ () C:\Windows\SysWOW64\ssprs.tgz
2014-12-28 16:03 - 2013-02-23 17:04 - 00000073 _____ () C:\Windows\SysWOW64\ssprs.dll
2014-12-28 16:03 - 2010-11-21 04:24 - 00000219 _____ () C:\Windows\SysWOW64\xkjreog.tgz
2014-12-28 16:03 - 2010-11-21 04:24 - 00000205 _____ () C:\Windows\SysWOW64\xkjreog.dll
2014-12-28 16:02 - 2014-06-12 14:12 - 00013107 _____ () C:\Windows\setupact.log
2014-12-28 16:02 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-27 15:00 - 2014-08-25 09:14 - 00000000 ____D () C:\Users\Hartmut und Marion\Documents\AMEC
2014-12-26 14:46 - 2013-02-23 17:53 - 00001061 _____ () C:\Users\Hartmut und Marion\Desktop\Dropbox.lnk
2014-12-26 14:46 - 2013-02-23 17:51 - 00000000 ____D () C:\Users\Hartmut und Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-24 16:07 - 2013-03-09 13:07 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-16 20:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-14 15:15 - 2014-04-21 17:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-14 15:15 - 2013-03-08 14:48 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-14 15:15 - 2013-03-08 14:48 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-14 14:21 - 2014-06-12 14:12 - 00211690 _____ () C:\Windows\PFRO.log
2014-12-14 14:21 - 2014-05-06 18:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-14 14:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-14 14:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-09 21:06 - 2013-02-23 17:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-09 20:41 - 2013-06-05 20:20 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-09 20:38 - 2013-02-23 16:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\Hartmut und Marion\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzf_y4o.dll
C:\Users\Hartmut und Marion\AppData\Local\Temp\vcredist2005_x86.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-26 16:01
==================== End Of Log ============================
--- --- --- Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Hartmut und Marion at 2014-12-28 16:34:32
Running from C:\Users\Hartmut und Marion\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 11 (HKLM-x32\...\{F1100000-0009-0000-0001-074957833700}) (Version: 11.0.376 - ABBYY)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Bluetooth Suite (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.60 - ASUS Communications)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.14.15 - Atheros Communications Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version: - )
CanoScan LiDE 100 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413) (Version: - )
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Dropbox (HKU\S-1-5-21-4274152114-28096137-2579490511-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Freedom Scientific Braille (Version: 11.0.1090.1 - Freedom Scientific) Hidden
Freedom Scientific Braille (Version: 14.0.6430.0 - Freedom Scientific) Hidden
Freedom Scientific Document Server (Version: 11.0.1090.1 - Freedom Scientific) Hidden
Freedom Scientific Document Server (Version: 15.0.9806.0 - Freedom Scientific) Hidden
Freedom Scientific Elevation (Version: 14.0.6430.0 - Freedom Scientific) Hidden
Freedom Scientific Fehlerberichterstattung (HKLM\...\ErrorReportingClient) (Version: 1.0.6323.0 - Freedom Scientific)
Freedom Scientific Fehlerberichterstattung (Version: 1.0.6323.0 - Freedom Scientific) Hidden
Freedom Scientific FSReader 2.0 (HKLM\...\FSReader2.0) (Version: 2.0.1039 - Freedom Scientific)
Freedom Scientific FSReader 2.0 (Version: 2.0.1039 - Freedom Scientific) Hidden
Freedom Scientific FSReader 3.0 (HKLM\...\FSReader3.0) (Version: 3.0.5859.101 - Freedom Scientific)
Freedom Scientific FSReader 3.0 (Version: 3.0.5859.101 - Freedom Scientific) Hidden
Freedom Scientific FSRibbonSrv 1.0 (Version: 14.0.6430.0 - Freedom Scientific) Hidden
Freedom Scientific JAWS 15.0 (HKLM\...\JAWS15.0) (Version: 15.0.12085.400 - Freedom Scientific)
Freedom Scientific JAWS 15.0 (Version: 15.0.12085.400 - Freedom Scientific) Hidden
Freedom Scientific Ocr (HKLM\...\FSOcr64) (Version: 12.1.5846.0 - Freedom Scientific)
Freedom Scientific Ocr (HKLM-x32\...\FSOcr) (Version: 12.1.5821.0 - Freedom Scientific)
Freedom Scientific Ocr (Version: 12.1.5846.0 - Freedom Scientific) Hidden
Freedom Scientific Ocr (x32 Version: 12.1.5821.0 - Freedom Scientific) Hidden
Freedom Scientific OmniPage (HKLM-x32\...\FSOmniPage) (Version: 11.0.002.0 - Freedom Scientific)
Freedom Scientific OmniPage (x32 Version: 11.0.002.0 - Freedom Scientific) Hidden
Freedom Scientific Sprechende Installation 13.0 (HKLM\...\{8F46DA86-D9C8-4CF6-B12F-05BD68539071}) (Version: 13.0.1081.400 - Freedom Scientific)
Freedom Scientific Sprechende Installation 15.0 (HKLM\...\{259683DC-DC35-407E-B470-1E4AAD5D6DC4}) (Version: 15.0.12085.400 - Freedom Scientific)
Freedom Scientific Synth (Version: 14.0.6430.0 - Freedom Scientific) Hidden
Freedom Scientific Synthesizer Eloquence (x32 Version: 6.1.004 - Freedom Scientific) Hidden
Freedom Scientific UIAHooks 1.0 (Version: 14.0.6430.0 - Freedom Scientific) Hidden
Freedom Scientific Utilities (Version: 15.0.12085.400 - Freedom Scientific) Hidden
Freedom Scientific Video Intercept (HKLM\...\FSVI) (Version: 12.6.324.0 - Freedom Scientific)
Freedom Scientific Video Intercept (Version: 12.6.324.0 - Freedom Scientific) Hidden
Freedom Scientific WOW64 Proxy (Version: 11.0.1090.1 - Freedom Scientific) Hidden
Freedom Scientific WOW64 Proxy (Version: 14.0.6430.0 - Freedom Scientific) Hidden
Freedom Scientific XQilla 2.0 (Version: 14.0.6430.0 - Freedom Scientific) Hidden
HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version: - )
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Ihr Firmenname)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.2.0 (x86 de)) (Version: 24.2.0 - Mozilla)
MrvlUsgTracking (HKLM-x32\...\{A82D052A-0806-42DF-80CD-1730A1AC0ED3}) (Version: 1.0.7 - Marvell)
MrvlUsgTracking64 (HKLM\...\{42F0FD29-7EB3-4CAA-AF10-BC2619B96D80}) (Version: 1.0.1 - Marvell Semiconductor Pvt Ltd)
NVIDIA Grafiktreiber 314.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.07 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation)
PCFriendly (HKLM-x32\...\PCFriendly) (Version: - )
RealSpeak Solo fur Deutsch - Steffi (HKLM-x32\...\{BFBB91DB-9F0F-4A9C-9669-A97DA3512CF2}) (Version: 4.00.0000 - ScanSoft)
Samsung CLP-680 Series (HKLM-x32\...\Samsung CLP-680 Series) (Version: 1.02 (05.05.2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.45.01(30.04.2012) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Sentinel System Driver Installer 7.5.0 (HKLM-x32\...\{FAEE61D3-2A5E-4F7F-926F-77AAC08CE4DD}) (Version: 7.5.0 - SafeNet, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
TomTom HOME (HKLM-x32\...\{EC5F4C1B-F838-4CB7-8561-8F809296428B}) (Version: 2.9.5 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UBitMenuDE (HKLM-x32\...\{CBCFD97D-FE82-43F4-A978-996CACF71E6B}_is1) (Version: 01.04 - UBit Schweiz AG)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{CF0BE47C-B124-ACE8-A71B-AE8D2FF5FA19}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
17-11-2014 20:28:16 Windows Update
17-11-2014 21:19:59 Windows Update
18-11-2014 21:52:35 Windows Update
25-11-2014 14:25:23 JAWS Wiederherstellungspunkt
25-11-2014 14:28:07 Windows Update
01-12-2014 06:06:49 Windows Update
09-12-2014 20:34:07 Windows Update
09-12-2014 21:01:52 Windows Update
16-12-2014 17:33:53 Windows Update
24-12-2014 15:42:30 Windows Update
24-12-2014 16:09:21 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {19C10504-BE82-4288-A862-B1B98E2560DC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-12] (AVAST Software)
Task: {1F7FF6AD-2DE0-4ADD-847C-C1CBF1755824} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9C5B9555-8EB4-4634-9595-29B1FB77EEC9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B68709DD-BBB4-4FA0-94AB-463F4E10C394} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CEFD6A3B-FA2F-4F81-B9A0-E67D0330A51D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14] (Adobe Systems Incorporated)
Task: {E4A992FB-CF3E-4BB1-ABB7-C41FB8B27EF1} - System32\Tasks\{C3DC0D98-1DB7-4C30-BBD6-BD49531A09B5} => C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE [2013-11-08] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-02-23 16:01 - 2013-02-10 02:04 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-10 06:13 - 2012-01-10 05:13 - 00034304 _____ () C:\Windows\System32\ssd3clm.dll
2012-02-20 22:23 - 2012-02-20 22:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-02-20 22:23 - 2012-02-20 22:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-12-27 14:31 - 2014-12-27 14:31 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122700\algo.dll
2014-12-28 16:03 - 2014-12-28 16:03 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122800\algo.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-06-12 14:11 - 2014-06-12 14:11 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-28 16:03 - 2014-12-28 16:03 - 00043008 _____ () c:\Users\Hartmut und Marion\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzf_y4o.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Bonus.SSR.FR11 => "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-4274152114-28096137-2579490511-500 - Administrator - Disabled)
Gast (S-1-5-21-4274152114-28096137-2579490511-501 - Limited - Disabled)
Hartmut und Marion (S-1-5-21-4274152114-28096137-2579490511-1000 - Administrator - Enabled) => C:\Users\Hartmut und Marion
HomeGroupUser$ (S-1-5-21-4274152114-28096137-2579490511-1002 - Limited - Enabled)
Marion (S-1-5-21-4274152114-28096137-2579490511-1005 - Administrator - Enabled) => C:\Users\Marion
UpdatusUser (S-1-5-21-4274152114-28096137-2579490511-1004 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/28/2014 04:04:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FSOcrServer.exe, Version: 12.1.5846.0, Zeitstempel: 0x5432d116
Name des fehlerhaften Moduls: FSOcrServer.exe, Version: 12.1.5846.0, Zeitstempel: 0x5432d116
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a1ad
ID des fehlerhaften Prozesses: 0xe80
Startzeit der fehlerhaften Anwendung: 0xFSOcrServer.exe0
Pfad der fehlerhaften Anwendung: FSOcrServer.exe1
Pfad des fehlerhaften Moduls: FSOcrServer.exe2
Berichtskennung: FSOcrServer.exe3
Error: (12/28/2014 04:03:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FSOcrServer.exe, Version: 12.1.5846.0, Zeitstempel: 0x5432d116
Name des fehlerhaften Moduls: FSOcrServer.exe, Version: 12.1.5846.0, Zeitstempel: 0x5432d116
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a1ad
ID des fehlerhaften Prozesses: 0xe80
Startzeit der fehlerhaften Anwendung: 0xFSOcrServer.exe0
Pfad der fehlerhaften Anwendung: FSOcrServer.exe1
Pfad des fehlerhaften Moduls: FSOcrServer.exe2
Berichtskennung: FSOcrServer.exe3
Error: (12/28/2014 04:03:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2014 03:19:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "X64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (12/27/2014 02:32:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/26/2014 04:18:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10250
Error: (12/26/2014 04:18:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10250
Error: (12/26/2014 04:18:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/26/2014 04:18:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9204
Error: (12/26/2014 04:18:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9204
System errors:
=============
Error: (12/28/2014 04:11:46 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (12/28/2014 04:04:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/27/2014 02:32:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/26/2014 09:03:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht.
Error: (12/26/2014 02:44:11 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/24/2014 03:38:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/17/2014 02:46:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/17/2014 02:11:29 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (12/17/2014 00:53:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/16/2014 08:55:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht.
Microsoft Office Sessions:
=========================
Error: (12/28/2014 04:04:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FSOcrServer.exe12.1.5846.05432d116FSOcrServer.exe12.1.5846.05432d116c00000050000a1ade8001d022af6e2654f8C:\Program Files (x86)\Freedom Scientific\Shared\FSOcr\FSOcrServer.exeC:\Program Files (x86)\Freedom Scientific\Shared\FSOcr\FSOcrServer.exec77d16a6-8ea2-11e4-861e-78e3b5b8a188
Error: (12/28/2014 04:03:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FSOcrServer.exe12.1.5846.05432d116FSOcrServer.exe12.1.5846.05432d116c00000050000a1ade8001d022af6e2654f8C:\Program Files (x86)\Freedom Scientific\Shared\FSOcr\FSOcrServer.exeC:\Program Files (x86)\Freedom Scientific\Shared\FSOcr\FSOcrServer.exebb669389-8ea2-11e4-861e-78e3b5b8a188
Error: (12/28/2014 04:03:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2014 03:19:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityprocessorArchitectureX64C:\Program Files\Freedom Scientific\JAWS\15.0\WMHooks64Proxy.exeC:\Program Files\Freedom Scientific\JAWS\15.0\WMHooks64Proxy.exe1
Error: (12/27/2014 02:32:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/26/2014 04:18:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10250
Error: (12/26/2014 04:18:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10250
Error: (12/26/2014 04:18:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/26/2014 04:18:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9204
Error: (12/26/2014 04:18:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9204
==================== Memory info ===========================
Processor: AMD A6-5400K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 42%
Total physical RAM: 3991.33 MB
Available physical RAM: 2291.16 MB
Total Pagefile: 7980.84 MB
Available Pagefile: 6314.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.54 GB) (Free:291.53 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B9DE637F)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
29.12.2014, 08:23
| #5 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team warnt vor Bedrohung. Die MacBooks kann man eigentlich ausschliessen. Kannst Du anhand der Zeitangabe erahnen welcher Rechner es sein könnte? Ich sehe so jetzt nichts, ausser auf PC1, da sehe ich Adware. Erstmal für beide PC: Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.12.2014, 15:41
| #6 |
| | Telekom Abuse Team warnt vor Bedrohung. Erstmal PC1 Hier wurde bei beiden Programmen nichts gefunden TDSSKiller Log: Code:
ATTFilter 15:21:38.0628 0xcf28 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
15:21:38.0628 0xcf28 UEFI system
15:21:49.0123 0xcf28 ============================================================
15:21:49.0123 0xcf28 Current date / time: 2014/12/29 15:21:49.0123
15:21:49.0124 0xcf28 SystemInfo:
15:21:49.0124 0xcf28
15:21:49.0124 0xcf28 OS Version: 6.3.9600 ServicePack: 0.0
15:21:49.0124 0xcf28 Product type: Workstation
15:21:49.0124 0xcf28 ComputerName: PASCALS-PC
15:21:49.0124 0xcf28 UserName: Pascal
15:21:49.0124 0xcf28 Windows directory: C:\WINDOWS
15:21:49.0124 0xcf28 System windows directory: C:\WINDOWS
15:21:49.0124 0xcf28 Running under WOW64
15:21:49.0124 0xcf28 Processor architecture: Intel x64
15:21:49.0124 0xcf28 Number of processors: 8
15:21:49.0124 0xcf28 Page size: 0x1000
15:21:49.0124 0xcf28 Boot type: Normal boot
15:21:49.0124 0xcf28 ============================================================
15:21:49.0234 0xcf28 KLMD registered as C:\WINDOWS\system32\drivers\72796337.sys
15:21:49.0397 0xcf28 System UUID: {F063A012-60D2-2C01-6931-7ECF2B0EC4A4}
15:21:49.0681 0xcf28 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:21:49.0696 0xcf28 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:21:49.0717 0xcf28 ============================================================
15:21:49.0717 0xcf28 \Device\Harddisk0\DR0:
15:21:49.0717 0xcf28 GPT partitions:
15:21:49.0718 0xcf28 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0C44262B-9ACC-4938-97B0-9FD95842484F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
15:21:49.0718 0xcf28 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {3032FF39-D1B6-4C2A-B57E-A23979BA82EE}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
15:21:49.0718 0xcf28 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {74E645B2-FE77-4690-ACB3-707F2ECE1BA5}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
15:21:49.0718 0xcf28 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3A08F634-0709-415B-8400-3AE93C91BA7E}, Name: Basic data partition, StartLBA 0x108800, BlocksNum 0xDDDD000
15:21:49.0718 0xcf28 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5B553E30-20EB-4018-8526-38096049C098}, Name: , StartLBA 0xDEE5800, BlocksNum 0xAF000
15:21:49.0718 0xcf28 MBR partitions:
15:21:49.0718 0xcf28 \Device\Harddisk1\DR1:
15:21:49.0738 0xcf28 MBR partitions:
15:21:49.0738 0xcf28 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
15:21:49.0738 0xcf28 ============================================================
15:21:49.0739 0xcf28 C: <-> \Device\Harddisk0\DR0\Partition4
15:21:49.0810 0xcf28 E: <-> \Device\Harddisk1\DR1\Partition1
15:21:49.0810 0xcf28 ============================================================
15:21:49.0810 0xcf28 Initialize success
15:21:49.0810 0xcf28 ============================================================
15:22:22.0105 0xcd64 ============================================================
15:22:22.0105 0xcd64 Scan started
15:22:22.0105 0xcd64 Mode: Manual; SigCheck; TDLFS;
15:22:22.0105 0xcd64 ============================================================
15:22:22.0105 0xcd64 KSN ping started
15:22:24.0481 0xcd64 KSN ping finished: true
15:22:24.0946 0xcd64 ================ Scan system memory ========================
15:22:24.0946 0xcd64 System memory - ok
15:22:24.0946 0xcd64 ================ Scan services =============================
15:22:24.0971 0xcd64 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
15:22:25.0001 0xcd64 1394ohci - ok
15:22:25.0009 0xcd64 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
15:22:25.0017 0xcd64 3ware - ok
15:22:25.0030 0xcd64 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
15:22:25.0048 0xcd64 ACPI - ok
15:22:25.0052 0xcd64 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
15:22:25.0060 0xcd64 acpiex - ok
15:22:25.0063 0xcd64 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
15:22:25.0071 0xcd64 acpipagr - ok
15:22:25.0073 0xcd64 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
15:22:25.0082 0xcd64 AcpiPmi - ok
15:22:25.0085 0xcd64 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
15:22:25.0093 0xcd64 acpitime - ok
15:22:25.0107 0xcd64 [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:22:25.0116 0xcd64 AdobeFlashPlayerUpdateSvc - ok
15:22:25.0131 0xcd64 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
15:22:25.0151 0xcd64 ADP80XX - ok
15:22:25.0158 0xcd64 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
15:22:25.0171 0xcd64 AeLookupSvc - ok
15:22:25.0181 0xcd64 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
15:22:25.0198 0xcd64 AFD - ok
15:22:25.0202 0xcd64 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
15:22:25.0210 0xcd64 agp440 - ok
15:22:25.0213 0xcd64 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
15:22:25.0224 0xcd64 ahcache - ok
15:22:25.0228 0xcd64 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe
15:22:25.0240 0xcd64 ALG - ok
15:22:25.0245 0xcd64 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
15:22:25.0255 0xcd64 AmdK8 - ok
15:22:25.0260 0xcd64 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
15:22:25.0269 0xcd64 AmdPPM - ok
15:22:25.0273 0xcd64 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
15:22:25.0280 0xcd64 amdsata - ok
15:22:25.0287 0xcd64 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
15:22:25.0298 0xcd64 amdsbs - ok
15:22:25.0301 0xcd64 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
15:22:25.0307 0xcd64 amdxata - ok
15:22:25.0310 0xcd64 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys
15:22:25.0321 0xcd64 AppID - ok
15:22:25.0324 0xcd64 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
15:22:25.0332 0xcd64 AppIDSvc - ok
15:22:25.0336 0xcd64 [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo C:\WINDOWS\System32\appinfo.dll
15:22:25.0347 0xcd64 Appinfo - ok
15:22:25.0461 0xcd64 [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:22:25.0482 0xcd64 Apple Mobile Device - ok
15:22:25.0505 0xcd64 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
15:22:25.0529 0xcd64 AppReadiness - ok
15:22:25.0549 0xcd64 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
15:22:25.0577 0xcd64 AppXSvc - ok
15:22:25.0582 0xcd64 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
15:22:25.0591 0xcd64 arcsas - ok
15:22:25.0594 0xcd64 [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
15:22:25.0603 0xcd64 aswHwid - ok
15:22:25.0607 0xcd64 [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
15:22:25.0613 0xcd64 aswMonFlt - ok
15:22:25.0616 0xcd64 [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
15:22:25.0623 0xcd64 aswRdr - ok
15:22:25.0626 0xcd64 [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
15:22:25.0631 0xcd64 aswRvrt - ok
15:22:25.0648 0xcd64 [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
15:22:25.0669 0xcd64 aswSnx - ok
15:22:25.0679 0xcd64 [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
15:22:25.0691 0xcd64 aswSP - ok
15:22:25.0695 0xcd64 [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
15:22:25.0701 0xcd64 aswStm - ok
15:22:25.0707 0xcd64 [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
15:22:25.0716 0xcd64 aswVmm - ok
15:22:25.0719 0xcd64 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
15:22:25.0725 0xcd64 atapi - ok
15:22:25.0731 0xcd64 [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
15:22:25.0743 0xcd64 AudioEndpointBuilder - ok
15:22:25.0759 0xcd64 [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
15:22:25.0781 0xcd64 Audiosrv - ok
15:22:25.0904 0xcd64 [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus E:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:22:25.0910 0xcd64 avast! Antivirus - ok
15:22:25.0914 0xcd64 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
15:22:25.0924 0xcd64 AxInstSV - ok
15:22:25.0935 0xcd64 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
15:22:25.0951 0xcd64 b06bdrv - ok
15:22:25.0955 0xcd64 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
15:22:25.0964 0xcd64 BasicDisplay - ok
15:22:25.0967 0xcd64 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
15:22:25.0976 0xcd64 BasicRender - ok
15:22:25.0979 0xcd64 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
15:22:25.0985 0xcd64 bcmfn2 - ok
15:22:25.0992 0xcd64 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
15:22:26.0005 0xcd64 BDESVC - ok
15:22:26.0008 0xcd64 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:22:26.0017 0xcd64 Beep - ok
15:22:26.0033 0xcd64 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll
15:22:26.0055 0xcd64 BFE - ok
15:22:26.0073 0xcd64 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll
15:22:26.0101 0xcd64 BITS - ok
15:22:26.0135 0xcd64 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service E:\Program Files\Bonjour\mDNSResponder.exe
15:22:26.0156 0xcd64 Bonjour Service - ok
15:22:26.0160 0xcd64 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
15:22:26.0170 0xcd64 bowser - ok
15:22:26.0176 0xcd64 [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
15:22:26.0189 0xcd64 BrokerInfrastructure - ok
15:22:26.0194 0xcd64 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\WINDOWS\System32\browser.dll
15:22:26.0204 0xcd64 Browser - ok
15:22:26.0207 0xcd64 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
