| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 8: .scr-Datei Download per Link über SteamWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.01.2015, 17:32
| #1 |
 |  Windows 8: .scr-Datei Download per Link über Steam Hey Trojaner-Board Team! Gestern bekam ich von einem Freund von mir einen Link über Steam zugeschickt und dachte mir nichts böses, nach anklicken des Links begann allerdings sofort ein Download in meinem Browser, heruntergeladen wurde die Datei: "Screenshot_071" diese befindet sich immer noch auf meinem Rechner Ich habe den Rechner dann vom W-Lan getrennt. Habe hier jetzt noch die Logs: FRST Log: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Maximilian (administrator) on MAXIS-PC on 07-01-2015 16:42:19
Running from C:\Users\Maximilian\Desktop
Loaded Profile: Maximilian (Available profiles: Maximilian)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) D:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Maximilian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() D:\Programme\puush\puush.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(LOL Replay) D:\LOLReplay\LOLRecorder.exe
(ROCCAT GmbH) D:\Programm(x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(ROCCAT GmbH Co., Ltd.) D:\Programm(x86)\ROCCAT\Talk\Roccat Talk.exe
(ROCCAT GmbH) D:\Programm(x86)\ROCCAT\Kone Pure\KonePureMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) D:\Program Files (x86)\PDF24\pdf24.exe
(Advanced Micro Devices Inc.) D:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) D:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [RoccatIsku] => D:\Programm(x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatKonePure] => D:\Programm(x86)\ROCCAT\Kone Pure\KonePureMonitor.EXE [561152 2013-10-22] (ROCCAT GmbH)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => D:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [StartCCC] => D:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
HKU\S-1-5-21-255192929-2864458584-2136872281-1001\...\Run: [GoogleChromeAutoLaunch_6EC6A5E07D40E919B614D70E465AAA4A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-255192929-2864458584-2136872281-1001\...\Run: [Spotify Web Helper] => C:\Users\Maximilian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-255192929-2864458584-2136872281-1001\...\Run: [puush] => D:\Programme\puush\puush.exe [567880 2014-07-30] ()
HKU\S-1-5-21-255192929-2864458584-2136872281-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> D:\LOLReplay\LOLRecorder.exe (LOL Replay)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase6_17_erinnerung.lnk
ShortcutTarget: phase6_17_erinnerung.lnk -> D:\Program Files (x86)\phase6\phase6_17\WinStart\WinStart.exe (phase6)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk
ShortcutTarget: Roccat Talk.lnk -> C:\Windows\Installer\{605D671E-1D1E-4840-84D9-BFACE17F160D}\NewShortcut1_38373BA15BEE4DD08E16D3720C304537.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maximilian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maximilian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maximilian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maximilian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maximilian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maximilian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Maximilian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-255192929-2864458584-2136872281-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.de
SearchScopes: HKLM -> DefaultScope {9367127A-B854-46CE-BD8A-1247375B513E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {9367127A-B854-46CE-BD8A-1247375B513E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-255192929-2864458584-2136872281-1001 -> DefaultScope {9367127A-B854-46CE-BD8A-1247375B513E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-255192929-2864458584-2136872281-1001 -> {9367127A-B854-46CE-BD8A-1247375B513E} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-04]
Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-21]
CHR Extension: (Google Drive) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-21]
CHR Extension: (Google-Suche) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-21]
CHR Extension: (AdBlock) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-21]
CHR Extension: (Google Wallet) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-21]
CHR Extension: (Google Mail) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-21]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; D:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-21] (Avast Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-08-29] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; D:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-21] ()
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-07-22] (Microsoft Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-21] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-07 16:42 - 2015-01-07 16:42 - 00015262 _____ () C:\Users\Maximilian\Desktop\FRST.txt
2015-01-07 16:41 - 2015-01-07 16:42 - 00000000 ____D () C:\FRST
2015-01-07 16:41 - 2015-01-07 16:41 - 02124288 _____ (Farbar) C:\Users\Maximilian\Downloads\FRST64.exe
2015-01-07 16:41 - 2015-01-07 16:41 - 02124288 _____ (Farbar) C:\Users\Maximilian\Desktop\FRST64.exe
2015-01-07 16:40 - 2015-01-07 16:40 - 00000482 _____ () C:\Users\Maximilian\Desktop\defogger_disable.log
2015-01-07 16:40 - 2015-01-07 16:40 - 00000000 _____ () C:\Users\Maximilian\defogger_reenable
2015-01-07 16:39 - 2015-01-07 16:39 - 00050477 _____ () C:\Users\Maximilian\Downloads\Defogger.exe
2015-01-07 16:39 - 2015-01-07 16:39 - 00050477 _____ () C:\Users\Maximilian\Desktop\Defogger.exe
2015-01-06 20:33 - 2015-01-06 20:33 - 00068096 _____ (EasyAntiCheat Ltd) C:\Users\Maximilian\Downloads\Screenshot_071.scr
2015-01-05 15:36 - 2015-01-05 15:36 - 00000582 _____ () C:\Users\Maximilian\Desktop\Neues Textdokument.txt
2015-01-02 14:56 - 2015-01-02 14:57 - 00000000 ____D () C:\Users\Maximilian\AppData\Local\Skyrim
2015-01-01 14:56 - 2015-01-01 14:56 - 00000000 ____D () C:\Users\Maximilian\AppData\Local\Introversion
2014-12-31 23:11 - 2014-12-31 23:11 - 00000000 ____D () C:\Users\Maximilian\Documents\My Games
2014-12-31 20:29 - 2014-12-31 20:29 - 00000197 _____ () C:\WINDOWS\system32\2014-12-31-19-29-08.023-AvastVBoxSVC.exe-1844.log
2014-12-31 18:30 - 2014-12-31 18:30 - 01045496 _____ () C:\Users\