15:22:26.0216 0xcd64 BthAvrcpTg - ok
15:22:26.0219 0xcd64 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
15:22:26.0228 0xcd64 BthHFEnum - ok
15:22:26.0231 0xcd64 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
15:22:26.0239 0xcd64 bthhfhid - ok
15:22:26.0243 0xcd64 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
15:22:26.0252 0xcd64 BTHMODEM - ok
15:22:26.0257 0xcd64 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll
15:22:26.0267 0xcd64 bthserv - ok
15:22:26.0270 0xcd64 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
15:22:26.0280 0xcd64 cdfs - ok
15:22:26.0287 0xcd64 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
15:22:26.0299 0xcd64 cdrom - ok
15:22:26.0303 0xcd64 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
15:22:26.0317 0xcd64 CertPropSvc - ok
15:22:26.0321 0xcd64 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
15:22:26.0330 0xcd64 circlass - ok
15:22:26.0339 0xcd64 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
15:22:26.0351 0xcd64 CLFS - ok
15:22:26.0358 0xcd64 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
15:22:26.0367 0xcd64 CmBatt - ok
15:22:26.0414 0xcd64 [ 2A01CA9628F36208A7D188F34B295192, 336532A03600759C8D243A0E8AAE334EB741EFE89165C1BE08339AE1EC5838B1 ] cmudaxp C:\WINDOWS\system32\drivers\cmudaxp.sys
15:22:26.0467 0xcd64 cmudaxp - ok
15:22:26.0480 0xcd64 [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
15:22:26.0498 0xcd64 CNG - ok
15:22:26.0502 0xcd64 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
15:22:26.0510 0xcd64 CompositeBus - ok
15:22:26.0513 0xcd64 COMSysApp - ok
15:22:26.0515 0xcd64 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
15:22:26.0524 0xcd64 condrv - ok
15:22:26.0529 0xcd64 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
15:22:26.0541 0xcd64 CryptSvc - ok
15:22:26.0544 0xcd64 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
15:22:26.0551 0xcd64 dam - ok
15:22:26.0741 0xcd64 [ 914A7156B0C0F10BE645A02E13F576B2, C8686CE4DD9C457D56D5535307FD210AE057BFF94AC59665681DA6CF46DBE2E8 ] DAUpdaterSvc E:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
15:22:26.0791 0xcd64 DAUpdaterSvc - ok
15:22:26.0802 0xcd64 [ 106838084C284C06D01C6C5370F7C5D3, 977096D7C4218E123306FB191C69F6642505DA17D0AE25D6BFFECD029B055BC1 ] dc3d C:\WINDOWS\System32\drivers\dc3d.sys
15:22:26.0818 0xcd64 dc3d - ok
15:22:26.0839 0xcd64 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:22:26.0863 0xcd64 DcomLaunch - ok
15:22:26.0873 0xcd64 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
15:22:26.0889 0xcd64 defragsvc - ok
15:22:26.0898 0xcd64 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
15:22:26.0914 0xcd64 DeviceAssociationService - ok
15:22:26.0919 0xcd64 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
15:22:26.0931 0xcd64 DeviceInstall - ok
15:22:26.0934 0xcd64 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
15:22:26.0945 0xcd64 Dfsc - ok
15:22:26.0952 0xcd64 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
15:22:26.0967 0xcd64 Dhcp - ok
15:22:26.0973 0xcd64 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
15:22:26.0981 0xcd64 disk - ok
15:22:26.0984 0xcd64 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
15:22:26.0992 0xcd64 dmvsc - ok
15:22:26.0998 0xcd64 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:22:27.0010 0xcd64 Dnscache - ok
15:22:27.0017 0xcd64 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll
15:22:27.0030 0xcd64 dot3svc - ok
15:22:27.0035 0xcd64 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll
15:22:27.0051 0xcd64 DPS - ok
15:22:27.0055 0xcd64 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:22:27.0060 0xcd64 drmkaud - ok
15:22:27.0068 0xcd64 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
15:22:27.0085 0xcd64 DsmSvc - ok
15:22:27.0125 0xcd64 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:22:27.0165 0xcd64 DXGKrnl - ok
15:22:27.0182 0xcd64 [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
15:22:27.0197 0xcd64 e1iexpress - ok
15:22:27.0201 0xcd64 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll
15:22:27.0212 0xcd64 Eaphost - ok
15:22:27.0267 0xcd64 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
15:22:27.0337 0xcd64 ebdrv - ok
15:22:27.0342 0xcd64 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe
15:22:27.0350 0xcd64 EFS - ok
15:22:27.0352 0xcd64 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
15:22:27.0360 0xcd64 EhStorClass - ok
15:22:27.0364 0xcd64 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
15:22:27.0372 0xcd64 EhStorTcgDrv - ok
15:22:27.0375 0xcd64 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
15:22:27.0381 0xcd64 ErrDev - ok
15:22:27.0392 0xcd64 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll
15:22:27.0408 0xcd64 EventSystem - ok
15:22:27.0414 0xcd64 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
15:22:27.0427 0xcd64 exfat - ok
15:22:27.0433 0xcd64 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
15:22:27.0442 0xcd64 fastfat - ok
15:22:27.0454 0xcd64 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe
15:22:27.0474 0xcd64 Fax - ok
15:22:27.0478 0xcd64 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
15:22:27.0486 0xcd64 fdc - ok
15:22:27.0488 0xcd64 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll
15:22:27.0500 0xcd64 fdPHost - ok
15:22:27.0503 0xcd64 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll
15:22:27.0515 0xcd64 FDResPub - ok
15:22:27.0520 0xcd64 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll
15:22:27.0532 0xcd64 fhsvc - ok
15:22:27.0535 0xcd64 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
15:22:27.0543 0xcd64 FileInfo - ok
15:22:27.0545 0xcd64 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
15:22:27.0557 0xcd64 Filetrace - ok
15:22:27.0560 0xcd64 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
15:22:27.0567 0xcd64 flpydisk - ok
15:22:27.0576 0xcd64 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:22:27.0588 0xcd64 FltMgr - ok
15:22:27.0611 0xcd64 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll
15:22:27.0640 0xcd64 FontCache - ok
15:22:27.0645 0xcd64 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:22:27.0650 0xcd64 FontCache3.0.0.0 - ok
15:22:27.0653 0xcd64 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
15:22:27.0659 0xcd64 FsDepends - ok
15:22:27.0662 0xcd64 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:22:27.0668 0xcd64 Fs_Rec - ok
15:22:27.0680 0xcd64 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
15:22:27.0696 0xcd64 fvevol - ok
15:22:27.0699 0xcd64 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
15:22:27.0706 0xcd64 FxPPM - ok
15:22:27.0710 0xcd64 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
15:22:27.0717 0xcd64 gagp30kx - ok
15:22:27.0720 0xcd64 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:22:27.0725 0xcd64 GEARAspiWDM - ok
15:22:27.0727 0xcd64 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
15:22:27.0734 0xcd64 gencounter - ok
15:22:27.0835 0xcd64 [ 0C52567F023D0F05F4EFC26F607D415B, 168D2AAB2F9CF8DE4A894DE3B2A5C67F1DAD758DBEC95FCFF4D752645BB37C38 ] GfExperienceService E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
15:22:27.0869 0xcd64 GfExperienceService - ok
15:22:27.0876 0xcd64 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
15:22:27.0886 0xcd64 GPIOClx0101 - ok
15:22:27.0906 0xcd64 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
15:22:27.0935 0xcd64 gpsvc - ok
15:22:27.0962 0xcd64 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:22:27.0968 0xcd64 gupdate - ok
15:22:27.0972 0xcd64 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:22:27.0977 0xcd64 gupdatem - ok
15:22:27.0980 0xcd64 [ E2854E61B36D83C03A39E1EBD57D85F8, 0B1D543053CF44A140C9EE35A3E03704FB469C972CB6E62CDA4EF39D34301BD3 ] Hamachi C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
15:22:27.0984 0xcd64 Hamachi - detected UnsignedFile.Multi.Generic ( 1 )
15:22:30.0395 0xcd64 Detect skipped due to KSN trusted
15:22:30.0395 0xcd64 Hamachi - ok
15:22:30.0433 0xcd64 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
15:22:30.0465 0xcd64 HdAudAddService - ok
15:22:30.0472 0xcd64 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
15:22:30.0483 0xcd64 HDAudBus - ok
15:22:30.0486 0xcd64 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
15:22:30.0496 0xcd64 HidBatt - ok
15:22:30.0500 0xcd64 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
15:22:30.0510 0xcd64 HidBth - ok
15:22:30.0513 0xcd64 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
15:22:30.0521 0xcd64 hidi2c - ok
15:22:30.0524 0xcd64 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
15:22:30.0532 0xcd64 HidIr - ok
15:22:30.0535 0xcd64 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll
15:22:30.0545 0xcd64 hidserv - ok
15:22:30.0548 0xcd64 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
15:22:30.0556 0xcd64 HidUsb - ok
15:22:30.0560 0xcd64 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
15:22:30.0571 0xcd64 hkmsvc - ok
15:22:30.0577 0xcd64 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
15:22:30.0590 0xcd64 HomeGroupListener - ok
15:22:30.0599 0xcd64 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
15:22:30.0615 0xcd64 HomeGroupProvider - ok
15:22:30.0619 0xcd64 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
15:22:30.0626 0xcd64 HpSAMD - ok
15:22:30.0643 0xcd64 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
15:22:30.0668 0xcd64 HTTP - ok
15:22:30.0671 0xcd64 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
15:22:30.0677 0xcd64 hwpolicy - ok
15:22:30.0679 0xcd64 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
15:22:30.0687 0xcd64 hyperkbd - ok
15:22:30.0689 0xcd64 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
15:22:30.0697 0xcd64 HyperVideo - ok
15:22:30.0701 0xcd64 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
15:22:30.0710 0xcd64 i8042prt - ok
15:22:30.0713 0xcd64 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
15:22:30.0718 0xcd64 iaLPSSi_GPIO - ok
15:22:30.0721 0xcd64 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
15:22:30.0728 0xcd64 iaLPSSi_I2C - ok
15:22:30.0740 0xcd64 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
15:22:30.0755 0xcd64 iaStorAV - ok
15:22:30.0765 0xcd64 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
15:22:30.0779 0xcd64 iaStorV - ok
15:22:30.0781 0xcd64 IEEtwCollectorService - ok
15:22:30.0799 0xcd64 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
15:22:30.0825 0xcd64 IKEEXT - ok
15:22:30.0831 0xcd64 [ 26FBC0AEDE7C6A67781202E0E2ECB6A6, BEF9E7CB2B2DD7A8091483EC53B812CA3F079CEC949DE545ABED6BE617A9ED55 ] Intel(R) PROSet Monitoring Service C:\WINDOWS\system32\IProsetMonitor.exe
15:22:30.0839 0xcd64 Intel(R) PROSet Monitoring Service - ok
15:22:30.0842 0xcd64 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
15:22:30.0848 0xcd64 intelide - ok
15:22:30.0850 0xcd64 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
15:22:30.0857 0xcd64 intelpep - ok
15:22:30.0861 0xcd64 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
15:22:30.0870 0xcd64 intelppm - ok
15:22:30.0873 0xcd64 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:22:30.0884 0xcd64 IpFilterDriver - ok
15:22:30.0899 0xcd64 [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
15:22:30.0923 0xcd64 iphlpsvc - ok
15:22:30.0926 0xcd64 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
15:22:30.0935 0xcd64 IPMIDRV - ok
15:22:30.0940 0xcd64 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
15:22:30.0949 0xcd64 IPNAT - ok
15:22:30.0985 0xcd64 [ 68A5EDD4843CF0033BAE537C9C495F69, 386C66A6562218D0F0A616D75457CDA4B82DB87DC3DA83935497819963DB6D86 ] iPod Service E:\Program Files\iPod\bin\iPodService.exe
15:22:31.0000 0xcd64 iPod Service - ok
15:22:31.0003 0xcd64 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
15:22:31.0012 0xcd64 IRENUM - ok
15:22:31.0015 0xcd64 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
15:22:31.0021 0xcd64 isapnp - ok
15:22:31.0031 0xcd64 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
15:22:31.0044 0xcd64 iScsiPrt - ok
15:22:31.0047 0xcd64 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
15:22:31.0054 0xcd64 kbdclass - ok
15:22:31.0057 0xcd64 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
15:22:31.0066 0xcd64 kbdhid - ok
15:22:31.0068 0xcd64 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
15:22:31.0077 0xcd64 kdnic - ok
15:22:31.0080 0xcd64 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe
15:22:31.0088 0xcd64 KeyIso - ok
15:22:31.0100 0xcd64 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
15:22:31.0114 0xcd64 KSecDD - ok
15:22:31.0120 0xcd64 [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
15:22:31.0129 0xcd64 KSecPkg - ok
15:22:31.0132 0xcd64 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
15:22:31.0141 0xcd64 ksthunk - ok
15:22:31.0148 0xcd64 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
15:22:31.0163 0xcd64 KtmRm - ok
15:22:31.0171 0xcd64 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
15:22:31.0187 0xcd64 LanmanServer - ok
15:22:31.0193 0xcd64 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
15:22:31.0208 0xcd64 LanmanWorkstation - ok
15:22:31.0217 0xcd64 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
15:22:31.0234 0xcd64 lfsvc - ok
15:22:31.0237 0xcd64 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
15:22:31.0248 0xcd64 lltdio - ok
15:22:31.0254 0xcd64 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
15:22:31.0269 0xcd64 lltdsvc - ok
15:22:31.0271 0xcd64 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
15:22:31.0281 0xcd64 lmhosts - ok
15:22:31.0285 0xcd64 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
15:22:31.0294 0xcd64 LSI_SAS - ok
15:22:31.0297 0xcd64 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
15:22:31.0305 0xcd64 LSI_SAS2 - ok
15:22:31.0308 0xcd64 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
15:22:31.0316 0xcd64 LSI_SAS3 - ok
15:22:31.0319 0xcd64 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
15:22:31.0327 0xcd64 LSI_SSS - ok
15:22:31.0339 0xcd64 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll
15:22:31.0359 0xcd64 LSM - ok
15:22:31.0364 0xcd64 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
15:22:31.0374 0xcd64 luafv - ok
15:22:31.0377 0xcd64 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
15:22:31.0384 0xcd64 megasas - ok
15:22:31.0395 0xcd64 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
15:22:31.0411 0xcd64 megasr - ok
15:22:31.0416 0xcd64 [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
15:22:31.0422 0xcd64 MEIx64 - ok
15:22:31.0425 0xcd64 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll
15:22:31.0435 0xcd64 MMCSS - ok
15:22:31.0437 0xcd64 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
15:22:31.0447 0xcd64 Modem - ok
15:22:31.0450 0xcd64 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
15:22:31.0460 0xcd64 monitor - ok
15:22:31.0464 0xcd64 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
15:22:31.0471 0xcd64 mouclass - ok
15:22:31.0474 0xcd64 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
15:22:31.0482 0xcd64 mouhid - ok
15:22:31.0486 0xcd64 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
15:22:31.0493 0xcd64 mountmgr - ok
15:22:31.0531 0xcd64 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:22:31.0553 0xcd64 MozillaMaintenance - ok
15:22:31.0556 0xcd64 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
15:22:31.0566 0xcd64 mpsdrv - ok
15:22:31.0582 0xcd64 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
15:22:31.0605 0xcd64 MpsSvc - ok
15:22:31.0611 0xcd64 [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
15:22:31.0621 0xcd64 MRxDAV - ok
15:22:31.0629 0xcd64 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:22:31.0644 0xcd64 mrxsmb - ok
15:22:31.0651 0xcd64 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
15:22:31.0664 0xcd64 mrxsmb10 - ok
15:22:31.0670 0xcd64 [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
15:22:31.0680 0xcd64 mrxsmb20 - ok
15:22:31.0684 0xcd64 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
15:22:31.0695 0xcd64 MsBridge - ok
15:22:31.0699 0xcd64 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
15:22:31.0710 0xcd64 MSDTC - ok
15:22:31.0714 0xcd64 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:22:31.0723 0xcd64 Msfs - ok
15:22:31.0726 0xcd64 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
15:22:31.0734 0xcd64 msgpiowin32 - ok
15:22:31.0736 0xcd64 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
15:22:31.0744 0xcd64 mshidkmdf - ok
15:22:31.0746 0xcd64 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
15:22:31.0754 0xcd64 mshidumdf - ok
15:22:31.0756 0xcd64 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
15:22:31.0762 0xcd64 msisadrv - ok
15:22:31.0767 0xcd64 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
15:22:31.0778 0xcd64 MSiSCSI - ok
15:22:31.0780 0xcd64 msiserver - ok
15:22:31.0782 0xcd64 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:22:31.0790 0xcd64 MSKSSRV - ok
15:22:31.0794 0xcd64 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
15:22:31.0803 0xcd64 MsLldp - ok
15:22:31.0805 0xcd64 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:22:31.0813 0xcd64 MSPCLOCK - ok
15:22:31.0815 0xcd64 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:22:31.0823 0xcd64 MSPQM - ok
15:22:31.0831 0xcd64 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
15:22:31.0844 0xcd64 MsRPC - ok
15:22:31.0848 0xcd64 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
15:22:31.0854 0xcd64 mssmbios - ok
15:22:31.0856 0xcd64 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:22:31.0863 0xcd64 MSTEE - ok
15:22:31.0866 0xcd64 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
15:22:31.0874 0xcd64 MTConfig - ok
15:22:31.0878 0xcd64 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
15:22:31.0885 0xcd64 Mup - ok
15:22:31.0888 0xcd64 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
15:22:31.0895 0xcd64 mvumis - ok
15:22:31.0905 0xcd64 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll
15:22:31.0923 0xcd64 napagent - ok
15:22:32.0010 0xcd64 NasPmService - ok
15:22:32.0042 0xcd64 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
15:22:32.0078 0xcd64 NativeWifiP - ok
15:22:32.0086 0xcd64 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
15:22:32.0101 0xcd64 NcaSvc - ok
15:22:32.0106 0xcd64 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll
15:22:32.0118 0xcd64 NcbService - ok
15:22:32.0122 0xcd64 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
15:22:32.0142 0xcd64 NcdAutoSetup - ok
15:22:32.0187 0xcd64 [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
15:22:32.0215 0xcd64 NDIS - ok
15:22:32.0219 0xcd64 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
15:22:32.0229 0xcd64 NdisCap - ok
15:22:32.0233 0xcd64 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
15:22:32.0244 0xcd64 NdisImPlatform - ok
15:22:32.0247 0xcd64 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:22:32.0256 0xcd64 NdisTapi - ok
15:22:32.0259 0xcd64 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:22:32.0268 0xcd64 Ndisuio - ok
15:22:32.0270 0xcd64 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
15:22:32.0279 0xcd64 NdisVirtualBus - ok
15:22:32.0284 0xcd64 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:22:32.0297 0xcd64 NdisWan - ok
15:22:32.0302 0xcd64 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:22:32.0313 0xcd64 NdisWanLegacy - ok
15:22:32.0316 0xcd64 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:22:32.0326 0xcd64 NDProxy - ok
15:22:32.0329 0xcd64 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
15:22:32.0341 0xcd64 Ndu - ok
15:22:32.0344 0xcd64 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:22:32.0354 0xcd64 NetBIOS - ok
15:22:32.0361 0xcd64 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:22:32.0374 0xcd64 NetBT - ok
15:22:32.0377 0xcd64 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:22:32.0384 0xcd64 Netlogon - ok
15:22:32.0392 0xcd64 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll
15:22:32.0408 0xcd64 Netman - ok
15:22:32.0425 0xcd64 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
15:22:32.0445 0xcd64 netprofm - ok
15:22:32.0461 0xcd64 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:22:32.0471 0xcd64 NetTcpPortSharing - ok
15:22:32.0475 0xcd64 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
15:22:32.0484 0xcd64 netvsc - ok
15:22:32.0495 0xcd64 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
15:22:32.0512 0xcd64 NlaSvc - ok
15:22:32.0515 0xcd64 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:22:32.0525 0xcd64 Npfs - ok
15:22:32.0528 0xcd64 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
15:22:32.0536 0xcd64 npsvctrig - ok
15:22:32.0538 0xcd64 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll
15:22:32.0548 0xcd64 nsi - ok
15:22:32.0550 0xcd64 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
15:22:32.0559 0xcd64 nsiproxy - ok
15:22:32.0589 0xcd64 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:22:32.0631 0xcd64 Ntfs - ok
15:22:32.0636 0xcd64 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
15:22:32.0645 0xcd64 Null - ok
15:22:32.0650 0xcd64 [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
15:22:32.0657 0xcd64 NVHDA - ok
15:22:32.0805 0xcd64 [ ED4D88A04D22E6B00DB6BC8FACDBAFED, 38DDB9B353D3A24DD8390C6FB58FD513B46F9F715BC7E68D0958E78EACC3D3FA ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
15:22:32.0974 0xcd64 nvlddmkm - ok
15:22:33.0066 0xcd64 [ DDF6920EBE96B0304279834F2EE2193E, F631974EE3659EC01863C2502FD26A45A237A59B9B005E5B1F9F78357CCBB974 ] NvNetworkService E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
15:22:33.0100 0xcd64 NvNetworkService - ok
15:22:33.0106 0xcd64 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
15:22:33.0115 0xcd64 nvraid - ok
15:22:33.0120 0xcd64 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
15:22:33.0129 0xcd64 nvstor - ok
15:22:33.0177 0xcd64 [ 0C4A0D577A6EF1B9D353851668779944, 70E866AD50809CC80F167796C516190918A542F7767A8841948E656F36877AFE ] NvStreamKms E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
15:22:33.0182 0xcd64 NvStreamKms - ok
15:22:33.0642 0xcd64 [ BC00A5B3A9F759F7B1DD0A5868C4492F, 23058E56016B836339AACDB0D42E074FB4EF560C27831F6228A455D70585D1EE ] NvStreamSvc E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
15:22:33.0912 0xcd64 NvStreamSvc - ok
15:22:33.0955 0xcd64 [ B7CD89EFA562A991F2864EFD3147473A, D38BAE7883BC073562C3C77DF59663B820CFE8305A3319C6E5CF8E48752E18C1 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
15:22:33.0973 0xcd64 nvsvc - ok
15:22:33.0977 0xcd64 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
15:22:33.0982 0xcd64 nvvad_WaveExtensible - ok
15:22:33.0986 0xcd64 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
15:22:33.0994 0xcd64 nv_agp - ok
15:22:34.0103 0xcd64 [ 8703DA402DE75EE272B9679F34469D2B, B437A0D5E3E79337AA3E8DDC3630D3DC2E5E96F2432664AF30911BCCD4270A8C ] Origin Client Service E:\Program Files (x86)\Origin\OriginClientService.exe
15:22:34.0141 0xcd64 Origin Client Service - ok
15:22:34.0173 0xcd64 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose E:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:22:34.0181 0xcd64 ose - ok
15:22:34.0329 0xcd64 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:22:34.0458 0xcd64 osppsvc - ok
15:22:34.0470 0xcd64 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
15:22:34.0487 0xcd64 p2pimsvc - ok
15:22:34.0503 0xcd64 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
15:22:34.0527 0xcd64 p2psvc - ok
15:22:34.0532 0xcd64 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
15:22:34.0553 0xcd64 Parport - ok
15:22:34.0561 0xcd64 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
15:22:34.0572 0xcd64 partmgr - ok
15:22:34.0582 0xcd64 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
15:22:34.0598 0xcd64 PcaSvc - ok
15:22:34.0606 0xcd64 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
15:22:34.0618 0xcd64 pci - ok
15:22:34.0621 0xcd64 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
15:22:34.0627 0xcd64 pciide - ok
15:22:34.0632 0xcd64 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
15:22:34.0640 0xcd64 pcmcia - ok
15:22:34.0642 0xcd64 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
15:22:34.0649 0xcd64 pcw - ok
15:22:34.0652 0xcd64 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
15:22:34.0660 0xcd64 pdc - ok
15:22:34.0671 0xcd64 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
15:22:34.0690 0xcd64 PEAUTH - ok
15:22:34.0702 0xcd64 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
15:22:34.0712 0xcd64 PerfHost - ok
15:22:34.0736 0xcd64 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll
15:22:34.0772 0xcd64 pla - ok
15:22:34.0777 0xcd64 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
15:22:34.0787 0xcd64 PlugPlay - ok
15:22:34.0791 0xcd64 [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
15:22:34.0798 0xcd64 PnkBstrA - ok
15:22:34.0800 0xcd64 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
15:22:34.0810 0xcd64 PNRPAutoReg - ok
15:22:34.0821 0xcd64 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
15:22:34.0835 0xcd64 PNRPsvc - ok
15:22:34.0838 0xcd64 [ 8E0ACA1C5D6516E5E2E7A7AA5D44D704, 9CCE2FCBEDD21E1EA4A0476B4886DC6C6493CCBAB27AF23E83B0B0B646D8C520 ] Point64 C:\WINDOWS\System32\drivers\point64.sys
15:22:34.0843 0xcd64 Point64 - ok
15:22:34.0851 0xcd64 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
15:22:34.0866 0xcd64 PolicyAgent - ok
15:22:34.0870 0xcd64 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll
15:22:34.0882 0xcd64 Power - ok
15:22:34.0946 0xcd64 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
15:22:34.0997 0xcd64 PrintNotify - ok
15:22:35.0004 0xcd64 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
15:22:35.0013 0xcd64 Processor - ok
15:22:35.0018 0xcd64 [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
15:22:35.0031 0xcd64 ProfSvc - ok
15:22:35.0036 0xcd64 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
15:22:35.0047 0xcd64 Psched - ok
15:22:35.0054 0xcd64 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll
15:22:35.0069 0xcd64 QWAVE - ok
15:22:35.0071 0xcd64 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
15:22:35.0081 0xcd64 QWAVEdrv - ok
15:22:35.0085 0xcd64 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:22:35.0094 0xcd64 RasAcd - ok
15:22:35.0097 0xcd64 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:22:35.0110 0xcd64 RasAuto - ok
15:22:35.0120 0xcd64 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:22:35.0137 0xcd64 RasMan - ok
15:22:35.0141 0xcd64 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:22:35.0151 0xcd64 RasPppoe - ok
15:22:35.0221 0xcd64 [ 3B4642DE518A76310C62EEB9A64F771A, 198CF37D779FF9D3D529CF8C222A0A35D04AE3EF69D7861FB3F14D5CC3B3406C ] Razer Game Scanner Service E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
15:22:35.0245 0xcd64 Razer Game Scanner Service - ok
15:22:35.0258 0xcd64 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:22:35.0277 0xcd64 rdbss - ok
15:22:35.0281 0xcd64 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
15:22:35.0289 0xcd64 rdpbus - ok
15:22:35.0295 0xcd64 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
15:22:35.0306 0xcd64 RDPDR - ok
15:22:35.0310 0xcd64 [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
15:22:35.0316 0xcd64 RdpVideoMiniport - ok
15:22:35.0322 0xcd64 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
15:22:35.0332 0xcd64 rdyboost - ok
15:22:35.0351 0xcd64 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
15:22:35.0375 0xcd64 ReFS - ok
15:22:35.0381 0xcd64 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:22:35.0394 0xcd64 RemoteAccess - ok
15:22:35.0399 0xcd64 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:22:35.0413 0xcd64 RemoteRegistry - ok
15:22:35.0417 0xcd64 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
15:22:35.0429 0xcd64 RpcEptMapper - ok
15:22:35.0431 0xcd64 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe
15:22:35.0439 0xcd64 RpcLocator - ok
15:22:35.0452 0xcd64 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:22:35.0472 0xcd64 RpcSs - ok
15:22:35.0476 0xcd64 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
15:22:35.0487 0xcd64 rspndr - ok
15:22:35.0490 0xcd64 [ 41F8F530DEDCF7DB8C567E527658A088, C859269018CC51D8557C33B45FD0ED9B1F80D505DEBC581249F6FB4648E22DEB ] rzendpt C:\WINDOWS\System32\drivers\rzendpt.sys
15:22:35.0495 0xcd64 rzendpt - ok
15:22:35.0497 0xcd64 [ F17F84511E7DFDEEAB646F0699A006D7, 5237937841FBD1F99A5D6161DEBA26182DDAF617CA98946EE7DB0AB67FC149EA ] rzpmgrk C:\WINDOWS\system32\drivers\rzpmgrk.sys
15:22:35.0502 0xcd64 rzpmgrk - ok
15:22:35.0506 0xcd64 [ FEF60A37301E1F5A3020FA3487FB2CD7, 0C925468C3376458D0E1EC65E097BD1A81A03901035C0195E8F6EF904EF3F901 ] rzpnk C:\WINDOWS\system32\drivers\rzpnk.sys
15:22:35.0513 0xcd64 rzpnk - ok
15:22:35.0517 0xcd64 [ C2A49525F6CEEED97A1D9FC950AAF863, DAA57C1C446861C733D3BE668EB247E40CE3871EF8FA0BB91CEB074B7357E0D8 ] rzudd C:\WINDOWS\System32\drivers\rzudd.sys
15:22:35.0524 0xcd64 rzudd - ok
15:22:35.0527 0xcd64 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
15:22:35.0535 0xcd64 s3cap - ok
15:22:35.0537 0xcd64 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe
15:22:35.0545 0xcd64 SamSs - ok
15:22:35.0549 0xcd64 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
15:22:35.0557 0xcd64 sbp2port - ok
15:22:35.0562 0xcd64 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
15:22:35.0576 0xcd64 SCardSvr - ok
15:22:35.0581 0xcd64 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
15:22:35.0593 0xcd64 ScDeviceEnum - ok
15:22:35.0596 0xcd64 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
15:22:35.0605 0xcd64 scfilter - ok
15:22:35.0626 0xcd64 [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:22:35.0654 0xcd64 Schedule - ok
15:22:35.0660 0xcd64 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
15:22:35.0671 0xcd64 SCPolicySvc - ok
15:22:35.0678 0xcd64 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
15:22:35.0689 0xcd64 sdbus - ok
15:22:35.0693 0xcd64 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
15:22:35.0700 0xcd64 sdstor - ok
15:22:35.0702 0xcd64 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
15:22:35.0710 0xcd64 secdrv - ok
15:22:35.0713 0xcd64 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll
15:22:35.0724 0xcd64 seclogon - ok
15:22:35.0727 0xcd64 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll
15:22:35.0741 0xcd64 SENS - ok
15:22:35.0746 0xcd64 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
15:22:35.0759 0xcd64 SensrSvc - ok
15:22:35.0762 0xcd64 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
15:22:35.0770 0xcd64 SerCx - ok
15:22:35.0775 0xcd64 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
15:22:35.0783 0xcd64 SerCx2 - ok
15:22:35.0786 0xcd64 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
15:22:35.0793 0xcd64 Serenum - ok
15:22:35.0797 0xcd64 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
15:22:35.0806 0xcd64 Serial - ok
15:22:35.0809 0xcd64 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
15:22:35.0817 0xcd64 sermouse - ok
15:22:35.0826 0xcd64 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
15:22:35.0841 0xcd64 SessionEnv - ok
15:22:35.0844 0xcd64 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
15:22:35.0852 0xcd64 sfloppy - ok
15:22:35.0860 0xcd64 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:22:35.0875 0xcd64 SharedAccess - ok
15:22:35.0887 0xcd64 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:22:35.0909 0xcd64 ShellHWDetection - ok
15:22:35.0914 0xcd64 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:22:35.0921 0xcd64 SiSRaid2 - ok
15:22:35.0925 0xcd64 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
15:22:35.0932 0xcd64 SiSRaid4 - ok
15:22:35.0998 0xcd64 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate E:\Program Files (x86)\Skype\Updater\Updater.exe
15:22:36.0027 0xcd64 SkypeUpdate - ok
15:22:36.0031 0xcd64 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll
15:22:36.0048 0xcd64 smphost - ok
15:22:36.0053 0xcd64 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
15:22:36.0065 0xcd64 SNMPTRAP - ok
15:22:36.0077 0xcd64 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
15:22:36.0094 0xcd64 spaceport - ok
15:22:36.0100 0xcd64 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
15:22:36.0117 0xcd64 SpbCx - ok
15:22:36.0135 0xcd64 [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\WINDOWS\System32\spoolsv.exe
15:22:36.0159 0xcd64 Spooler - ok
15:22:36.0246 0xcd64 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
15:22:36.0370 0xcd64 sppsvc - ok
15:22:36.0383 0xcd64 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:22:36.0398 0xcd64 srv - ok
15:22:36.0409 0xcd64 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
15:22:36.0427 0xcd64 srv2 - ok
15:22:36.0433 0xcd64 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
15:22:36.0445 0xcd64 srvnet - ok
15:22:36.0451 0xcd64 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:22:36.0466 0xcd64 SSDPSRV - ok
15:22:36.0471 0xcd64 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
15:22:36.0484 0xcd64 SstpSvc - ok
15:22:36.0534 0xcd64 [ CD30FC0824560F9FEA44661F2AE7B18D, C4CC7FEA175AB699F790DE5C63C89F177CD0ECA6463A0B723C2698EB6B85D628 ] Steam Client Service E:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:22:36.0549 0xcd64 Steam Client Service - ok
15:22:36.0589 0xcd64 [ E7AF8F82C69A5E9B2CC46633BCBBAAEE, D7FC81DB72A1A96219335AFF861ADD82BEC115CBCB70C6765058E1D76702403C ] Stereo Service E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:22:36.0621 0xcd64 Stereo Service - ok
15:22:36.0625 0xcd64 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
15:22:36.0633 0xcd64 stexstor - ok
15:22:36.0648 0xcd64 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll
15:22:36.0675 0xcd64 stisvc - ok
15:22:36.0682 0xcd64 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
15:22:36.0690 0xcd64 storahci - ok
15:22:36.0692 0xcd64 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
15:22:36.0701 0xcd64 storflt - ok
15:22:36.0705 0xcd64 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
15:22:36.0716 0xcd64 stornvme - ok
15:22:36.0722 0xcd64 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll
15:22:36.0739 0xcd64 StorSvc - ok
15:22:36.0743 0xcd64 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
15:22:36.0750 0xcd64 storvsc - ok
15:22:36.0752 0xcd64 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll
15:22:36.0764 0xcd64 svsvc - ok
15:22:36.0767 0xcd64 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
15:22:36.0773 0xcd64 swenum - ok
15:22:36.0785 0xcd64 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll
15:22:36.0806 0xcd64 swprv - ok
15:22:36.0826 0xcd64 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll
15:22:36.0855 0xcd64 SysMain - ok
15:22:36.0862 0xcd64 [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
15:22:36.0877 0xcd64 SystemEventsBroker - ok
15:22:36.0882 0xcd64 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
15:22:36.0897 0xcd64 TabletInputService - ok
15:22:36.0911 0xcd64 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:22:36.0934 0xcd64 TapiSrv - ok
15:22:37.0020 0xcd64 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
15:22:37.0079 0xcd64 Tcpip - ok
15:22:37.0118 0xcd64 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:22:37.0162 0xcd64 TCPIP6 - ok
15:22:37.0207 0xcd64 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
15:22:37.0224 0xcd64 tcpipreg - ok
15:22:37.0236 0xcd64 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
15:22:37.0258 0xcd64 tdx - ok
15:22:37.0263 0xcd64 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
15:22:37.0274 0xcd64 terminpt - ok
15:22:37.0294 0xcd64 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll
15:22:37.0322 0xcd64 TermService - ok
15:22:37.0330 0xcd64 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll
15:22:37.0350 0xcd64 Themes - ok
15:22:37.0355 0xcd64 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
15:22:37.0365 0xcd64 THREADORDER - ok
15:22:37.0373 0xcd64 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
15:22:37.0395 0xcd64 TimeBroker - ok
15:22:37.0401 0xcd64 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
15:22:37.0414 0xcd64 TPM - ok
15:22:37.0422 0xcd64 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll
15:22:37.0437 0xcd64 TrkWks - ok
15:22:37.0441 0xcd64 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
15:22:37.0451 0xcd64 TrustedInstaller - ok
15:22:37.0454 0xcd64 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
15:22:37.0464 0xcd64 TsUsbFlt - ok
15:22:37.0467 0xcd64 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
15:22:37.0476 0xcd64 TsUsbGD - ok
15:22:37.0480 0xcd64 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
15:22:37.0492 0xcd64 tunnel - ok
15:22:37.0495 0xcd64 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
15:22:37.0502 0xcd64 uagp35 - ok
15:22:37.0506 0xcd64 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
15:22:37.0514 0xcd64 UASPStor - ok
15:22:37.0519 0xcd64 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
15:22:37.0530 0xcd64 UCX01000 - ok
15:22:37.0538 0xcd64 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
15:22:37.0555 0xcd64 udfs - ok
15:22:37.0558 0xcd64 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
15:22:37.0564 0xcd64 UEFI - ok
15:22:37.0569 0xcd64 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
15:22:37.0581 0xcd64 UI0Detect - ok
15:22:37.0584 0xcd64 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
15:22:37.0591 0xcd64 uliagpkx - ok
15:22:37.0595 0xcd64 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
15:22:37.0603 0xcd64 umbus - ok
15:22:37.0605 0xcd64 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
15:22:37.0613 0xcd64 UmPass - ok
15:22:37.0621 0xcd64 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
15:22:37.0636 0xcd64 UmRdpService - ok
15:22:37.0645 0xcd64 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:22:37.0663 0xcd64 upnphost - ok
15:22:37.0666 0xcd64 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
15:22:37.0675 0xcd64 USBAAPL64 - ok
15:22:37.0680 0xcd64 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
15:22:37.0690 0xcd64 usbaudio - ok
15:22:37.0696 0xcd64 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
15:22:37.0704 0xcd64 usbccgp - ok
15:22:37.0708 0xcd64 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
15:22:37.0718 0xcd64 usbcir - ok
15:22:37.0722 0xcd64 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
15:22:37.0729 0xcd64 usbehci - ok
15:22:37.0744 0xcd64 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
15:22:37.0760 0xcd64 usbhub - ok
15:22:37.0774 0xcd64 [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
15:22:37.0792 0xcd64 USBHUB3 - ok
15:22:37.0795 0xcd64 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
15:22:37.0804 0xcd64 usbohci - ok
15:22:37.0807 0xcd64 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
15:22:37.0817 0xcd64 usbprint - ok
15:22:37.0820 0xcd64 [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:22:37.0829 0xcd64 usbscan - ok
15:22:37.0834 0xcd64 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
15:22:37.0842 0xcd64 USBSTOR - ok
15:22:37.0845 0xcd64 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
15:22:37.0854 0xcd64 usbuhci - ok
15:22:37.0862 0xcd64 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
15:22:37.0876 0xcd64 USBXHCI - ok
15:22:37.0878 0xcd64 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
15:22:37.0886 0xcd64 VaultSvc - ok
15:22:37.0888 0xcd64 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
15:22:37.0895 0xcd64 vdrvroot - ok
15:22:37.0916 0xcd64 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe
15:22:37.0951 0xcd64 vds - ok
15:22:37.0960 0xcd64 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
15:22:37.0971 0xcd64 VerifierExt - ok
15:22:38.0002 0xcd64 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
15:22:38.0036 0xcd64 vhdmp - ok
15:22:38.0038 0xcd64 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
15:22:38.0045 0xcd64 viaide - ok
15:22:38.0054 0xcd64 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
15:22:38.0063 0xcd64 vmbus - ok
15:22:38.0069 0xcd64 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
15:22:38.0081 0xcd64 VMBusHID - ok
15:22:38.0091 0xcd64 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
15:22:38.0108 0xcd64 vmicguestinterface - ok
15:22:38.0118 0xcd64 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
15:22:38.0133 0xcd64 vmicheartbeat - ok
15:22:38.0142 0xcd64 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
15:22:38.0156 0xcd64 vmickvpexchange - ok
15:22:38.0166 0xcd64 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
15:22:38.0180 0xcd64 vmicrdv - ok
15:22:38.0190 0xcd64 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
15:22:38.0204 0xcd64 vmicshutdown - ok
15:22:38.0214 0xcd64 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
15:22:38.0228 0xcd64 vmictimesync - ok
15:22:38.0239 0xcd64 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
15:22:38.0253 0xcd64 vmicvss - ok
15:22:38.0260 0xcd64 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
15:22:38.0271 0xcd64 volmgr - ok
15:22:38.0281 0xcd64 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
15:22:38.0297 0xcd64 volmgrx - ok
15:22:38.0316 0xcd64 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
15:22:38.0336 0xcd64 volsnap - ok
15:22:38.0339 0xcd64 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
15:22:38.0346 0xcd64 vpci - ok
15:22:38.0350 0xcd64 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
15:22:38.0359 0xcd64 vsmraid - ok
15:22:38.0382 0xcd64 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe
15:22:38.0414 0xcd64 VSS - ok
15:22:38.0422 0xcd64 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
15:22:38.0433 0xcd64 VSTXRAID - ok
15:22:38.0437 0xcd64 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
15:22:38.0446 0xcd64 vwifibus - ok
15:22:38.0455 0xcd64 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll
15:22:38.0474 0xcd64 W32Time - ok
15:22:38.0476 0xcd64 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
15:22:38.0485 0xcd64 WacomPen - ok
15:22:38.0507 0xcd64 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe
15:22:38.0541 0xcd64 wbengine - ok
15:22:38.0553 0xcd64 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
15:22:38.0570 0xcd64 WbioSrvc - ok
15:22:38.0581 0xcd64 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
15:22:38.0600 0xcd64 Wcmsvc - ok
15:22:38.0615 0xcd64 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
15:22:38.0634 0xcd64 wcncsvc - ok
15:22:38.0641 0xcd64 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
15:22:38.0661 0xcd64 WcsPlugInService - ok
15:22:38.0664 0xcd64 [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
15:22:38.0671 0xcd64 WdBoot - ok
15:22:38.0684 0xcd64 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
15:22:38.0704 0xcd64 Wdf01000 - ok
15:22:38.0711 0xcd64 [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
15:22:38.0721 0xcd64 WdFilter - ok
15:22:38.0725 0xcd64 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
15:22:38.0739 0xcd64 WdiServiceHost - ok
15:22:38.0742 0xcd64 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
15:22:38.0756 0xcd64 WdiSystemHost - ok
15:22:38.0760 0xcd64 [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
15:22:38.0768 0xcd64 WdNisDrv - ok
15:22:38.0788 0xcd64 WdNisSvc - ok
15:22:38.0794 0xcd64 [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\WINDOWS\System32\webclnt.dll
15:22:38.0807 0xcd64 WebClient - ok
15:22:38.0815 0xcd64 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
15:22:38.0830 0xcd64 Wecsvc - ok
15:22:38.0832 0xcd64 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
15:22:38.0845 0xcd64 WEPHOSTSVC - ok
15:22:38.0848 0xcd64 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
15:22:38.0862 0xcd64 wercplsupport - ok
15:22:38.0866 0xcd64 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
15:22:38.0879 0xcd64 WerSvc - ok
15:22:38.0883 0xcd64 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
15:22:38.0892 0xcd64 WFPLWFS - ok
15:22:38.0895 0xcd64 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
15:22:38.0906 0xcd64 WiaRpc - ok
15:22:38.0909 0xcd64 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
15:22:38.0916 0xcd64 WIMMount - ok
15:22:38.0917 0xcd64 WinDefend - ok
15:22:38.0934 0xcd64 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
15:22:38.0961 0xcd64 WinHttpAutoProxySvc - ok
15:22:38.0971 0xcd64 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:22:38.0985 0xcd64 Winmgmt - ok
15:22:39.0043 0xcd64 [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
15:22:39.0095 0xcd64 WinRM - ok
15:22:39.0103 0xcd64 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
15:22:39.0113 0xcd64 WinUsb - ok
15:22:39.0136 0xcd64 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
15:22:39.0170 0xcd64 WlanSvc - ok
15:22:39.0198 0xcd64 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
15:22:39.0233 0xcd64 wlidsvc - ok
15:22:39.0237 0xcd64 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
15:22:39.0245 0xcd64 WmiAcpi - ok
15:22:39.0251 0xcd64 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
15:22:39.0262 0xcd64 wmiApSrv - ok
15:22:39.0280 0xcd64 WMPNetworkSvc - ok
15:22:39.0285 0xcd64 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
15:22:39.0294 0xcd64 Wof - ok
15:22:39.0321 0xcd64 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
15:22:39.0357 0xcd64 workfolderssvc - ok
15:22:39.0362 0xcd64 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
15:22:39.0369 0xcd64 wpcfltr - ok
15:22:39.0371 0xcd64 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
15:22:39.0382 0xcd64 WPCSvc - ok
15:22:39.0386 0xcd64 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
15:22:39.0398 0xcd64 WPDBusEnum - ok
15:22:39.0401 0xcd64 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
15:22:39.0407 0xcd64 WpdUpFltr - ok
15:22:39.0410 0xcd64 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
15:22:39.0420 0xcd64 ws2ifsl - ok
15:22:39.0424 0xcd64 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll
15:22:39.0436 0xcd64 wscsvc - ok
15:22:39.0440 0xcd64 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
15:22:39.0449 0xcd64 WSDPrintDevice - ok
15:22:39.0451 0xcd64 WSearch - ok
15:22:39.0504 0xcd64 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll
15:22:39.0578 0xcd64 WSService - ok
15:22:39.0634 0xcd64 [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
15:22:39.0698 0xcd64 wuauserv - ok
15:22:39.0704 0xcd64 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
15:22:39.0713 0xcd64 WudfPf - ok
15:22:39.0719 0xcd64 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
15:22:39.0729 0xcd64 WUDFRd - ok
15:22:39.0734 0xcd64 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP C:\WINDOWS\System32\drivers\WUDFRd.sys
15:22:39.0744 0xcd64 WUDFSensorLP - ok
15:22:39.0748 0xcd64 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
15:22:39.0759 0xcd64 wudfsvc - ok
15:22:39.0765 0xcd64 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:22:39.0774 0xcd64 WUDFWpdFs - ok
15:22:39.0780 0xcd64 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:22:39.0789 0xcd64 WUDFWpdMtp - ok
15:22:39.0801 0xcd64 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
15:22:39.0819 0xcd64 WwanSvc - ok
15:22:39.0824 0xcd64 [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22 C:\WINDOWS\System32\drivers\xusb22.sys
15:22:39.0833 0xcd64 xusb22 - ok
15:22:39.0836 0xcd64 ================ Scan global ===============================
15:22:39.0839 0xcd64 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
15:22:39.0845 0xcd64 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
15:22:39.0853 0xcd64 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
15:22:39.0864 0xcd64 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
15:22:39.0871 0xcd64 [ Global ] - ok
15:22:39.0871 0xcd64 ================ Scan MBR ==================================
15:22:39.0873 0xcd64 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:22:39.0892 0xcd64 \Device\Harddisk0\DR0 - ok
15:22:39.0896 0xcd64 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:22:40.0631 0xcd64 \Device\Harddisk1\DR1 - ok
15:22:40.0632 0xcd64 ================ Scan VBR ==================================
15:22:40.0638 0xcd64 [ 5CB258282C4D158C4AF7DBDA74B91A26 ] \Device\Harddisk0\DR0\Partition1
15:22:40.0641 0xcd64 \Device\Harddisk0\DR0\Partition1 - ok
15:22:40.0646 0xcd64 [ D2F1733D19D05B3012071E0AAA646830 ] \Device\Harddisk0\DR0\Partition2
15:22:40.0648 0xcd64 \Device\Harddisk0\DR0\Partition2 - ok
15:22:40.0653 0xcd64 [ 2E31DA26F9F03F629C87C0206E56D788 ] \Device\Harddisk0\DR0\Partition3
15:22:40.0653 0xcd64 \Device\Harddisk0\DR0\Partition3 - ok
15:22:40.0660 0xcd64 [ FE5EA5FE462062B55417258D596842A3 ] \Device\Harddisk0\DR0\Partition4
15:22:40.0663 0xcd64 \Device\Harddisk0\DR0\Partition4 - ok
15:22:40.0668 0xcd64 [ 296EC25168FD3836D2BEAA9CE30C4CBB ] \Device\Harddisk0\DR0\Partition5
15:22:40.0671 0xcd64 \Device\Harddisk0\DR0\Partition5 - ok
15:22:40.0673 0xcd64 [ F45690B8455024D47BC4150CEFC7FFDF ] \Device\Harddisk1\DR1\Partition1
15:22:40.0711 0xcd64 \Device\Harddisk1\DR1\Partition1 - ok
15:22:40.0711 0xcd64 ================ Scan generic autorun ======================
15:22:40.0716 0xcd64 [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\WINDOWS\system32\rundll32.exe
15:22:40.0739 0xcd64 ShadowPlay - ok
15:22:40.0826 0xcd64 [ 7304E21B92E538E2CC793EDF478AC034, 39992D4541E100E5D8199B2FB5B7C7DD7213F8BC84AEA1924C6EC46E8711BF28 ] E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
15:22:40.0863 0xcd64 NvBackend - ok
15:22:40.0906 0xcd64 [ C4642DD25768D4F8088DF9D2FC4EC380, CDC1F6A66E638F63C40DBD061AFC71AE2A5FD6CC4C2FDCE3BD9E71892213AC34 ] E:\Program Files\Classic Shell\ClassicStartMenu.exe
15:22:40.0914 0xcd64 Classic Start Menu - ok
15:22:40.0925 0xcd64 [ BE1DAE43DFBCA94FB6B4157C1B16923E, 889A5B65315613B8D29EF66EFEC7198C5EF13A698FC0B237948A5443BD27C9DA ] C:\WINDOWS\syswow64\RunDll32.exe
15:22:40.0938 0xcd64 Cmaudio8788 - ok
15:22:40.0943 0xcd64 [ 0740D338A42F7778760F2B0CB6DA5830, C6D275B4993502A155F85D8DE26B119866DEE106C98CF29CDAACBAF11484C94A ] C:\WINDOWS\syswow64\HsMgr.exe
15:22:40.0949 0xcd64 Cmaudio8788GX - detected UnsignedFile.Multi.Generic ( 1 )
15:22:43.0362 0xcd64 Detect skipped due to KSN trusted
15:22:43.0362 0xcd64 Cmaudio8788GX - ok
15:22:43.0382 0xcd64 [ BEF1B23AD0BBF805F02FAA01EAE0AF4E, 65CCFEC1F61E475A1F6759ECCA8DE1844A26AB7F827BC1F63339A0DFF554B039 ] C:\WINDOWS\system\HsMgr64.exe
15:22:43.0404 0xcd64 Cmaudio8788GX64 - detected UnsignedFile.Multi.Generic ( 1 )
15:22:45.0814 0xcd64 Detect skipped due to KSN trusted
15:22:45.0814 0xcd64 Cmaudio8788GX64 - ok
15:22:45.0852 0xcd64 [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:22:45.0871 0xcd64 APSDaemon - ok
15:22:45.0959 0xcd64 [ 574600665D5BC5DFF376D4A5172E1A42, E1735D3AC188430F1A109718FFF2CC4789BD2F158D28C9E4321C7D38ED9D271C ] E:\Program Files (x86)\Steam\steam.exe
15:22:45.0991 0xcd64 Steam - ok
15:22:46.0077 0xcd64 [ 0FB5EB5C3639C88A02DADA0BBC079A58, 0C55C5ADEC91999F3C748F369F106BDA7D95237150AB84DD07795AAB10E82BE0 ] E:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
15:22:46.0117 0xcd64 Battle.net - ok
15:22:46.0201 0xcd64 [ 0F29059DD47E5E385E957473B2710D15, 119C0FB54DA026B5A9A60143B86155C6851147AA619373589204F80F2E6AB1AE ] E:\Program Files (x86)\Origin\Origin.exe
15:22:46.0268 0xcd64 EADM - ok
15:22:46.0287 0xcd64 Skype - ok
15:22:46.0355 0xcd64 [ 5F3587E344F2990B59C941FB405CAA0F, FECEC63F515EF66FAD84FF589E95B931574CA1F6BDFC9D6E016B0604AFF18498 ] E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
15:22:46.0370 0xcd64 GoogleChromeAutoLaunch_1BB0B968DB2E1DD5640AAF2B69FD58ED - ok
15:22:46.0371 0xcd64 Waiting for KSN requests completion. In queue: 5
15:22:47.0371 0xcd64 Waiting for KSN requests completion. In queue: 5
15:22:48.0372 0xcd64 Waiting for KSN requests completion. In queue: 5
15:22:49.0400 0xcd64 AV detected via SS2: Windows Defender, E:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
15:22:49.0418 0xcd64 AV detected via SS2: avast! Antivirus, E:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
15:22:49.0420 0xcd64 Win FW state via NFP2: enabled
15:22:51.0798 0xcd64 ============================================================
15:22:51.0798 0xcd64 Scan finished
15:22:51.0798 0xcd64 ============================================================
15:22:51.0815 0x7038 Detected object count: 0
15:22:51.0815 0x7038 Actual detected object count: 0
15:24:32.0710 0xcf0c Deinitialize success
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org
Database version: v2014.12.29.04
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17498
Pascal :: PASCALS-PC [administrator]
29.12.2014 15:27:44
mbar-log-2014-12-29 (15-27-44).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 363623
Time elapsed: 5 minute(s), 14 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
29.12.2014, 16:08
| #7 |
| | Telekom Abuse Team warnt vor Bedrohung. PC2 TDSSKiller Log: Code:
ATTFilter 15:34:35.0493 0x17fc TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
15:34:35.0493 0x17fc UEFI system
15:34:37.0942 0x17fc ============================================================
15:34:37.0942 0x17fc Current date / time: 2014/12/29 15:34:37.0942
15:34:37.0942 0x17fc SystemInfo:
15:34:37.0942 0x17fc
15:34:37.0942 0x17fc OS Version: 6.1.7601 ServicePack: 1.0
15:34:37.0942 0x17fc Product type: Workstation
15:34:37.0942 0x17fc ComputerName: WOHNZIMMER-PC
15:34:37.0942 0x17fc UserName: Hartmut und Marion
15:34:37.0942 0x17fc Windows directory: C:\Windows
15:34:37.0942 0x17fc System windows directory: C:\Windows
15:34:37.0942 0x17fc Running under WOW64
15:34:37.0942 0x17fc Processor architecture: Intel x64
15:34:37.0942 0x17fc Number of processors: 2
15:34:37.0942 0x17fc Page size: 0x1000
15:34:37.0942 0x17fc Boot type: Normal boot
15:34:37.0942 0x17fc ============================================================
15:34:38.0722 0x17fc KLMD registered as C:\Windows\system32\drivers\30845947.sys
15:34:39.0081 0x17fc System UUID: {B47B5AC1-DAE0-46EA-80C2-7C6C11DAD60C}
15:34:39.0595 0x17fc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:34:39.0627 0x17fc ============================================================
15:34:39.0627 0x17fc \Device\Harddisk0\DR0:
15:34:39.0627 0x17fc GPT partitions:
15:34:39.0627 0x17fc \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F67DF2AC-3CA0-4733-8EA2-07CAF1027844}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
15:34:39.0627 0x17fc \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E344ED2B-C75E-49D4-B7D8-46CA454319D2}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
15:34:39.0627 0x17fc \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D1C27778-F2DB-4D11-B34A-B1FBE46C113A}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x3A313000
15:34:39.0627 0x17fc MBR partitions:
15:34:39.0627 0x17fc ============================================================
15:34:39.0658 0x17fc C: <-> \Device\Harddisk0\DR0\Partition3
15:34:39.0658 0x17fc ============================================================
15:34:39.0658 0x17fc Initialize success
15:34:39.0658 0x17fc ============================================================
15:35:52.0370 0x141c ============================================================
15:35:52.0370 0x141c Scan started
15:35:52.0370 0x141c Mode: Manual; SigCheck; TDLFS;
15:35:52.0370 0x141c ============================================================
15:35:52.0370 0x141c KSN ping started
15:36:05.0801 0x141c KSN ping finished: true
15:36:06.0784 0x141c ================ Scan system memory ========================
15:36:06.0784 0x141c System memory - ok
15:36:06.0784 0x141c ================ Scan services =============================
15:36:06.0924 0x141c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:36:07.0049 0x141c 1394ohci - ok
15:36:07.0221 0x141c [ 7546427637E4BDFFF6F0E53C39DD844B, F41207E8BB86320A0CB397A0FAAB937140019FD34D972B10E84DC25ABC9B3628 ] ABBYY.Licensing.FineReader.Professional.11.0 C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
15:36:07.0252 0x141c ABBYY.Licensing.FineReader.Professional.11.0 - ok
15:36:07.0283 0x141c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:36:07.0299 0x141c ACPI - ok
15:36:07.0330 0x141c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:36:07.0392 0x141c AcpiPmi - ok
15:36:07.0486 0x141c [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:36:07.0517 0x141c AdobeARMservice - ok
15:36:07.0642 0x141c [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:36:07.0658 0x141c AdobeFlashPlayerUpdateSvc - ok
15:36:07.0704 0x141c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:36:07.0736 0x141c adp94xx - ok
15:36:07.0814 0x141c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:36:07.0860 0x141c adpahci - ok
15:36:07.0876 0x141c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:36:07.0892 0x141c adpu320 - ok
15:36:07.0923 0x141c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:36:07.0970 0x141c AeLookupSvc - ok
15:36:08.0032 0x141c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
15:36:08.0079 0x141c AFD - ok
15:36:08.0094 0x141c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:36:08.0110 0x141c agp440 - ok
15:36:08.0126 0x141c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:36:08.0157 0x141c ALG - ok
15:36:08.0204 0x141c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:36:08.0235 0x141c aliide - ok
15:36:08.0266 0x141c [ 2EF1BA6D5DC79FCE5E9216C8C2D3F193, E59E79AF44878AAC09DF5DE8CEDB9088800711553C7C7E358328274C116B46F9 ] amdhub30 C:\Windows\system32\DRIVERS\amdhub30.sys
15:36:08.0297 0x141c amdhub30 - ok
15:36:08.0313 0x141c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:36:08.0328 0x141c amdide - ok
15:36:08.0360 0x141c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:36:08.0391 0x141c AmdK8 - ok
15:36:08.0438 0x141c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:36:08.0453 0x141c AmdPPM - ok
15:36:08.0500 0x141c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:36:08.0516 0x141c amdsata - ok
15:36:08.0547 0x141c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:36:08.0562 0x141c amdsbs - ok
15:36:08.0594 0x141c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:36:08.0609 0x141c amdxata - ok
15:36:08.0640 0x141c [ 541A6C49C792ED71FB3EFF8C815CFE60, BC8D740C980CA60C06364CB75BDA323A1604C4CFAF753FD8C44D2FF312C6C7E1 ] amdxhc C:\Windows\system32\DRIVERS\amdxhc.sys
15:36:08.0640 0x141c amdxhc - ok
15:36:08.0672 0x141c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
15:36:08.0750 0x141c AppID - ok
15:36:08.0781 0x141c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:36:08.0828 0x141c AppIDSvc - ok
15:36:08.0859 0x141c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
15:36:08.0906 0x141c Appinfo - ok
15:36:08.0999 0x141c [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:36:09.0015 0x141c Apple Mobile Device - ok
15:36:09.0046 0x141c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
15:36:09.0077 0x141c arc - ok
15:36:09.0093 0x141c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:36:09.0108 0x141c arcsas - ok
15:36:09.0280 0x141c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:36:09.0311 0x141c aspnet_state - ok
15:36:09.0342 0x141c [ 340B0467E98A8C92697D73034DB4BCB7, 342572B566747A05DA5391CFC027A6703AECCE29C3D288428884D8641A35D0F5 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
15:36:09.0358 0x141c aswHwid - ok
15:36:09.0374 0x141c [ ED5B09937D559FFA53FC988D20031E98, EC9E50C9BC2184AE93944EA3115A25BADF5FFB91D11776498EBC9A0D60029A84 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:36:09.0389 0x141c aswMonFlt - ok
15:36:09.0420 0x141c [ 33C77DCB0AEC76E26BD6352A1A5281BB, CEA7BB3407C1F900DE5CB09F42AF7734811F86B7DE0085FADC7AAE8178D59665 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
15:36:09.0436 0x141c aswRdr - ok
15:36:09.0452 0x141c [ BF5B9E9E97CED45208E498D9FA73688F, BCB2CC516EAD040573D80599C2306ECB26FCCB16A97B940327CD3A3CE9077877 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
15:36:09.0467 0x141c aswRvrt - ok
15:36:09.0514 0x141c [ F88CE00A7736C349ED1414D7ECDC9BED, 8C0783CE32968874065C2F46088B34F9C872F26C98AB8E8BA895D84CCB25E534 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:36:09.0545 0x141c aswSnx - ok
15:36:09.0576 0x141c [ 3AE912B08E2A1ABB2B63F3C56BED95C2, BE99BA3A74427444FEE5D47D70BDBA631DBBF50D80B0483C0675F87119926765 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:36:09.0592 0x141c aswSP - ok
15:36:09.0608 0x141c [ A7115ED31675BB823CFA9FE571C25676, DEEBB3920934DCDDD488DCFCB1E6F4C7EFDD3C79F31E41D59E292C3CF9400E95 ] aswStm C:\Windows\system32\drivers\aswStm.sys
15:36:09.0623 0x141c aswStm - ok
15:36:09.0654 0x141c [ 47CBD3F64E412FFAFD93404580A3C7B9, F9B02E232416BAFC21BCBCDC0A3D9E5E855BFAF11F29ED2C4C469692E6688278 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
15:36:09.0654 0x141c aswVmm - ok
15:36:09.0670 0x141c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:36:09.0732 0x141c AsyncMac - ok
15:36:09.0748 0x141c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:36:09.0764 0x141c atapi - ok
15:36:09.0795 0x141c [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
15:36:09.0826 0x141c AthBTPort - ok
15:36:09.0873 0x141c [ 4119870B90E1B5E7797D6433D21F9216, 5CDA3748A6C89B1046173F20D857D164F4170A5028370B5BB9843212CEA86C8F ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys
15:36:09.0935 0x141c ATHDFU - ok
15:36:09.0998 0x141c [ 1A3F71AADE163866001C91BF9FB6F299, 929C4633C19E9C066C322F27431AEBBE7EB676CC14A02624BF51A803426BC1EA ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
15:36:10.0029 0x141c AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
15:36:12.0431 0x141c Detect skipped due to KSN trusted
15:36:12.0431 0x141c AtherosSvc - ok
15:36:12.0540 0x141c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:36:12.0587 0x141c AudioEndpointBuilder - ok
15:36:12.0603 0x141c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:36:12.0618 0x141c AudioSrv - ok
15:36:12.0696 0x141c [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:36:12.0696 0x141c avast! Antivirus - ok
15:36:12.0743 0x141c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:36:12.0790 0x141c AxInstSV - ok
15:36:12.0837 0x141c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:36:12.0899 0x141c b06bdrv - ok
15:36:12.0946 0x141c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:36:13.0024 0x141c b57nd60a - ok
15:36:13.0055 0x141c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:36:13.0071 0x141c BDESVC - ok
15:36:13.0086 0x141c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:36:13.0149 0x141c Beep - ok
15:36:13.0211 0x141c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:36:13.0289 0x141c BFE - ok
15:36:13.0336 0x141c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
15:36:13.0383 0x141c BITS - ok
15:36:13.0398 0x141c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:36:13.0430 0x141c blbdrive - ok
15:36:13.0508 0x141c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:36:13.0523 0x141c Bonjour Service - ok
15:36:13.0570 0x141c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:36:13.0632 0x141c bowser - ok
15:36:13.0664 0x141c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:36:13.0695 0x141c BrFiltLo - ok
15:36:13.0710 0x141c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:36:13.0742 0x141c BrFiltUp - ok
15:36:13.0773 0x141c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:36:13.0835 0x141c Browser - ok
15:36:13.0866 0x141c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:36:13.0882 0x141c Brserid - ok
15:36:13.0898 0x141c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:36:13.0913 0x141c BrSerWdm - ok
15:36:13.0929 0x141c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:36:13.0960 0x141c BrUsbMdm - ok
15:36:13.0991 0x141c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:36:14.0038 0x141c BrUsbSer - ok
15:36:14.0100 0x141c [ FE70889A85C57A9268101B2DB0474509, 9E957390A52BE4E5642724FEC06A201682F93DD1C6F2C00A5F57351460CF5AE0 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
15:36:14.0163 0x141c BTATH_A2DP - ok
15:36:14.0225 0x141c [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
15:36:14.0241 0x141c BTATH_BUS - ok
15:36:14.0288 0x141c [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
15:36:14.0319 0x141c BTATH_HCRP - ok
15:36:14.0350 0x141c [ 0DEA505EFB5D771826D177EF8B8A208F, FD8027DA791F04077490749AC5A08F73CCBA1731462579AA9008CD8DD82FBBBC ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
15:36:14.0381 0x141c BTATH_LWFLT - ok
15:36:14.0428 0x141c [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
15:36:14.0490 0x141c BTATH_RCP - ok
15:36:14.0537 0x141c [ DCE0798FD5BB4E452227EC58700956F5, 7A32824F7AFF47C907CE0F84994CEF15A38A60722533058C8AC014691DFE72F4 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
15:36:14.0584 0x141c BtFilter - ok
15:36:14.0631 0x141c [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
15:36:14.0662 0x141c BthEnum - ok
15:36:14.0678 0x141c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:36:14.0709 0x141c BTHMODEM - ok
15:36:14.0724 0x141c [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:36:14.0771 0x141c BthPan - ok
15:36:14.0802 0x141c [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
15:36:14.0849 0x141c BTHPORT - ok
15:36:14.0865 0x141c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:36:14.0912 0x141c bthserv - ok
15:36:14.0927 0x141c [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
15:36:14.0943 0x141c BTHUSB - ok
15:36:14.0958 0x141c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:36:14.0990 0x141c cdfs - ok
15:36:15.0036 0x141c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:36:15.0083 0x141c cdrom - ok
15:36:15.0114 0x141c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:36:15.0161 0x141c CertPropSvc - ok
15:36:15.0177 0x141c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
15:36:15.0224 0x141c circlass - ok
15:36:15.0255 0x141c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
15:36:15.0270 0x141c CLFS - ok
15:36:15.0333 0x141c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:36:15.0348 0x141c clr_optimization_v2.0.50727_32 - ok
15:36:15.0364 0x141c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:36:15.0380 0x141c clr_optimization_v2.0.50727_64 - ok
15:36:15.0458 0x141c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:36:15.0489 0x141c clr_optimization_v4.0.30319_32 - ok
15:36:15.0504 0x141c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:36:15.0504 0x141c clr_optimization_v4.0.30319_64 - ok
15:36:15.0536 0x141c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:36:15.0598 0x141c CmBatt - ok
15:36:15.0645 0x141c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:36:15.0660 0x141c cmdide - ok
15:36:15.0723 0x141c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
15:36:15.0770 0x141c CNG - ok
15:36:15.0770 0x141c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:36:15.0785 0x141c Compbatt - ok
15:36:15.0801 0x141c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:36:15.0832 0x141c CompositeBus - ok
15:36:15.0848 0x141c COMSysApp - ok
15:36:15.0863 0x141c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:36:15.0879 0x141c crcdisk - ok
15:36:15.0926 0x141c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:36:15.0988 0x141c CryptSvc - ok
15:36:16.0050 0x141c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:36:16.0097 0x141c DcomLaunch - ok
15:36:16.0128 0x141c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:36:16.0160 0x141c defragsvc - ok
15:36:16.0175 0x141c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:36:16.0222 0x141c DfsC - ok
15:36:16.0269 0x141c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:36:16.0316 0x141c Dhcp - ok
15:36:16.0347 0x141c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:36:16.0378 0x141c discache - ok
15:36:16.0409 0x141c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
15:36:16.0409 0x141c Disk - ok
15:36:16.0472 0x141c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:36:16.0518 0x141c Dnscache - ok
15:36:16.0565 0x141c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:36:16.0612 0x141c dot3svc - ok
15:36:16.0643 0x141c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:36:16.0674 0x141c DPS - ok
15:36:16.0721 0x141c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:36:16.0752 0x141c drmkaud - ok
15:36:16.0846 0x141c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:36:16.0862 0x141c DXGKrnl - ok
15:36:16.0893 0x141c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:36:16.0924 0x141c EapHost - ok
15:36:17.0064 0x141c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:36:17.0220 0x141c ebdrv - ok
15:36:17.0267 0x141c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
15:36:17.0298 0x141c EFS - ok
15:36:17.0361 0x141c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:36:17.0408 0x141c ehRecvr - ok
15:36:17.0439 0x141c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:36:17.0454 0x141c ehSched - ok
15:36:17.0486 0x141c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:36:17.0517 0x141c elxstor - ok
15:36:17.0532 0x141c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:36:17.0579 0x141c ErrDev - ok
15:36:17.0642 0x141c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:36:17.0688 0x141c EventSystem - ok
15:36:17.0720 0x141c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:36:17.0766 0x141c exfat - ok
15:36:17.0782 0x141c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:36:17.0829 0x141c fastfat - ok
15:36:17.0891 0x141c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:36:17.0938 0x141c Fax - ok
15:36:17.0954 0x141c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
15:36:17.0969 0x141c fdc - ok
15:36:17.0985 0x141c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:36:18.0016 0x141c fdPHost - ok
15:36:18.0032 0x141c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:36:18.0078 0x141c FDResPub - ok
15:36:18.0110 0x141c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:36:18.0110 0x141c FileInfo - ok
15:36:18.0125 0x141c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:36:18.0172 0x141c Filetrace - ok
15:36:18.0188 0x141c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:36:18.0203 0x141c flpydisk - ok
15:36:18.0234 0x141c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:36:18.0250 0x141c FltMgr - ok
15:36:18.0344 0x141c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
15:36:18.0406 0x141c FontCache - ok
15:36:18.0437 0x141c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:36:18.0453 0x141c FontCache3.0.0.0 - ok
15:36:18.0484 0x141c [ 9FB835781EFB1FE0BDC73B04196F0CF1, 519055C12D0F436C2FCD4C3CBE57FE8D07B4B6B56AD280A940B2E1B85AC521EB ] Freedom Scientific Kernel Manager C:\Windows\system32\fsKMgr.dll
15:36:18.0484 0x141c Freedom Scientific Kernel Manager - ok
15:36:18.0515 0x141c [ 40F9E30913516CE5000F46729C56691C, DE8CFC811E1C03CAEE56FAF48BF609785C8B9D13F66606821349D0003A3C57BF ] FSBRLDSP C:\Windows\system32\DRIVERS\FSBRLDSP.sys
15:36:18.0546 0x141c FSBRLDSP - ok
15:36:18.0578 0x141c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:36:18.0578 0x141c FsDepends - ok
15:36:18.0593 0x141c [ 7A1CA6D5AEF8256D905C02907F483720, 8CF087D3BD67818F48C28FBE6E399BC449589B5B140863DE2857BEA6BFC5F0C1 ] fsvidmir_service C:\Windows\system32\DRIVERS\fsvidmir.sys
15:36:18.0609 0x141c fsvidmir_service - ok
15:36:18.0640 0x141c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:36:18.0656 0x141c Fs_Rec - ok
15:36:18.0702 0x141c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:36:18.0749 0x141c fvevol - ok
15:36:18.0765 0x141c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:36:18.0780 0x141c gagp30kx - ok
15:36:18.0827 0x141c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:36:18.0843 0x141c GEARAspiWDM - ok
15:36:18.0890 0x141c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
15:36:18.0952 0x141c gpsvc - ok
15:36:18.0983 0x141c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:36:18.0999 0x141c hcw85cir - ok
15:36:19.0046 0x141c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:36:19.0108 0x141c HdAudAddService - ok
15:36:19.0139 0x141c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:36:19.0186 0x141c HDAudBus - ok
15:36:19.0202 0x141c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:36:19.0233 0x141c HidBatt - ok
15:36:19.0264 0x141c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:36:19.0311 0x141c HidBth - ok
15:36:19.0342 0x141c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
15:36:19.0358 0x141c HidIr - ok
15:36:19.0389 0x141c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
15:36:19.0436 0x141c hidserv - ok
15:36:19.0498 0x141c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
15:36:19.0529 0x141c HidUsb - ok
15:36:19.0545 0x141c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:36:19.0592 0x141c hkmsvc - ok
15:36:19.0623 0x141c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:36:19.0670 0x141c HomeGroupListener - ok
15:36:19.0701 0x141c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:36:19.0732 0x141c HomeGroupProvider - ok
15:36:19.0748 0x141c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:36:19.0763 0x141c HpSAMD - ok
15:36:19.0794 0x141c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:36:19.0841 0x141c HTTP - ok
15:36:19.0857 0x141c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:36:19.0872 0x141c hwpolicy - ok
15:36:19.0888 0x141c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:36:19.0904 0x141c i8042prt - ok
15:36:19.0950 0x141c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:36:19.0966 0x141c iaStorV - ok
15:36:20.0013 0x141c [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:36:20.0028 0x141c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:36:22.0790 0x141c Detect skipped due to KSN trusted
15:36:22.0790 0x141c IDriverT - ok
15:36:22.0883 0x141c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:36:22.0914 0x141c idsvc - ok
15:36:22.0946 0x141c IEEtwCollectorService - ok
15:36:22.0992 0x141c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:36:23.0008 0x141c iirsp - ok
15:36:23.0055 0x141c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:36:23.0086 0x141c IKEEXT - ok
15:36:23.0102 0x141c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:36:23.0117 0x141c intelide - ok
15:36:23.0148 0x141c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
15:36:23.0180 0x141c intelppm - ok
15:36:23.0211 0x141c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:36:23.0258 0x141c IPBusEnum - ok
15:36:23.0289 0x141c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:36:23.0336 0x141c IpFilterDriver - ok
15:36:23.0398 0x141c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:36:23.0445 0x141c iphlpsvc - ok
15:36:23.0460 0x141c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:36:23.0476 0x141c IPMIDRV - ok
15:36:23.0507 0x141c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:36:23.0554 0x141c IPNAT - ok
15:36:23.0632 0x141c [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:36:23.0663 0x141c iPod Service - ok
15:36:23.0694 0x141c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:36:23.0710 0x141c IRENUM - ok
15:36:23.0726 0x141c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:36:23.0741 0x141c isapnp - ok
15:36:23.0788 0x141c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:36:23.0819 0x141c iScsiPrt - ok
15:36:23.0913 0x141c [ BF59432890AB30BECE483B2ABB64416B, 518ACA8E74F6AF6330CE6E3FC3E3E99AA05EC979C242E7B1B5502D659CC904FB ] JTVNCProxy_15.0 C:\Program Files\Freedom Scientific\JAWS\15.0\JTVNCProxy.exe
15:36:23.0928 0x141c JTVNCProxy_15.0 - ok
15:36:23.0960 0x141c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:36:23.0975 0x141c kbdclass - ok
15:36:24.0006 0x141c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:36:24.0053 0x141c kbdhid - ok
15:36:24.0069 0x141c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
15:36:24.0100 0x141c KeyIso - ok
15:36:24.0147 0x141c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:36:24.0162 0x141c KSecDD - ok
15:36:24.0194 0x141c [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:36:24.0209 0x141c KSecPkg - ok
15:36:24.0225 0x141c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:36:24.0256 0x141c ksthunk - ok
15:36:24.0287 0x141c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:36:24.0334 0x141c KtmRm - ok
15:36:24.0381 0x141c [ FC741259B7C22379EE83257D7CF91151, 37FAA2E03DFE8C04762178EC7C0AD7AB383155772EFF857D7D27225F8DF29C5B ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
15:36:24.0396 0x141c L1C - ok
15:36:24.0428 0x141c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:36:24.0474 0x141c LanmanServer - ok
15:36:24.0490 0x141c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:36:24.0521 0x141c LanmanWorkstation - ok
15:36:24.0552 0x141c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:36:24.0599 0x141c lltdio - ok
15:36:24.0646 0x141c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:36:24.0708 0x141c lltdsvc - ok
15:36:24.0740 0x141c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:36:24.0771 0x141c lmhosts - ok
15:36:24.0786 0x141c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:36:24.0802 0x141c LSI_FC - ok
15:36:24.0818 0x141c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:36:24.0833 0x141c LSI_SAS - ok
15:36:24.0833 0x141c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:36:24.0849 0x141c LSI_SAS2 - ok
15:36:24.0864 0x141c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:36:24.0880 0x141c LSI_SCSI - ok
15:36:24.0896 0x141c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:36:24.0942 0x141c luafv - ok
15:36:24.0989 0x141c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:36:25.0020 0x141c Mcx2Svc - ok
15:36:25.0036 0x141c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
15:36:25.0036 0x141c megasas - ok
15:36:25.0067 0x141c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:36:25.0083 0x141c MegaSR - ok
15:36:25.0098 0x141c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:36:25.0145 0x141c MMCSS - ok
15:36:25.0161 0x141c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:36:25.0192 0x141c Modem - ok
15:36:25.0208 0x141c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:36:25.0239 0x141c monitor - ok
15:36:25.0270 0x141c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:36:25.0286 0x141c mouclass - ok
15:36:25.0286 0x141c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:36:25.0301 0x141c mouhid - ok
15:36:25.0317 0x141c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:36:25.0332 0x141c mountmgr - ok
15:36:25.0364 0x141c [ DFCD29AB147716CA72416FA7D2196D46, ED60BF354347697F69A78C9FBE1ADCBE0C3EB4C2CC8DB97A7FA03A68BD796066 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:36:25.0379 0x141c MozillaMaintenance - ok
15:36:25.0395 0x141c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:36:25.0410 0x141c mpio - ok
15:36:25.0442 0x141c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:36:25.0488 0x141c mpsdrv - ok
15:36:25.0535 0x141c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:36:25.0598 0x141c MpsSvc - ok
15:36:25.0644 0x141c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:36:25.0676 0x141c MRxDAV - ok
15:36:25.0722 0x141c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:36:25.0769 0x141c mrxsmb - ok
15:36:25.0785 0x141c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:36:25.0816 0x141c mrxsmb10 - ok
15:36:25.0832 0x141c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:36:25.0847 0x141c mrxsmb20 - ok
15:36:25.0878 0x141c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:36:25.0910 0x141c msahci - ok
15:36:25.0925 0x141c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:36:25.0925 0x141c msdsm - ok
15:36:25.0941 0x141c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:36:25.0972 0x141c MSDTC - ok
15:36:26.0003 0x141c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:36:26.0066 0x141c Msfs - ok
15:36:26.0097 0x141c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:36:26.0144 0x141c mshidkmdf - ok
15:36:26.0159 0x141c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:36:26.0175 0x141c msisadrv - ok
15:36:26.0190 0x141c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:36:26.0237 0x141c MSiSCSI - ok
15:36:26.0237 0x141c msiserver - ok
15:36:26.0268 0x141c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:36:26.0315 0x141c MSKSSRV - ok
15:36:26.0331 0x141c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:36:26.0378 0x141c MSPCLOCK - ok
15:36:26.0378 0x141c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:36:26.0409 0x141c MSPQM - ok
15:36:26.0440 0x141c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:36:26.0456 0x141c MsRPC - ok
15:36:26.0471 0x141c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:36:26.0471 0x141c mssmbios - ok
15:36:26.0487 0x141c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:36:26.0534 0x141c MSTEE - ok
15:36:26.0549 0x141c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:36:26.0580 0x141c MTConfig - ok
15:36:26.0612 0x141c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:36:26.0627 0x141c Mup - ok
15:36:26.0658 0x141c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:36:26.0690 0x141c napagent - ok
15:36:26.0736 0x141c NasPmService - ok
15:36:26.0752 0x141c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:36:26.0783 0x141c NativeWifiP - ok
15:36:26.0846 0x141c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
15:36:26.0877 0x141c NDIS - ok
15:36:26.0892 0x141c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:36:26.0924 0x141c NdisCap - ok
15:36:26.0939 0x141c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:36:26.0986 0x141c NdisTapi - ok
15:36:27.0017 0x141c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:36:27.0033 0x141c Ndisuio - ok
15:36:27.0064 0x141c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:36:27.0095 0x141c NdisWan - ok
15:36:27.0111 0x141c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:36:27.0158 0x141c NDProxy - ok
15:36:27.0173 0x141c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:36:27.0236 0x141c NetBIOS - ok
15:36:27.0267 0x141c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:36:27.0314 0x141c NetBT - ok
15:36:27.0314 0x141c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
15:36:27.0329 0x141c Netlogon - ok
15:36:27.0360 0x141c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:36:27.0407 0x141c Netman - ok
15:36:27.0438 0x141c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:27.0454 0x141c NetMsmqActivator - ok
15:36:27.0454 0x141c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:27.0470 0x141c NetPipeActivator - ok
15:36:27.0501 0x141c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:36:27.0563 0x141c netprofm - ok
15:36:27.0563 0x141c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:27.0579 0x141c NetTcpActivator - ok
15:36:27.0594 0x141c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:27.0610 0x141c NetTcpPortSharing - ok
15:36:27.0626 0x141c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:36:27.0641 0x141c nfrd960 - ok
15:36:27.0657 0x141c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:36:27.0704 0x141c NlaSvc - ok
15:36:27.0719 0x141c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:36:27.0766 0x141c Npfs - ok
15:36:27.0782 0x141c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:36:27.0828 0x141c nsi - ok
15:36:27.0844 0x141c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:36:27.0875 0x141c nsiproxy - ok
15:36:27.0984 0x141c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:36:28.0047 0x141c Ntfs - ok
15:36:28.0047 0x141c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:36:28.0078 0x141c Null - ok
15:36:28.0109 0x141c [ B4F53BCA4C688FF47F04FA90098F896E, 6051CFC0CFE659A2C4CFC1029F19CF1B1B98A1A5E59C2B3A10D7B3407A7FA5C0 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:36:28.0125 0x141c NVHDA - ok
15:36:28.0421 0x141c [ 0A2F27B5BCC45B64E152DD6AE0815198, FD973BEED46A139BD125F06A8115DE3CF9D5543CD862F6EAF3D4818A32EA290F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:36:28.0655 0x141c nvlddmkm - ok
15:36:28.0718 0x141c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:36:28.0733 0x141c nvraid - ok
15:36:28.0749 0x141c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:36:28.0764 0x141c nvstor - ok
15:36:28.0796 0x141c [ 574087EA9105F23FB522A4FDDD5292D9, 3BD7148F3CFE005284DB9A66F6DFE4971471F92736302283DF9B10DC5AF9B6EA ] nvsvc C:\Windows\system32\nvvsvc.exe
15:36:28.0827 0x141c nvsvc - ok
15:36:28.0905 0x141c [ ABA5A88740635D37A2B6CEB27DBC738A, B45BF13B54125D195568E421948305E5994E5FF6C1FEF0A95A4BA93CD94BE77D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:36:28.0952 0x141c nvUpdatusService - ok
15:36:28.0967 0x141c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:36:28.0983 0x141c nv_agp - ok
15:36:28.0998 0x141c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:36:29.0014 0x141c ohci1394 - ok
15:36:29.0061 0x141c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:36:29.0092 0x141c ose - ok
15:36:29.0295 0x141c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:36:29.0466 0x141c osppsvc - ok
15:36:29.0529 0x141c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:36:29.0560 0x141c p2pimsvc - ok
15:36:29.0622 0x141c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:36:29.0700 0x141c p2psvc - ok
15:36:29.0716 0x141c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
15:36:29.0747 0x141c Parport - ok
15:36:29.0794 0x141c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:36:29.0810 0x141c partmgr - ok
15:36:29.0825 0x141c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
15:36:29.0856 0x141c PcaSvc - ok
15:36:29.0888 0x141c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:36:29.0903 0x141c pci - ok
15:36:29.0950 0x141c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:36:29.0950 0x141c pciide - ok
15:36:29.0981 0x141c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:36:29.0997 0x141c pcmcia - ok
15:36:30.0028 0x141c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:36:30.0028 0x141c pcw - ok
15:36:30.0059 0x141c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:36:30.0122 0x141c PEAUTH - ok
15:36:30.0184 0x141c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:36:30.0200 0x141c PerfHost - ok
15:36:30.0262 0x141c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:36:30.0387 0x141c pla - ok
15:36:30.0449 0x141c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:36:30.0480 0x141c PlugPlay - ok
15:36:30.0496 0x141c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:36:30.0527 0x141c PNRPAutoReg - ok
15:36:30.0558 0x141c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:36:30.0574 0x141c PNRPsvc - ok
15:36:30.0605 0x141c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:36:30.0668 0x141c PolicyAgent - ok
15:36:30.0699 0x141c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:36:30.0746 0x141c Power - ok
15:36:30.0808 0x141c [ 949537047889E3335FE273978D262D42, F35B44F52327ED89140F67A8080E9ACFC2C01C6D3FD4AC775448A7A049247043 ] PowerBrl C:\Windows\system32\Drivers\powerbrl.sys
15:36:30.0839 0x141c PowerBrl - ok
15:36:30.0870 0x141c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:36:30.0917 0x141c PptpMiniport - ok
15:36:30.0933 0x141c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
15:36:30.0964 0x141c Processor - ok
15:36:31.0026 0x141c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
15:36:31.0073 0x141c ProfSvc - ok
15:36:31.0073 0x141c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:36:31.0089 0x141c ProtectedStorage - ok
15:36:31.0104 0x141c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:36:31.0151 0x141c Psched - ok
15:36:31.0229 0x141c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:36:31.0292 0x141c ql2300 - ok
15:36:31.0307 0x141c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:36:31.0323 0x141c ql40xx - ok
15:36:31.0354 0x141c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:36:31.0370 0x141c QWAVE - ok
15:36:31.0385 0x141c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:36:31.0401 0x141c QWAVEdrv - ok
15:36:31.0416 0x141c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:36:31.0448 0x141c RasAcd - ok
15:36:31.0463 0x141c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:36:31.0526 0x141c RasAgileVpn - ok
15:36:31.0541 0x141c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:36:31.0572 0x141c RasAuto - ok
15:36:31.0588 0x141c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:36:31.0635 0x141c Rasl2tp - ok
15:36:31.0666 0x141c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:36:31.0713 0x141c RasMan - ok
15:36:31.0744 0x141c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:36:31.0791 0x141c RasPppoe - ok
15:36:31.0822 0x141c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:36:31.0869 0x141c RasSstp - ok
15:36:31.0900 0x141c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:36:31.0947 0x141c rdbss - ok
15:36:31.0962 0x141c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:36:31.0978 0x141c rdpbus - ok
15:36:31.0994 0x141c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:36:32.0040 0x141c RDPCDD - ok
15:36:32.0072 0x141c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:36:32.0118 0x141c RDPENCDD - ok
15:36:32.0150 0x141c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:36:32.0196 0x141c RDPREFMP - ok
15:36:32.0228 0x141c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:36:32.0274 0x141c RDPWD - ok
15:36:32.0337 0x141c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:36:32.0352 0x141c rdyboost - ok
15:36:32.0384 0x141c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:36:32.0430 0x141c RemoteAccess - ok
15:36:32.0462 0x141c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:36:32.0493 0x141c RemoteRegistry - ok
15:36:32.0540 0x141c [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:36:32.0571 0x141c RFCOMM - ok
15:36:32.0602 0x141c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:36:32.0664 0x141c RpcEptMapper - ok
15:36:32.0696 0x141c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:36:32.0711 0x141c RpcLocator - ok
15:36:32.0758 0x141c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:36:32.0805 0x141c RpcSs - ok
15:36:32.0820 0x141c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:36:32.0867 0x141c rspndr - ok
15:36:32.0867 0x141c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
15:36:32.0883 0x141c SamSs - ok
15:36:32.0898 0x141c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:36:32.0914 0x141c sbp2port - ok
15:36:32.0930 0x141c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:36:32.0992 0x141c SCardSvr - ok
15:36:33.0008 0x141c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:36:33.0039 0x141c scfilter - ok
15:36:33.0086 0x141c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
15:36:33.0179 0x141c Schedule - ok
15:36:33.0210 0x141c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:36:33.0242 0x141c SCPolicySvc - ok
15:36:33.0257 0x141c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:36:33.0273 0x141c SDRSVC - ok
15:36:33.0288 0x141c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:36:33.0320 0x141c secdrv - ok
15:36:33.0351 0x141c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
15:36:33.0382 0x141c seclogon - ok
15:36:33.0382 0x141c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
15:36:33.0413 0x141c SENS - ok
15:36:33.0429 0x141c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:36:33.0460 0x141c SensrSvc - ok
15:36:33.0491 0x141c [ 255476B54C82A89416EFDF09FD62F107, 000A6F7F15177A08ED4E22DB1C06F9FF0F8D324541A3E7AF7F35123D9CA4122D ] Sentinel64 C:\Windows\System32\Drivers\Sentinel64.sys
15:36:33.0507 0x141c Sentinel64 - ok
15:36:33.0522 0x141c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
15:36:33.0554 0x141c Serenum - ok
15:36:33.0585 0x141c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
15:36:33.0616 0x141c Serial - ok
15:36:33.0647 0x141c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:36:33.0663 0x141c sermouse - ok
15:36:33.0710 0x141c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:36:33.0756 0x141c SessionEnv - ok
15:36:33.0756 0x141c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:36:33.0788 0x141c sffdisk - ok
15:36:33.0788 0x141c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:36:33.0803 0x141c sffp_mmc - ok
15:36:33.0803 0x141c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:36:33.0819 0x141c sffp_sd - ok
15:36:33.0834 0x141c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:36:33.0834 0x141c sfloppy - ok
15:36:33.0881 0x141c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:36:33.0928 0x141c SharedAccess - ok
15:36:33.0959 0x141c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:36:34.0022 0x141c ShellHWDetection - ok
15:36:34.0053 0x141c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:36:34.0053 0x141c SiSRaid2 - ok
15:36:34.0068 0x141c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:36:34.0084 0x141c SiSRaid4 - ok
15:36:34.0100 0x141c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:36:34.0146 0x141c Smb - ok
15:36:34.0178 0x141c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:36:34.0209 0x141c SNMPTRAP - ok
15:36:34.0224 0x141c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:36:34.0240 0x141c spldr - ok
15:36:34.0287 0x141c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
15:36:34.0302 0x141c Spooler - ok
15:36:34.0412 0x141c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:36:34.0552 0x141c sppsvc - ok
15:36:34.0568 0x141c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:36:34.0599 0x141c sppuinotify - ok
15:36:34.0661 0x141c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:36:34.0708 0x141c srv - ok
15:36:34.0724 0x141c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:36:34.0770 0x141c srv2 - ok
15:36:34.0786 0x141c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:36:34.0802 0x141c srvnet - ok
15:36:34.0833 0x141c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:36:34.0880 0x141c SSDPSRV - ok
15:36:34.0942 0x141c [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
15:36:34.0958 0x141c SSPORT - ok
15:36:34.0973 0x141c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:36:35.0036 0x141c SstpSvc - ok
15:36:35.0067 0x141c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:36:35.0082 0x141c stexstor - ok
15:36:35.0098 0x141c STHDA - ok
15:36:35.0129 0x141c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:36:35.0176 0x141c stisvc - ok
15:36:35.0192 0x141c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:36:35.0192 0x141c swenum - ok
15:36:35.0223 0x141c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:36:35.0270 0x141c swprv - ok
15:36:35.0316 0x141c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
15:36:35.0394 0x141c SysMain - ok
15:36:35.0426 0x141c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:36:35.0441 0x141c TabletInputService - ok
15:36:35.0472 0x141c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:36:35.0504 0x141c TapiSrv - ok
15:36:35.0519 0x141c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:36:35.0566 0x141c TBS - ok
15:36:35.0660 0x141c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:36:35.0722 0x141c Tcpip - ok
15:36:35.0800 0x141c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:36:35.0847 0x141c TCPIP6 - ok
15:36:35.0894 0x141c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:36:35.0925 0x141c tcpipreg - ok
15:36:35.0972 0x141c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:36:36.0003 0x141c TDPIPE - ok
15:36:36.0034 0x141c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:36:36.0065 0x141c TDTCP - ok
15:36:36.0128 0x141c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:36:36.0159 0x141c tdx - ok
15:36:36.0174 0x141c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:36:36.0190 0x141c TermDD - ok
15:36:36.0252 0x141c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
15:36:36.0299 0x141c TermService - ok
15:36:36.0315 0x141c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:36:36.0362 0x141c Themes - ok
15:36:36.0377 0x141c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:36:36.0408 0x141c THREADORDER - ok
15:36:36.0502 0x141c [ 0765EE4A7A0D6609BF91CA2E4700E885, 5E2459639CE5D100B15CD5E6077C4D8C0ECD66DD94DA1881B5722B22AA906853 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
15:36:36.0533 0x141c TomTomHOMEService - ok
15:36:36.0549 0x141c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:36:36.0596 0x141c TrkWks - ok
15:36:36.0642 0x141c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:36:36.0720 0x141c TrustedInstaller - ok
15:36:36.0752 0x141c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:36:36.0783 0x141c tssecsrv - ok
15:36:36.0814 0x141c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:36:36.0845 0x141c TsUsbFlt - ok
15:36:36.0876 0x141c [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:36:36.0908 0x141c TsUsbGD - ok
15:36:36.0939 0x141c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:36:36.0986 0x141c tunnel - ok
15:36:37.0001 0x141c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:36:37.0001 0x141c uagp35 - ok
15:36:37.0032 0x141c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:36:37.0064 0x141c udfs - ok
15:36:37.0095 0x141c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:36:37.0110 0x141c UI0Detect - ok
15:36:37.0110 0x141c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:36:37.0126 0x141c uliagpkx - ok
15:36:37.0142 0x141c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:36:37.0173 0x141c umbus - ok
15:36:37.0173 0x141c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
15:36:37.0188 0x141c UmPass - ok
15:36:37.0220 0x141c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:36:37.0266 0x141c upnphost - ok
15:36:37.0329 0x141c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:36:37.0360 0x141c USBAAPL64 - ok
15:36:37.0391 0x141c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:36:37.0407 0x141c usbccgp - ok
15:36:37.0469 0x141c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:36:37.0500 0x141c usbcir - ok
15:36:37.0532 0x141c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:36:37.0610 0x141c usbehci - ok
15:36:37.0672 0x141c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:36:37.0719 0x141c usbhub - ok
15:36:37.0750 0x141c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:36:37.0766 0x141c usbohci - ok
15:36:37.0797 0x141c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:36:37.0828 0x141c usbprint - ok
15:36:37.0859 0x141c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:36:37.0906 0x141c usbscan - ok
15:36:37.0937 0x141c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:36:37.0953 0x141c USBSTOR - ok
15:36:37.0984 0x141c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:36:38.0015 0x141c usbuhci - ok
15:36:38.0046 0x141c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:36:38.0093 0x141c UxSms - ok
15:36:38.0109 0x141c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
15:36:38.0124 0x141c VaultSvc - ok
15:36:38.0156 0x141c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:36:38.0156 0x141c vdrvroot - ok
15:36:38.0187 0x141c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:36:38.0234 0x141c vds - ok
15:36:38.0265 0x141c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:36:38.0296 0x141c vga - ok
15:36:38.0312 0x141c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:36:38.0343 0x141c VgaSave - ok
15:36:38.0374 0x141c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:36:38.0390 0x141c vhdmp - ok
15:36:38.0421 0x141c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:36:38.0421 0x141c viaide - ok
15:36:38.0436 0x141c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:36:38.0452 0x141c volmgr - ok
15:36:38.0468 0x141c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:36:38.0483 0x141c volmgrx - ok
15:36:38.0499 0x141c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:36:38.0530 0x141c volsnap - ok
15:36:38.0546 0x141c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:36:38.0561 0x141c vsmraid - ok
15:36:38.0655 0x141c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:36:38.0764 0x141c VSS - ok
15:36:38.0795 0x141c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:36:38.0811 0x141c vwifibus - ok
15:36:38.0826 0x141c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:36:38.0858 0x141c W32Time - ok
15:36:38.0873 0x141c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:36:38.0904 0x141c WacomPen - ok
15:36:38.0936 0x141c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:36:38.0982 0x141c WANARP - ok
15:36:38.0998 0x141c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:36:39.0014 0x141c Wanarpv6 - ok
15:36:39.0092 0x141c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:36:39.0154 0x141c wbengine - ok
15:36:39.0170 0x141c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:36:39.0216 0x141c WbioSrvc - ok
15:36:39.0248 0x141c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:36:39.0279 0x141c wcncsvc - ok
15:36:39.0294 0x141c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:36:39.0310 0x141c WcsPlugInService - ok
15:36:39.0341 0x141c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
15:36:39.0357 0x141c Wd - ok
15:36:39.0404 0x141c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:36:39.0435 0x141c Wdf01000 - ok
15:36:39.0466 0x141c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:36:39.0513 0x141c WdiServiceHost - ok
15:36:39.0513 0x141c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:36:39.0528 0x141c WdiSystemHost - ok
15:36:39.0575 0x141c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
15:36:39.0606 0x141c WebClient - ok
15:36:39.0638 0x141c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:36:39.0684 0x141c Wecsvc - ok
15:36:39.0700 0x141c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:36:39.0747 0x141c wercplsupport - ok
15:36:39.0778 0x141c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:36:39.0809 0x141c WerSvc - ok
15:36:39.0825 0x141c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:36:39.0856 0x141c WfpLwf - ok
15:36:39.0872 0x141c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:36:39.0887 0x141c WIMMount - ok
15:36:39.0903 0x141c WinDefend - ok
15:36:39.0934 0x141c WinHttpAutoProxySvc - ok
15:36:39.0965 0x141c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:36:40.0028 0x141c Winmgmt - ok
15:36:40.0121 0x141c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
15:36:40.0230 0x141c WinRM - ok
15:36:40.0293 0x141c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:36:40.0324 0x141c WinUsb - ok
15:36:40.0371 0x141c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:36:40.0418 0x141c Wlansvc - ok
15:36:40.0433 0x141c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:36:40.0449 0x141c WmiAcpi - ok
15:36:40.0496 0x141c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:36:40.0511 0x141c wmiApSrv - ok
15:36:40.0527 0x141c WMPNetworkSvc - ok
15:36:40.0542 0x141c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:36:40.0558 0x141c WPCSvc - ok
15:36:40.0574 0x141c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:36:40.0589 0x141c WPDBusEnum - ok
15:36:40.0605 0x141c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:36:40.0636 0x141c ws2ifsl - ok
15:36:40.0652 0x141c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
15:36:40.0683 0x141c wscsvc - ok
15:36:40.0714 0x141c [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:36:40.0761 0x141c WSDPrintDevice - ok
15:36:40.0761 0x141c WSearch - ok
15:36:40.0886 0x141c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
15:36:40.0964 0x141c wuauserv - ok
15:36:40.0995 0x141c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:36:41.0042 0x141c WudfPf - ok
15:36:41.0073 0x141c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:36:41.0088 0x141c WUDFRd - ok
15:36:41.0104 0x141c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:36:41.0120 0x141c wudfsvc - ok
15:36:41.0166 0x141c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:36:41.0198 0x141c WwanSvc - ok
15:36:41.0229 0x141c ================ Scan global ===============================
15:36:41.0260 0x141c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:36:41.0307 0x141c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:36:41.0322 0x141c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:36:41.0338 0x141c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:36:41.0354 0x141c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:36:41.0369 0x141c [ Global ] - ok
15:36:41.0369 0x141c ================ Scan MBR ==================================
15:36:41.0369 0x141c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:36:41.0541 0x141c \Device\Harddisk0\DR0 - ok
15:36:41.0541 0x141c ================ Scan VBR ==================================
15:36:41.0588 0x141c [ BC50927B01451C4F53E661A78DFBA302 ] \Device\Harddisk0\DR0\Partition1
15:36:41.0588 0x141c \Device\Harddisk0\DR0\Partition1 - ok
15:36:41.0603 0x141c [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
15:36:41.0603 0x141c \Device\Harddisk0\DR0\Partition2 - ok
15:36:41.0603 0x141c [ 3F19E88EFBA5F3DAFB2645A7F956AF95 ] \Device\Harddisk0\DR0\Partition3
15:36:41.0603 0x141c \Device\Harddisk0\DR0\Partition3 - ok
15:36:41.0603 0x141c ================ Scan generic autorun ======================
15:36:41.0666 0x141c [ 564765F1F68BBFA26CAC8F89662F106B, AA7A3CD8C3515E824DE10390852538BAAF998421ABA4F1E4CA967CC451DE493D ] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
15:36:41.0712 0x141c CDAServer - detected UnsignedFile.Multi.Generic ( 1 )
15:36:46.0018 0x141c Detect skipped due to KSN trusted
15:36:46.0018 0x141c CDAServer - ok
15:36:46.0330 0x141c [ 62AC2BB471CEC5CB4191CCB57DFA4CED, 0D226B9C54D50C049024DD99E771BC6CEAF5617E4118CF66E8F02C2FEF04F921 ] C:\Program Files\Freedom Scientific\JAWS\15.0\jfw.exe
15:36:46.0470 0x141c JAWS - ok
15:36:46.0580 0x141c [ 996E0DF31F7C7AD1C5BD8B56DFB601D3, CA68E25B69A21CB02EAA472FBF012BC8F358A155BCF8EA1EAA45FA405F48C0AE ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
15:36:46.0626 0x141c AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
15:36:49.0045 0x141c Detect skipped due to KSN trusted
15:36:49.0045 0x141c AtherosBtStack - ok
15:36:49.0091 0x141c [ 82CDD11153EC417F7E0C8C653805105B, 742EFC9F716F134608B790B84C7E808E0CEFE4297B15A3FF21F8A5F00211360F ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
15:36:49.0123 0x141c AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
15:36:51.0541 0x141c Detect skipped due to KSN trusted
15:36:51.0541 0x141c AthBtTray - ok
15:36:51.0650 0x141c [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:36:51.0665 0x141c APSDaemon - ok
15:36:51.0837 0x141c [ 21B8FAAFA5CCD89663AAD5833ABF4B35, DE46AD49AE1ED34697EE387BB77E73BCD7DA60E6063E02660021A9C2EA3C0801 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:36:51.0977 0x141c AvastUI.exe - ok
15:36:52.0040 0x141c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:36:52.0118 0x141c Sidebar - ok
15:36:52.0149 0x141c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:36:52.0165 0x141c mctadmin - ok
15:36:52.0196 0x141c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:36:52.0243 0x141c Sidebar - ok
15:36:52.0243 0x141c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:36:52.0258 0x141c mctadmin - ok
15:36:52.0321 0x141c [ 48C3EBD6D5E52AFCB1A0FA9B7F9802FA, 4F2E27AA8305FFC94F65C65C5FDB8462C92ED02A7B37627404382C3CAB65AC59 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
15:36:52.0352 0x141c iCloudServices - ok
15:36:52.0383 0x141c [ 799BCC829F48F19C5689478179060435, 495C6E363982F7BE1785A46C12ED4AC99E0AF98F340F1CE3C55D39EBE6FE33AA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
15:36:52.0399 0x141c ApplePhotoStreams - ok
15:36:52.0492 0x141c [ DAB55357D9CC9A76052F4472EBD5C729, 6028463D46079D1D8AD564197B54D89035AD85472A80ABA2FD11D3F7A91FCAD4 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
15:36:52.0539 0x141c AppleIEDAV - ok
15:36:52.0555 0x141c EEDSpeedLauncher - ok
15:36:52.0586 0x141c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:36:52.0617 0x141c Sidebar - ok
15:36:52.0633 0x141c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:36:52.0648 0x141c mctadmin - ok
15:36:52.0679 0x141c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:36:52.0726 0x141c Sidebar - ok
15:36:52.0726 0x141c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:36:52.0742 0x141c mctadmin - ok
15:36:52.0757 0x141c [ 8EEFD0B92F46B6762A5EC41EF55F7043, 0C3417D92D7DA44327910A78C5379D05D28B9BCB0FB3740E1E9D399ECC6E53C4 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
15:36:52.0773 0x141c TomTomHOME.exe - ok
15:36:52.0773 0x141c Waiting for KSN requests completion. In queue: 14
15:36:53.0787 0x141c Waiting for KSN requests completion. In queue: 14
15:36:54.0801 0x141c Waiting for KSN requests completion. In queue: 14
15:36:55.0862 0x141c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x41000 ( enabled : updated )
15:36:55.0862 0x141c Win FW state via NFP2: enabled
15:36:58.0327 0x141c ============================================================
15:36:58.0327 0x141c Scan finished
15:36:58.0327 0x141c ============================================================
15:36:58.0327 0x1430 Detected object count: 0
15:36:58.0327 0x1430 Actual detected object count: 0
15:42:26.0005 0x17e8 Deinitialize success
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org
Database version: v2014.12.29.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Hartmut und Marion :: WOHNZIMMER-PC [administrator]
29.12.2014 15:43:46
mbar-log-2014-12-29 (15-43-46).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 430438
Time elapsed: 19 minute(s), 55 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Ich selbst hätte Rechner 1 verdächtigt, obwohl zum Zeitpunkt nicht auszuschließen ist, dass Rechner 2 auch am Netz war. Was kann ich nun gegen die AdWare auf Rechner 1 tun? |
|
29.12.2014, 22:47
| #8 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team warnt vor Bedrohung. Machen wir jetzt Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.12.2014, 00:31
| #9 |
| | Telekom Abuse Team warnt vor Bedrohung. Hab das ganze jetzt auf PC 1 gemacht. Muss das ganze auf den 2ten Rechner auch gemacht werden? Wenn ja, werde ich das morgen nachreichen. PC1: mbam.txt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 30.12.2014 Suchlauf-Zeit: 00:04:16 Logdatei: mbam.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2014.12.29.07 Rootkit Datenbank: v2014.12.29.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Pascal Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 363570 Verstrichene Zeit: 5 Min, 37 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 1 PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1010802133-681624663-1200860190-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [851671f78def5ed8f12cf1eba45e34cc], Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 25 PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\Main, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\Main\bin, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\Main\Logs, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\Main\rep, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\SearchProtect, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\SEARCHPROTECT\bin, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\SEARCHPROTECT\rep, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\bin, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\dialogs, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\dialogs\bubble, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\dialogs\Images, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\dialogs\libs, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\dialogs\protection, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\dialogs\settings, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\dialogs\uninstall, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\rep, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\Logs, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\SearchProtect, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\SearchProtect\Logs, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\SearchProtect\rep, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\UI, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\UI\rep, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], Dateien: 72 PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\EULA.txt, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\SearchProtect\rep\Cvc.dat, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.106 - Bericht erstellt am 30/12/2014 um 00:17:37
# Aktualisiert 21/12/2014 von Xplode
# Database : 2014-12-28.1 [Live]
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Pascal - PASCALS-PC
# Gestartet von : C:\Users\Pascal\Desktop\AdwCleaner_4.106.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg
Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\9ir82fto.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 228200
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v32.0.1 (x86 de)
-\\ Google Chrome v39.0.2171.95
*************************
AdwCleaner[R0].txt - [1654 octets] - [30/12/2014 00:16:16]
AdwCleaner[S0].txt - [1525 octets] - [30/12/2014 00:17:37]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1585 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Pascal on 30.12.2014 at 0:20:47,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"
~~~ FireFox
Emptied folder: C:\Users\Pascal\AppData\Roaming\mozilla\firefox\profiles\9ir82fto.default\minidumps [1 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.12.2014 at 0:23:01,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Pascal (administrator) on PASCALS-PC on 30-12-2014 00:24:52
Running from C:\Users\Pascal\Downloads
Loaded Profile: Pascal (Available profiles: Pascal)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) E:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(BUFFALO INC.) E:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) E:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(IvoSoft) E:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) E:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) E:\Program Files\Windows Media Player\wmpnetwk.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => E:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [APSDaemon] => E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => E:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => E:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-28] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [1941696 2014-12-20] (Valve Corporation)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Battle.net] => E:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2864688 2014-12-10] (Blizzard Entertainment)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [EADM] => E:\Program Files (x86)\Origin\Origin.exe [3618648 2014-11-26] (Electronic Arts)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Skype] => E:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [GoogleChromeAutoLaunch_1BB0B968DB2E1DD5640AAF2B69FD58ED] => E:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
AppInit_DLLs: E:\Program Files => E:\Program Files [0 2014-08-29] ()
AppInit_DLLs-x32: E:\Program Files => E:\Program Files [0 2014-08-29] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ESO Survey Live.lnk
ShortcutTarget: ESO Survey Live.lnk -> E:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe ()
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> E:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (Buffalo Inc.)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk
ShortcutTarget: NAS Scheduler.lnk -> E:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> E:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1010802133-681624663-1200860190-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\Program Files\Classic Shell\ClassicIEDLL_32.dll No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
Toolbar: HKLM-x32 - No Name - {553891B7-A0D5-4526-BE18-D3CE461D6310} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\9ir82fto.default
FF DefaultSearchEngine: Microsoft (Bing)
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> E:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> E:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> E:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> E:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> E:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> E:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> E:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> E:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1010802133-681624663-1200860190-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pascal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1010802133-681624663-1200860190-1001: ubisoft.com/uplaypc -> E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\9ir82fto.default\searchplugins\bing-avast.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - E:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - E:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-20]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-31]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-31]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-31]
CHR Extension: (ZenMate) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-12-09]
CHR Extension: (Twitch Live) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2014-08-30]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2014-12-30]
CHR Extension: (Google Wallet) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-31]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-31]
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-29]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-29]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-29]
CHR Extension: (avast! Online Security) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-29]
CHR Extension: (Google Wallet) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-29]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-28]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device; E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-06-12] (Apple Inc.)
R2 avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-28] (AVAST Software)
R3 AvastVBoxSvc; E:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-28] (Avast Software)
R2 Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
S3 DAUpdaterSvc; E:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-07-19] (BioWare)
R2 GfExperienceService; E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 gupdate; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-10-20] (Google Inc.)
S3 gupdatem; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-10-20] (Google Inc.)
R3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [641352 2014-08-01] (Apple Inc.)
S3 MozillaMaintenance; E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [118896 2014-02-13] (Mozilla Foundation)
R2 NasPmService; E:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251760 2012-03-29] (BUFFALO INC.)
R2 NvNetworkService; E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-26] (Electronic Arts)
S3 ose; E:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-08-15] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-08-12] ()
R2 Razer Game Scanner Service; E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-31] ()
S2 SkypeUpdate; E:\Program Files (x86)\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
S3 Steam Client Service; E:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-12-20] (Valve Corporation)
R2 Stereo Service; E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [410768 2014-12-13] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-28] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-28] ()
S3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [37888 2014-09-02] (LogMeIn Inc.) [File not signed]
R3 NvStreamKms; E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-09-05] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-10-31] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
R2 VBoxAswDrv; E:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-28] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-30 00:23 - 2014-12-30 00:23 - 00001543 _____ () C:\Users\Pascal\Desktop\JRT.txt
2014-12-30 00:20 - 2014-12-30 00:21 - 00000197 _____ () C:\WINDOWS\system32\2014-12-29-23-20-50.028-AvastVBoxSVC.exe-3316.log
2014-12-30 00:20 - 2014-12-30 00:20 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-12-30 00:19 - 2014-12-30 00:19 - 00001669 _____ () C:\Users\Pascal\Desktop\AdwCleaner[S0].txt
2014-12-30 00:16 - 2014-12-30 00:17 - 00000000 ____D () C:\AdwCleaner
2014-12-30 00:16 - 2014-12-30 00:16 - 00000247 _____ () C:\WINDOWS\system32\2014-12-29-23-16-27.053-aswFe.exe-6520.log
2014-12-30 00:14 - 2014-12-30 00:16 - 00000247 _____ () C:\WINDOWS\system32\2014-12-29-23-14-47.042-aswFe.exe-2820.log
2014-12-30 00:14 - 2014-12-30 00:14 - 01707939 _____ (Thisisu) C:\Users\Pascal\Desktop\JRT.exe
2014-12-30 00:14 - 2014-12-30 00:14 - 00000197 _____ () C:\WINDOWS\system32\2014-12-29-23-14-45.074-AvastVBoxSVC.exe-2268.log
2014-12-30 00:13 - 2014-12-30 00:13 - 02173952 _____ () C:\Users\Pascal\Desktop\AdwCleaner_4.106.exe
2014-12-30 00:13 - 2014-12-30 00:13 - 00015712 _____ () C:\Users\Pascal\Desktop\mbam.txt
2014-12-30 00:13 - 2014-12-30 00:13 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2014-12-30 00:13 - 2014-12-30 00:13 - 00000000 ____D () C:\WINDOWS\system32\vbox
2014-12-29 23:59 - 2014-12-29 23:59 - 00001017 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-29 23:59 - 2014-12-29 23:59 - 00000000 ____D () E:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-12-29 23:59 - 2014-12-29 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-12-29 23:59 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-12-29 23:59 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-12-29 23:50 - 2014-12-29 23:50 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Pascal\Desktop\mbam-setup-2.0.4.1028.exe
2014-12-29 15:27 - 2014-12-30 00:12 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-29 15:27 - 2014-12-29 23:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-29 15:27 - 2014-12-29 15:36 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-12-29 15:25 - 2014-12-29 15:36 - 00000000 ____D () C:\Users\Pascal\Desktop\mbar
2014-12-29 15:25 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-12-29 15:20 - 2014-12-29 15:20 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Pascal\Desktop\mbar-1.08.2.1001.exe
2014-12-29 15:19 - 2014-12-29 15:19 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Pascal\Downloads\tdsskiller.exe
2014-12-28 19:51 - 2014-12-28 19:51 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-12-28 19:51 - 2014-12-28 19:51 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-12-28 19:51 - 2014-12-28 19:51 - 00001055 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-28 17:08 - 2014-12-28 21:02 - 00000000 ____D () E:\Program Files (x86)\Mozilla Thunderbird
2014-12-28 16:41 - 2014-12-30 00:24 - 00022355 _____ () C:\Users\Pascal\Downloads\FRST.txt
2014-12-28 16:41 - 2014-12-30 00:24 - 00000000 ____D () C:\FRST
2014-12-28 16:41 - 2014-12-28 16:41 - 00046595 _____ () C:\Users\Pascal\Downloads\Addition.txt
2014-12-28 16:29 - 2014-12-28 16:29 - 02123264 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64.exe
2014-12-28 01:34 - 2014-12-30 00:01 - 00000000 ____D () E:\Program Files (x86)\Mod Organizer
2014-12-28 01:34 - 2014-12-28 01:34 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mod Organizer
2014-12-27 19:52 - 2014-12-27 19:52 - 00002032 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-12-27 19:52 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-12-27 19:51 - 2014-12-27 19:52 - 00000000 ____D () C:\WINDOWS\LastGood
2014-12-27 19:51 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-27 19:51 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00834880 _____ () C:\WINDOWS\system32\nvmcumd.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-12-27 19:51 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-12-27 19:51 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-12-27 19:51 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2014-12-27 04:12 - 2014-12-27 18:55 - 00000000 ____D () C:\ENB FXAA SweetFX Manager
2014-12-26 02:06 - 2014-12-29 15:20 - 00000000 ____D () C:\Users\Pascal\Downloads\Skyrim
2014-12-26 01:33 - 2014-12-26 01:34 - 18816637 _____ () C:\Users\Pascal\Desktop\Mod Organizer v1_2_14 installer-1334-1-2-14.exe
2014-12-25 23:00 - 2014-12-25 23:00 - 00012678 _____ () C:\Users\Pascal\Desktop\Mods.csv
2014-12-25 18:22 - 2014-12-25 18:22 - 00000000 ____D () C:\Users\Pascal\AppData\Local\RzStats
2014-12-24 16:10 - 2014-12-24 16:10 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-12-24 16:10 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-24 16:10 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-24 01:20 - 2014-11-17 22:37 - 00129600 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2014-12-24 01:19 - 2014-12-24 01:19 - 00068072 _____ () C:\WINDOWS\DPINST.LOG
2014-12-24 01:19 - 2014-10-31 23:27 - 00037184 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2014-12-12 15:47 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-12 15:47 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-10 23:18 - 2014-12-10 23:18 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-10 16:02 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 16:02 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 16:02 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 16:02 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 15:56 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 15:56 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 15:56 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 15:56 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 15:56 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 15:56 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 15:56 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 15:56 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 15:56 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 15:56 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 15:56 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 15:56 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 15:56 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 15:56 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 15:56 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 15:56 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 15:56 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 15:56 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 15:56 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 15:56 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 15:56 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 15:56 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 15:56 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 15:56 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 15:56 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 15:56 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 15:56 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 15:56 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 15:56 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 15:56 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 15:56 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 15:56 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 15:56 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 15:56 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 15:56 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 15:56 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 15:56 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 15:56 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 15:56 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 15:55 - 2014-12-04 00:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-10 15:55 - 2014-12-04 00:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-10 15:55 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 15:55 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 15:55 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 15:55 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 15:55 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-04 16:15 - 2014-12-04 16:15 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Risk_of_Rain
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-30 00:23 - 2014-08-05 22:28 - 00099328 ___SH () C:\Users\Pascal\Downloads\Thumbs.db
2014-12-30 00:21 - 2014-03-31 14:49 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-30 00:20 - 2013-10-20 19:13 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Skype
2014-12-30 00:20 - 2013-10-20 14:21 - 00000000 ____D () E:\Program Files (x86)\Steam
2014-12-30 00:19 - 2013-10-20 15:26 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Battle.net
2014-12-30 00:18 - 2014-08-14 15:14 - 00100872 _____ () C:\WINDOWS\PFRO.log
2014-12-30 00:18 - 2014-03-31 14:49 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-30 00:18 - 2014-03-16 16:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-30 00:18 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-30 00:17 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-30 00:17 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-30 00:17 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-30 00:16 - 2013-10-20 12:09 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1010802133-681624663-1200860190-1001
2014-12-30 00:15 - 2013-11-05 18:57 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\TS3Client
2014-12-30 00:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-12-30 00:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-30 00:01 - 2014-03-16 19:13 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\ClassicShell
2014-12-29 23:59 - 2014-03-16 16:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-29 22:32 - 2013-10-26 21:17 - 00324096 ___SH () C:\Users\Pascal\Desktop\Thumbs.db
2014-12-29 21:25 - 2013-10-20 14:10 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{61CE681B-6CA3-4450-AB68-D7D283842AA0}
2014-12-29 20:22 - 2014-05-17 00:30 - 00000000 ____D () E:\Program Files\Java
2014-12-29 20:20 - 2014-08-07 16:37 - 00000000 ____D () E:\Program Files (x86)\Java
2014-12-29 20:20 - 2014-06-16 21:57 - 00320936 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-12-29 20:20 - 2014-06-16 21:57 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-12-29 20:20 - 2014-06-16 21:57 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-12-29 20:20 - 2014-06-16 21:57 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-12-29 20:20 - 2013-11-16 23:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-29 20:19 - 2014-08-07 16:37 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-12-29 20:19 - 2014-08-07 16:37 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-12-29 20:19 - 2014-08-07 16:37 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-12-29 20:19 - 2014-08-07 16:37 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-12-29 20:19 - 2014-03-16 16:27 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-29 18:53 - 2014-08-06 00:56 - 01788168 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-28 19:51 - 2014-05-17 00:02 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-12-28 03:05 - 2014-08-06 15:59 - 00000000 ____D () E:\Program Files (x86)\RivaTuner Statistics Server
2014-12-27 19:52 - 2014-08-11 00:05 - 00005484 _____ () C:\WINDOWS\setupact.log
2014-12-27 19:52 - 2013-10-20 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-27 18:29 - 2014-10-07 18:19 - 00000000 ___RD () E:\Program Files (x86)\Skype
2014-12-27 18:29 - 2013-10-20 19:13 - 00000000 ____D () C:\ProgramData\Skype
2014-12-27 17:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-25 22:43 - 2014-04-06 00:55 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\vlc
2014-12-25 18:15 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-25 17:48 - 2013-08-22 15:44 - 05074848 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-24 14:38 - 2013-12-25 00:59 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Razer
2014-12-24 01:20 - 2013-12-25 00:59 - 00000000 ____D () C:\ProgramData\Razer
2014-12-24 01:19 - 2013-12-25 00:00 - 00000000 ____D () E:\Program Files (x86)\Razer
2014-12-20 02:18 - 2013-11-14 23:22 - 00000000 ____D () E:\Program Files (x86)\StarCraft II
2014-12-19 14:47 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-19 11:48 - 2014-04-19 18:42 - 00000000 ____D () E:\Program Files (x86)\World of Warcraft
2014-12-18 21:34 - 2014-07-06 15:31 - 00000000 ____D () C:\Users\Pascal\.gimp-2.8
2014-12-14 20:14 - 2013-11-24 21:45 - 00000000 ____D () C:\ProgramData\Origin
2014-12-14 18:44 - 2014-11-26 18:53 - 00001205 _____ () C:\Users\Public\Desktop\Dragon Age Inquisition.lnk
2014-12-14 18:37 - 2013-11-24 21:45 - 00000000 ____D () E:\Program Files (x86)\Origin
2014-12-13 11:08 - 2014-11-21 14:18 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-13 11:08 - 2014-06-29 01:26 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-13 11:08 - 2014-03-16 16:58 - 00074056 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-12-13 11:08 - 2014-03-16 16:58 - 00060560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 14128496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 03293136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 00027983 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-12-13 09:03 - 2014-03-16 16:58 - 06859408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 03513488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-12-13 09:03 - 2014-03-16 16:58 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-12-13 01:12 - 2014-06-12 14:34 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-06-12 14:34 - 01291464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-12-13 01:12 - 2013-10-28 16:17 - 02824504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-12-13 01:12 - 2013-10-28 16:17 - 02210040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-12-13 00:11 - 2014-03-16 16:58 - 04151176 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-12-12 17:10 - 2013-10-25 16:19 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-11 19:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-11 14:03 - 2013-10-20 15:26 - 00000000 ____D () E:\Program Files (x86)\Battle.net
2014-12-10 23:18 - 2014-07-09 22:18 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-10 23:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 23:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-10 16:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-10 16:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-10 16:55 - 2013-10-20 14:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 16:55 - 2013-10-20 12:39 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-10 16:52 - 2013-10-20 12:39 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-09 21:02 - 2013-10-20 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-12-09 14:24 - 2014-07-12 16:52 - 00000000 ____D () E:\Program Files (x86)\Diablo III Public Test
2014-12-05 20:42 - 2014-04-06 00:55 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\dvdcss
2014-12-04 21:15 - 2014-01-25 15:24 - 00000000 ____D () E:\Program Files (x86)\Hearthstone
Some content of TEMP:
====================
C:\Users\Pascal\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Pascal\AppData\Local\Temp\jre-8u20-windows-au.exe
C:\Users\Pascal\AppData\Local\Temp\jre-8u25-windows-au.exe
C:\Users\Pascal\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Pascal\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Pascal\AppData\Local\Temp\nvStInst.exe
C:\Users\Pascal\AppData\Local\Temp\pyl4699.tmp.exe
C:\Users\Pascal\AppData\Local\Temp\Quarantine.exe
C:\Users\Pascal\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pascal\AppData\Local\Temp\sonarinst.exe
C:\Users\Pascal\AppData\Local\Temp\sqlite3.dll
C:\Users\Pascal\AppData\Local\Temp\__pythonRunner.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-29 05:27
==================== End Of Log ============================
--- --- --- Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Pascal at 2014-12-30 00:25:15
Running from C:\Users\Pascal\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version: - Jagex Limited)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version: - Cold Beam Games)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BRINK (HKLM-x32\...\Steam App 22350) (Version: - Splash Damage)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version: - )
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version: - Techland)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CastleStorm (HKLM-x32\...\Steam App 241410) (Version: - Zen Studios)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Cities in Motion (HKLM-x32\...\Steam App 73010) (Version: - Colossal Order Ltd.)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
CodeBlocks (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - bgs.bethsoft.com)
Cyberduck 4.4.5 (14721) (HKLM-x32\...\Cyberduck) (Version: 4.4.5 (14721) - )
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version: - Blizzard Entertainment)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.2.24.20 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.233.190 - Electronic Arts Inc.)
DLC Quest (HKLM-x32\...\Steam App 230050) (Version: - Going Loud Studios)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dragon Age Awakening Redesigned (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Awakening Redesigned) (Version: - )
Dragon Age II (HKLM-x32\...\Steam App 47900) (Version: - BioWare)
Dragon Age Redesigned © Morrigan (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned © Morrigan) (Version: - )
Dragon Age Redesigned- Leliana's Song (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned- Leliana's Song) (Version: - )
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned Oghren©) (Version: - )
Dragon Age Redesigned© Zevran (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Zevran) (Version: - )
Dragon Age Redesigned© (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned©) (Version: - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Leliana) (Version: - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Sten) (Version: - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Wynne) (Version: - )
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.3 - Electronic Arts)
DuckTales Remastered (HKLM-x32\...\Steam App 237630) (Version: - WayForward)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version: - AMPLITUDE Studios)
Endless Space (HKLM-x32\...\Steam App 208140) (Version: - Amplitude Studios)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
ESO Survey Live version 1.4.5 (HKLM-x32\...\17CBAF83-B4D1-41CC-B7DC-BFF1D4B9DDAC-live_is1) (Version: 1.4.5 - Immersyve, Inc.)
EVE Online (HKLM-x32\...\Steam App 8500) (Version: - CCP)
Evolve (HKLM-x32\...\Steam App 273350) (Version: - Turtle Rock Studios)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version: - )
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FIFA 12 (HKLM-x32\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.6.0.0 - Electronic Arts)
FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version: - Black Forest Games)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version: - Robotronic Games)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gunpoint (HKLM-x32\...\Steam App 206190) (Version: - Suspicious Developments)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearts of Iron III (HKLM-x32\...\Steam App 25890) (Version: - Paradox Development Studio)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Minifigures Online (HKLM-x32\...\LEGO Minifigures Online_is1) (Version: 1.0.0 - Funcom)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games)
MouseCraft (HKLM-x32\...\Steam App 252750) (Version: - Crunching Koalas)
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Firefox 32.0.3 (x86 de) (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.2 - Black Tree Gaming)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version: - Vitali Kirpu)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version: - Uber Entertainment)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.2.0 - Electronic Arts)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version: - Roccat GmbH)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Sanctum (HKLM-x32\...\Steam App 91600) (Version: - Coffee Stain Studios)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
ShootMania Storm (HKLM-x32\...\Steam App 229870) (Version: - Nadeo)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Solar 2 (HKLM-x32\...\Steam App 97000) (Version: - Murudai)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - )
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam Marines (HKLM-x32\...\Steam App 253630) (Version: - )
SteamWorld Dig (HKLM-x32\...\Steam App 252410) (Version: - Image&Form)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version: - Test3 Projects)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Crew (Beta) (HKLM-x32\...\Uplay Install 750) (Version: - Ubisoft)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version: - Bethesda Game Studios®)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Swapper (HKLM-x32\...\Steam App 231160) (Version: - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED)
Thinking with Time Machine (HKLM-x32\...\Steam App 286080) (Version: - Stridemann)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version: - Giant Army)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visitenkarten (HKLM-x32\...\{B3C40846-559F-4334-BAD5-E138F483A5C5}) (Version: - )
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 3.0.4.3 - Wrye & Wrye Bash Development Team)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
28-12-2014 19:50:47 avast! antivirus system restore point
29-12-2014 20:22:25 Removed Java 7 Update 60 (64-bit)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {31603D6A-F053-4F98-836F-425073C5D8B6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {83214325-2D0C-46EE-933F-0679FAD52A3B} - System32\Tasks\Apple\AppleSoftwareUpdate => E:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8DDC57E8-CFCE-4711-98E3-1F35528EC83C} - System32\Tasks\GoogleUpdateTaskMachineUA => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-20] (Google Inc.)
Task: {9B5AA326-9FC9-49CD-8D15-A3E8C9AC1690} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {AA0CD51E-DA4D-4FAB-8C48-676192B55872} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {CC8A2D10-AD23-424F-BAD2-9E2DCFEF69C9} - System32\Tasks\GoogleUpdateTaskMachineCore => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-20] (Google Inc.)
Task: {DA482AF7-E48A-45C4-A620-18B49C75E965} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-29] (Adobe Systems Incorporated)
Task: {E6C32FA2-C268-45E3-B1B6-76E646DD49FB} - System32\Tasks\avast! Emergency Update => E:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-28] (AVAST Software)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-03-16 16:58 - 2014-12-13 09:03 - 00117576 _____ () E:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-05-30 10:32 - 2013-05-30 10:32 - 00034304 _____ () C:\WINDOWS\System32\ssd3clm.dll
2014-08-15 16:48 - 2014-08-15 16:48 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-10-31 23:27 - 2014-10-31 23:27 - 00183488 _____ () E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-12-28 19:51 - 2014-12-28 19:51 - 00388208 _____ () E:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-28 19:51 - 2014-12-28 19:51 - 05851328 _____ () E:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-03-16 23:35 - 2008-07-11 15:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2014-03-16 23:35 - 2008-07-11 15:03 - 00282112 ____N () C:\Windows\System\HsMgr64.exe
2013-12-17 17:34 - 2014-12-13 01:13 - 00708240 _____ () E:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2013-12-17 17:34 - 2014-12-13 01:13 - 00854160 _____ () E:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-12-29 21:14 - 2014-12-29 21:14 - 02908160 _____ () E:\Program Files\AVAST Software\Avast\defs\14122901\algo.dll
2014-12-28 19:51 - 2014-12-28 19:51 - 04495336 _____ () E:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-28 19:51 - 2014-12-28 19:51 - 38562088 _____ () E:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Pascal\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "ESO Survey Live.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "NAS Scheduler.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "BUFFALO NAS Navigator2.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "EADM"
========================= Accounts: ==========================
Administrator (S-1-5-21-1010802133-681624663-1200860190-500 - Administrator - Disabled)
Gast (S-1-5-21-1010802133-681624663-1200860190-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1010802133-681624663-1200860190-1004 - Limited - Enabled)
Pascal (S-1-5-21-1010802133-681624663-1200860190-1001 - Administrator - Enabled) => C:\Users\Pascal
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (12/30/2014 00:24:58 AM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (12/30/2014 00:24:28 AM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-12-28 20:25:18.419
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-04 00:25:19.004
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\Hamdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-08-09 23:48:39.975
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-18 23:58:22.793
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Pascal\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-07-18 23:58:22.738
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 10%
Total physical RAM: 16315.5 MB
Available physical RAM: 14678.32 MB
Total Pagefile: 18747.5 MB
Available Pagefile: 17005.96 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:110.93 GB) (Free:26 GB) NTFS
Drive e: (Daten) (Fixed) (Total:931.51 GB) (Free:126.93 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 3964B577)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CB3FFC79)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
30.12.2014, 18:57
| #10 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team warnt vor Bedrohung. Nö, immer nur Rechner 1. ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.12.2014, 01:53
| #11 |
| | Telekom Abuse Team warnt vor Bedrohung. log.txt Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=363ddc7f0d96b14da655d0f1a474c434
# engine=21761
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-30 08:50:14
# local_time=2014-12-30 09:50:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 95 81544 24630409 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 179347 4178346 0 0
# scanned=20500
# found=0
# cleaned=0
# scan_time=1193
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=363ddc7f0d96b14da655d0f1a474c434
# engine=21761
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-31 12:06:04
# local_time=2014-12-31 01:06:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 95 93294 24642159 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 191097 4190096 0 0
# scanned=675135
# found=0
# cleaned=0
# scan_time=11634
Code:
ATTFilter Results of screen317's Security Check version 0.99.93
x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 25
Java version 32-bit out of Date!
Adobe Flash Player 16.0.0.235
Mozilla Firefox 32.0.1 Firefox out of Date!
Mozilla Thunderbird (24.3.0)
Google Chrome (39.0.2171.71)
Google Chrome (39.0.2171.95)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast ng ngservice.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Pascal (administrator) on PASCALS-PC on 31-12-2014 01:49:12
Running from C:\Users\Pascal\Downloads
Loaded Profile: Pascal (Available profiles: Pascal)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) E:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(BUFFALO INC.) E:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) E:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) E:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) E:\Program Files\Windows Media Player\wmpnetwk.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(IvoSoft) E:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe
() E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => E:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [APSDaemon] => E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => E:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => E:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-28] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [1941696 2014-12-20] (Valve Corporation)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Battle.net] => E:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2864688 2014-12-10] (Blizzard Entertainment)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [EADM] => E:\Program Files (x86)\Origin\Origin.exe [3618648 2014-11-26] (Electronic Arts)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Skype] => E:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [GoogleChromeAutoLaunch_1BB0B968DB2E1DD5640AAF2B69FD58ED] => E:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
AppInit_DLLs: E:\Program Files => E:\Program Files [0 2014-12-30] ()
AppInit_DLLs-x32: E:\Program Files => E:\Program Files [0 2014-12-30] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ESO Survey Live.lnk
ShortcutTarget: ESO Survey Live.lnk -> E:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe ()
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> E:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (Buffalo Inc.)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk
ShortcutTarget: NAS Scheduler.lnk -> E:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> E:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1010802133-681624663-1200860190-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\Program Files\Classic Shell\ClassicIEDLL_32.dll No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
Toolbar: HKLM-x32 - No Name - {553891B7-A0D5-4526-BE18-D3CE461D6310} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\9ir82fto.default
FF DefaultSearchEngine: Microsoft (Bing)
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> E:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> E:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> E:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> E:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> E:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> E:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1010802133-681624663-1200860190-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pascal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1010802133-681624663-1200860190-1001: ubisoft.com/uplaypc -> E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\9ir82fto.default\searchplugins\bing-avast.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - E:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - E:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-20]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-31]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-31]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-31]
CHR Extension: (ZenMate) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-12-09]
CHR Extension: (Twitch Live) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2014-08-30]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2014-12-30]
CHR Extension: (Google Wallet) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-31]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-31]
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-29]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-29]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-29]
CHR Extension: (avast! Online Security) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-29]
CHR Extension: (Google Wallet) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-29]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-28]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device; E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-06-12] (Apple Inc.)
R2 avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-28] (AVAST Software)
R3 AvastVBoxSvc; E:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-28] (Avast Software)
R2 Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
S3 DAUpdaterSvc; E:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-07-19] (BioWare)
R2 GfExperienceService; E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 gupdate; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-10-20] (Google Inc.)
S3 gupdatem; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-10-20] (Google Inc.)
R3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [641352 2014-08-01] (Apple Inc.)
S3 MozillaMaintenance; E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [118896 2014-02-13] (Mozilla Foundation)
R2 NasPmService; E:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251760 2012-03-29] (BUFFALO INC.)
R2 NvNetworkService; E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-26] (Electronic Arts)
S3 ose; E:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-08-15] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-08-12] ()
R2 Razer Game Scanner Service; E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
S2 SkypeUpdate; E:\Program Files (x86)\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
S3 Steam Client Service; E:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-12-20] (Valve Corporation)
R2 Stereo Service; E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [410768 2014-12-13] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-28] ()
S3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [37888 2014-09-02] (LogMeIn Inc.) [File not signed]
R3 NvStreamKms; E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-09-05] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
R2 VBoxAswDrv; E:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-28] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-31 01:48 - 2014-12-31 01:48 - 00001020 _____ () C:\Users\Pascal\Desktop\checkup.txt
2014-12-30 21:27 - 2014-12-30 21:27 - 00000000 ____D () E:\Program Files (x86)\ESET
2014-12-30 21:26 - 2014-12-30 21:27 - 02347384 _____ (ESET) C:\Users\Pascal\Downloads\esetsmartinstaller_deu.exe
2014-12-30 21:26 - 2014-12-30 21:26 - 00852505 _____ () C:\Users\Pascal\Downloads\SecurityCheck.exe
2014-12-30 03:52 - 2014-12-30 03:52 - 00000197 _____ () C:\WINDOWS\system32\2014-12-30-02-52-36.040-AvastVBoxSVC.exe-3064.log
2014-12-30 02:44 - 2014-12-30 03:09 - 00000000 ____D () C:\Users\Pascal\Desktop\Daten
2014-12-30 00:29 - 2014-12-30 00:29 - 00000197 _____ () C:\WINDOWS\system32\2014-12-29-23-29-01.015-AvastVBoxSVC.exe-3008.log
2014-12-30 00:20 - 2014-12-30 00:21 - 00000197 _____ () C:\WINDOWS\system32\2014-12-29-23-20-50.028-AvastVBoxSVC.exe-3316.log
2014-12-30 00:20 - 2014-12-30 00:20 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-12-30 00:16 - 2014-12-30 00:17 - 00000000 ____D () C:\AdwCleaner
2014-12-30 00:16 - 2014-12-30 00:16 - 00000247 _____ () C:\WINDOWS\system32\2014-12-29-23-16-27.053-aswFe.exe-6520.log
2014-12-30 00:14 - 2014-12-30 00:16 - 00000247 _____ () C:\WINDOWS\system32\2014-12-29-23-14-47.042-aswFe.exe-2820.log
2014-12-30 00:14 - 2014-12-30 00:14 - 01707939 _____ (Thisisu) C:\Users\Pascal\Desktop\JRT.exe
2014-12-30 00:14 - 2014-12-30 00:14 - 00000197 _____ () C:\WINDOWS\system32\2014-12-29-23-14-45.074-AvastVBoxSVC.exe-2268.log
2014-12-30 00:13 - 2014-12-30 00:13 - 02173952 _____ () C:\Users\Pascal\Desktop\AdwCleaner_4.106.exe
2014-12-30 00:13 - 2014-12-30 00:13 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2014-12-30 00:13 - 2014-12-30 00:13 - 00000000 ____D () C:\WINDOWS\system32\vbox
2014-12-29 23:59 - 2014-12-29 23:59 - 00001017 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-29 23:59 - 2014-12-29 23:59 - 00000000 ____D () E:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-12-29 23:59 - 2014-12-29 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-12-29 23:59 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-12-29 23:59 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-12-29 15:27 - 2014-12-30 00:12 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-29 15:27 - 2014-12-29 23:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-29 15:27 - 2014-12-29 15:36 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-12-29 15:25 - 2014-12-29 15:36 - 00000000 ____D () C:\Users\Pascal\Desktop\mbar
2014-12-29 15:25 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-12-29 15:20 - 2014-12-29 15:20 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Pascal\Desktop\mbar-1.08.2.1001.exe
2014-12-29 15:19 - 2014-12-29 15:19 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Pascal\Downloads\tdsskiller.exe
2014-12-28 19:51 - 2014-12-28 19:51 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-12-28 19:51 - 2014-12-28 19:51 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-12-28 19:51 - 2014-12-28 19:51 - 00001055 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-28 17:08 - 2014-12-28 21:02 - 00000000 ____D () E:\Program Files (x86)\Mozilla Thunderbird
2014-12-28 16:41 - 2014-12-31 01:49 - 00022008 _____ () C:\Users\Pascal\Downloads\FRST.txt
2014-12-28 16:41 - 2014-12-31 01:49 - 00000000 ____D () C:\FRST
2014-12-28 16:41 - 2014-12-30 00:25 - 00032284 _____ () C:\Users\Pascal\Downloads\Addition.txt
2014-12-28 16:29 - 2014-12-28 16:29 - 02123264 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64.exe
2014-12-28 01:34 - 2014-12-30 19:24 - 00000000 ____D () E:\Program Files (x86)\Mod Organizer
2014-12-28 01:34 - 2014-12-28 01:34 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mod Organizer
2014-12-27 19:52 - 2014-12-27 19:52 - 00002032 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-12-27 19:52 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-12-27 19:51 - 2014-12-27 19:52 - 00000000 ____D () C:\WINDOWS\LastGood
2014-12-27 19:51 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-27 19:51 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00834880 _____ () C:\WINDOWS\system32\nvmcumd.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-12-27 19:51 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-12-27 19:51 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-12-27 19:51 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2014-12-27 04:12 - 2014-12-27 18:55 - 00000000 ____D () C:\ENB FXAA SweetFX Manager
2014-12-26 02:06 - 2014-12-30 05:37 - 00000000 ____D () C:\Users\Pascal\Downloads\Skyrim
2014-12-26 01:33 - 2014-12-26 01:34 - 18816637 _____ () C:\Users\Pascal\Desktop\Mod Organizer v1_2_14 installer-1334-1-2-14.exe
2014-12-25 23:00 - 2014-12-25 23:00 - 00012678 _____ () C:\Users\Pascal\Desktop\Mods.csv
2014-12-25 18:22 - 2014-12-25 18:22 - 00000000 ____D () C:\Users\Pascal\AppData\Local\RzStats
2014-12-24 16:10 - 2014-12-24 16:10 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-12-24 16:10 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-24 16:10 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-24 01:20 - 2014-11-17 22:37 - 00129600 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2014-12-24 01:19 - 2014-12-24 01:19 - 00068072 _____ () C:\WINDOWS\DPINST.LOG
2014-12-24 01:19 - 2014-12-09 23:21 - 00037184 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2014-12-19 04:22 - 2014-12-19 04:22 - 00009728 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzStats.IPC.dll
2014-12-12 15:47 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-12 15:47 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-10 23:18 - 2014-12-10 23:18 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-10 16:02 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 16:02 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 16:02 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 16:02 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 15:56 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 15:56 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 15:56 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 15:56 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 15:56 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 15:56 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 15:56 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 15:56 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 15:56 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 15:56 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 15:56 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 15:56 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 15:56 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 15:56 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 15:56 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 15:56 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 15:56 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 15:56 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 15:56 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 15:56 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 15:56 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 15:56 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 15:56 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 15:56 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 15:56 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 15:56 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 15:56 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 15:56 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 15:56 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 15:56 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 15:56 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 15:56 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 15:56 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 15:56 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 15:56 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 15:56 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 15:56 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 15:56 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 15:56 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 15:55 - 2014-12-04 00:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-10 15:55 - 2014-12-04 00:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-10 15:55 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 15:55 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 15:55 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 15:55 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 15:55 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-04 16:15 - 2014-12-04 16:15 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Risk_of_Rain
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-31 01:45 - 2014-03-16 19:13 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\ClassicShell
2014-12-31 01:21 - 2014-03-31 14:49 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-31 01:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-31 00:59 - 2014-03-16 16:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-30 21:50 - 2013-10-20 19:13 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Skype
2014-12-30 21:50 - 2013-10-20 14:21 - 00000000 ____D () E:\Program Files (x86)\Steam
2014-12-30 21:46 - 2013-10-20 15:26 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Battle.net
2014-12-30 21:44 - 2013-10-20 14:10 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{61CE681B-6CA3-4450-AB68-D7D283842AA0}
2014-12-30 21:27 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-30 21:27 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-30 21:27 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-30 21:24 - 2014-08-11 00:05 - 00006279 _____ () C:\WINDOWS\setupact.log
2014-12-30 20:59 - 2013-11-05 18:57 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\TS3Client
2014-12-30 19:39 - 2014-02-07 16:05 - 00008980 _____ () C:\Users\Pascal\Documents\TombRaider.log
2014-12-30 19:31 - 2014-06-24 21:12 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Nidhogg
2014-12-30 19:13 - 2014-08-06 00:56 - 01857046 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-30 15:35 - 2013-10-20 12:09 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1010802133-681624663-1200860190-1001
2014-12-30 15:25 - 2014-03-31 14:49 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-30 03:50 - 2014-03-16 16:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-30 03:50 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-30 00:23 - 2014-08-05 22:28 - 00099328 ___SH () C:\Users\Pascal\Downloads\Thumbs.db
2014-12-30 00:18 - 2014-08-14 15:14 - 00100872 _____ () C:\WINDOWS\PFRO.log
2014-12-30 00:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-12-29 22:32 - 2013-10-26 21:17 - 00324096 ___SH () C:\Users\Pascal\Desktop\Thumbs.db
2014-12-29 20:20 - 2014-08-07 16:37 - 00000000 ____D () E:\Program Files (x86)\Java
2014-12-29 20:20 - 2014-06-16 21:57 - 00320936 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-12-29 20:20 - 2014-06-16 21:57 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-12-29 20:20 - 2014-06-16 21:57 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-12-29 20:20 - 2013-11-16 23:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-29 20:19 - 2014-08-07 16:37 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-12-29 20:19 - 2014-08-07 16:37 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-12-29 20:19 - 2014-08-07 16:37 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-12-29 20:19 - 2014-08-07 16:37 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-12-29 20:19 - 2014-03-16 16:27 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-28 19:51 - 2014-05-17 00:02 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-12-28 03:05 - 2014-08-06 15:59 - 00000000 ____D () E:\Program Files (x86)\RivaTuner Statistics Server
2014-12-27 19:52 - 2013-10-20 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-27 18:29 - 2014-10-07 18:19 - 00000000 ___RD () E:\Program Files (x86)\Skype
2014-12-27 18:29 - 2013-10-20 19:13 - 00000000 ____D () C:\ProgramData\Skype
2014-12-27 17:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-25 18:15 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-25 17:48 - 2013-08-22 15:44 - 05074848 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-24 14:38 - 2013-12-25 00:59 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Razer
2014-12-24 01:20 - 2013-12-25 00:59 - 00000000 ____D () C:\ProgramData\Razer
2014-12-24 01:19 - 2013-12-25 00:00 - 00000000 ____D () E:\Program Files (x86)\Razer
2014-12-20 02:18 - 2013-11-14 23:22 - 00000000 ____D () E:\Program Files (x86)\StarCraft II
2014-12-19 14:47 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-19 11:48 - 2014-04-19 18:42 - 00000000 ____D () E:\Program Files (x86)\World of Warcraft
2014-12-18 21:34 - 2014-07-06 15:31 - 00000000 ____D () C:\Users\Pascal\.gimp-2.8
2014-12-14 20:14 - 2013-11-24 21:45 - 00000000 ____D () C:\ProgramData\Origin
2014-12-14 18:44 - 2014-11-26 18:53 - 00001205 _____ () C:\Users\Public\Desktop\Dragon Age Inquisition.lnk
2014-12-14 18:37 - 2013-11-24 21:45 - 00000000 ____D () E:\Program Files (x86)\Origin
2014-12-13 11:08 - 2014-11-21 14:18 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-13 11:08 - 2014-06-29 01:26 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-13 11:08 - 2014-03-16 16:58 - 00074056 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-12-13 11:08 - 2014-03-16 16:58 - 00060560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 14128496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 03293136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 00027983 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-12-13 09:03 - 2014-03-16 16:58 - 06859408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 03513488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-12-13 09:03 - 2014-03-16 16:58 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-12-13 01:12 - 2014-06-12 14:34 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-06-12 14:34 - 01291464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-12-13 01:12 - 2013-10-28 16:17 - 02824504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-12-13 01:12 - 2013-10-28 16:17 - 02210040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-12-13 00:11 - 2014-03-16 16:58 - 04151176 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-12-12 17:10 - 2013-10-25 16:19 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-11 19:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-11 14:03 - 2013-10-20 15:26 - 00000000 ____D () E:\Program Files (x86)\Battle.net
2014-12-10 23:18 - 2014-07-09 22:18 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-10 23:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 23:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-10 16:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-10 16:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-10 16:55 - 2013-10-20 14:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 16:55 - 2013-10-20 12:39 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-10 16:52 - 2013-10-20 12:39 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-09 21:02 - 2013-10-20 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-12-09 14:24 - 2014-07-12 16:52 - 00000000 ____D () E:\Program Files (x86)\Diablo III Public Test
2014-12-05 20:42 - 2014-04-06 00:55 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\dvdcss
2014-12-04 21:15 - 2014-01-25 15:24 - 00000000 ____D () E:\Program Files (x86)\Hearthstone
Some content of TEMP:
====================
C:\Users\Pascal\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Pascal\AppData\Local\Temp\jre-8u20-windows-au.exe
C:\Users\Pascal\AppData\Local\Temp\jre-8u25-windows-au.exe
C:\Users\Pascal\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Pascal\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Pascal\AppData\Local\Temp\nvStInst.exe
C:\Users\Pascal\AppData\Local\Temp\pyl4699.tmp.exe
C:\Users\Pascal\AppData\Local\Temp\Quarantine.exe
C:\Users\Pascal\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pascal\AppData\Local\Temp\sonarinst.exe
C:\Users\Pascal\AppData\Local\Temp\sqlite3.dll
C:\Users\Pascal\AppData\Local\Temp\__pythonRunner.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-29 05:27
==================== End Of Log ============================
--- --- --- Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Pascal at 2014-12-31 01:49:34
Running from C:\Users\Pascal\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version: - Jagex Limited)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version: - Cold Beam Games)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BRINK (HKLM-x32\...\Steam App 22350) (Version: - Splash Damage)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version: - )
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version: - Techland)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CastleStorm (HKLM-x32\...\Steam App 241410) (Version: - Zen Studios)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Cities in Motion (HKLM-x32\...\Steam App 73010) (Version: - Colossal Order Ltd.)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
CodeBlocks (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - bgs.bethsoft.com)
Cyberduck 4.4.5 (14721) (HKLM-x32\...\Cyberduck) (Version: 4.4.5 (14721) - )
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version: - Blizzard Entertainment)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.2.24.20 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.233.190 - Electronic Arts Inc.)
DLC Quest (HKLM-x32\...\Steam App 230050) (Version: - Going Loud Studios)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dragon Age Awakening Redesigned (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Awakening Redesigned) (Version: - )
Dragon Age II (HKLM-x32\...\Steam App 47900) (Version: - BioWare)
Dragon Age Redesigned © Morrigan (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned © Morrigan) (Version: - )
Dragon Age Redesigned- Leliana's Song (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned- Leliana's Song) (Version: - )
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned Oghren©) (Version: - )
Dragon Age Redesigned© Zevran (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Zevran) (Version: - )
Dragon Age Redesigned© (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned©) (Version: - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Leliana) (Version: - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Sten) (Version: - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Wynne) (Version: - )
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.3 - Electronic Arts)
DuckTales Remastered (HKLM-x32\...\Steam App 237630) (Version: - WayForward)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version: - AMPLITUDE Studios)
Endless Space (HKLM-x32\...\Steam App 208140) (Version: - Amplitude Studios)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
ESO Survey Live version 1.4.5 (HKLM-x32\...\17CBAF83-B4D1-41CC-B7DC-BFF1D4B9DDAC-live_is1) (Version: 1.4.5 - Immersyve, Inc.)
EVE Online (HKLM-x32\...\Steam App 8500) (Version: - CCP)
Evolve (HKLM-x32\...\Steam App 273350) (Version: - Turtle Rock Studios)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version: - )
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FIFA 12 (HKLM-x32\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.6.0.0 - Electronic Arts)
FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version: - Black Forest Games)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version: - Robotronic Games)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gunpoint (HKLM-x32\...\Steam App 206190) (Version: - Suspicious Developments)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearts of Iron III (HKLM-x32\...\Steam App 25890) (Version: - Paradox Development Studio)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Minifigures Online (HKLM-x32\...\LEGO Minifigures Online_is1) (Version: 1.0.0 - Funcom)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games)
MouseCraft (HKLM-x32\...\Steam App 252750) (Version: - Crunching Koalas)
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Firefox 32.0.3 (x86 de) (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.2 - Black Tree Gaming)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version: - Vitali Kirpu)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version: - Uber Entertainment)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.2.0 - Electronic Arts)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version: - Roccat GmbH)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Sanctum (HKLM-x32\...\Steam App 91600) (Version: - Coffee Stain Studios)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
ShootMania Storm (HKLM-x32\...\Steam App 229870) (Version: - Nadeo)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Solar 2 (HKLM-x32\...\Steam App 97000) (Version: - Murudai)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - )
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam Marines (HKLM-x32\...\Steam App 253630) (Version: - )
SteamWorld Dig (HKLM-x32\...\Steam App 252410) (Version: - Image&Form)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version: - Test3 Projects)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Crew (Beta) (HKLM-x32\...\Uplay Install 750) (Version: - Ubisoft)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version: - Bethesda Game Studios®)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Swapper (HKLM-x32\...\Steam App 231160) (Version: - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED)
Thinking with Time Machine (HKLM-x32\...\Steam App 286080) (Version: - Stridemann)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version: - Giant Army)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visitenkarten (HKLM-x32\...\{B3C40846-559F-4334-BAD5-E138F483A5C5}) (Version: - )
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 3.0.4.3 - Wrye & Wrye Bash Development Team)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
28-12-2014 19:50:47 avast! antivirus system restore point
29-12-2014 20:22:25 Removed Java 7 Update 60 (64-bit)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {31603D6A-F053-4F98-836F-425073C5D8B6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {83214325-2D0C-46EE-933F-0679FAD52A3B} - System32\Tasks\Apple\AppleSoftwareUpdate => E:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8DDC57E8-CFCE-4711-98E3-1F35528EC83C} - System32\Tasks\GoogleUpdateTaskMachineUA => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-20] (Google Inc.)
Task: {9B5AA326-9FC9-49CD-8D15-A3E8C9AC1690} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {A008DB0F-322A-4965-9B85-CB54CA9C113C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {CC8A2D10-AD23-424F-BAD2-9E2DCFEF69C9} - System32\Tasks\GoogleUpdateTaskMachineCore => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-20] (Google Inc.)
Task: {DA482AF7-E48A-45C4-A620-18B49C75E965} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-29] (Adobe Systems Incorporated)
Task: {E6C32FA2-C268-45E3-B1B6-76E646DD49FB} - System32\Tasks\avast! Emergency Update => E:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-28] (AVAST Software)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-05-30 10:32 - 2013-05-30 10:32 - 00034304 _____ () C:\WINDOWS\System32\ssd3clm.dll
2014-08-15 16:48 - 2014-08-15 16:48 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-12-28 19:51 - 2014-12-28 19:51 - 00388208 _____ () E:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-28 19:51 - 2014-12-28 19:51 - 05851328 _____ () E:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-03-16 16:58 - 2014-12-13 09:03 - 00117576 _____ () E:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () E:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-03-16 23:35 - 2008-07-11 15:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2014-03-16 23:35 - 2008-07-11 15:03 - 00282112 ____N () C:\Windows\System\HsMgr64.exe
2013-12-17 17:34 - 2014-12-13 01:13 - 00708240 _____ () E:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2013-12-17 17:34 - 2014-12-13 01:13 - 00854160 _____ () E:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-12-28 19:51 - 2014-12-28 19:51 - 04495336 _____ () E:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-12-30 19:31 - 2014-12-30 19:31 - 02908160 _____ () E:\Program Files\AVAST Software\Avast\defs\14123001\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-28 19:51 - 2014-12-28 19:51 - 38562088 _____ () E:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-01 10:08 - 2014-06-01 10:08 - 00035328 _____ () E:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () E:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () E:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 01077064 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 00211272 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 09009480 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 01677128 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Pascal\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "ESO Survey Live.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "NAS Scheduler.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "BUFFALO NAS Navigator2.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "EADM"
========================= Accounts: ==========================
Administrator (S-1-5-21-1010802133-681624663-1200860190-500 - Administrator - Disabled)
Gast (S-1-5-21-1010802133-681624663-1200860190-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1010802133-681624663-1200860190-1004 - Limited - Enabled)
Pascal (S-1-5-21-1010802133-681624663-1200860190-1001 - Administrator - Enabled) => C:\Users\Pascal
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/31/2014 01:45:48 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (12/30/2014 10:42:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{5b553e30-20eb-4018-8526-38096049c098}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (12/30/2014 10:42:19 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (12/30/2014 09:51:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzStats.Manager.exe, Version: 1.0.0.35, Zeitstempel: 0x548957e0
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x353a3135
ID des fehlerhaften Prozesses: 0x1bfc
Startzeit der fehlerhaften Anwendung: 0xRzStats.Manager.exe0
Pfad der fehlerhaften Anwendung: RzStats.Manager.exe1
Pfad des fehlerhaften Moduls: RzStats.Manager.exe2
Berichtskennung: RzStats.Manager.exe3
Vollständiger Name des fehlerhaften Pakets: RzStats.Manager.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RzStats.Manager.exe5
Error: (12/30/2014 09:51:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzStats.Manager.exe, Version: 1.0.0.35, Zeitstempel: 0x548957e0
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x353a3135
ID des fehlerhaften Prozesses: 0x1bfc
Startzeit der fehlerhaften Anwendung: 0xRzStats.Manager.exe0
Pfad der fehlerhaften Anwendung: RzStats.Manager.exe1
Pfad des fehlerhaften Moduls: RzStats.Manager.exe2
Berichtskennung: RzStats.Manager.exe3
Vollständiger Name des fehlerhaften Pakets: RzStats.Manager.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RzStats.Manager.exe5
Error: (12/30/2014 09:51:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: RzStats.Manager.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 353A3135
Stapel:
Error: (12/30/2014 09:51:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (12/30/2014 09:51:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (12/30/2014 09:27:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (12/30/2014 09:27:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
System errors:
=============
Error: (12/30/2014 06:56:30 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (12/30/2014 06:56:00 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/30/2014 04:38:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/30/2014 04:08:41 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/30/2014 04:08:11 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (12/30/2014 03:52:35 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/30/2014 03:52:05 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (12/30/2014 03:36:44 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/30/2014 03:36:14 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (12/30/2014 00:59:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (12/31/2014 01:45:48 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestE:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (12/30/2014 10:42:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{5b553e30-20eb-4018-8526-38096049c098}\Falscher Parameter. (0x80070057)
Error: (12/30/2014 10:42:19 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WiederherstellungFalscher Parameter. (0x80070057)
Error: (12/30/2014 09:51:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RzStats.Manager.exe1.0.0.35548957e0unknown0.0.0.000000000c000041d353a31351bfc01d0243ce857009dC:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exeunknownb1253e41-9065-11e4-bf21-bc5ff4bc94c0
Error: (12/30/2014 09:51:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RzStats.Manager.exe1.0.0.35548957e0unknown0.0.0.000000000c0000005353a31351bfc01d0243ce857009dC:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exeunknownb06e418e-9065-11e4-bf21-bc5ff4bc94c0
Error: (12/30/2014 09:51:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: RzStats.Manager.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 353A3135
Stapel:
Error: (12/30/2014 09:51:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Pascal\Downloads\esetsmartinstaller_deu.exe
Error: (12/30/2014 09:51:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Pascal\Downloads\esetsmartinstaller_deu.exe
Error: (12/30/2014 09:27:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Pascal\Downloads\esetsmartinstaller_deu.exe
Error: (12/30/2014 09:27:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Pascal\Downloads\esetsmartinstaller_deu.exe
CodeIntegrity Errors:
===================================
Date: 2014-12-28 20:25:18.419
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-04 00:25:19.004
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\Hamdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-08-09 23:48:39.975
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-18 23:58:22.793
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Pascal\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-07-18 23:58:22.738
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 18%
Total physical RAM: 16315.5 MB
Available physical RAM: 13263.79 MB
Total Pagefile: 18747.5 MB
Available Pagefile: 15306.23 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:110.93 GB) (Free:24.88 GB) NTFS
Drive e: (Daten) (Fixed) (Total:931.51 GB) (Free:130.28 GB) NTFS
Drive f: () (Removable) (Total:7.85 GB) (Free:6.62 GB) NTFS
Drive g: (UUI) (Removable) (Total:3.73 GB) (Free:2.78 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 3964B577)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CB3FFC79)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 7.9 GB) (Disk ID: 010E39BC)
Partition 1: (Active) - (Size=7.9 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 3.7 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
31.12.2014, 16:26
| #12 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team warnt vor Bedrohung. Java und Firefox updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter AppInit_DLLs: E:\Program Files => E:\Program Files [0 2014-12-30] ()
AppInit_DLLs-x32: E:\Program Files => E:\Program Files [0 2014-12-30] ()
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.12.2014, 17:38
| #13 |
| | Telekom Abuse Team warnt vor Bedrohung. Hat alles geklappt und vielen Dank für die nette Unterstützung! |
|
31.12.2014, 19:22
| #14 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team warnt vor Bedrohung. Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Telekom Abuse Team warnt vor Bedrohung. |
| abuse, antivirus, avast, bedrohung, befinden, board, e-mail, erhalte, folge, folgende, frage, hinweise, infiziert, interne, laufen, meldung, rechner, sicherheitsexperten, telekom, trojaner, trojaner board, verbindet, warnt, wirklich, zugang, zusätzlich |
Linear-Darstellung
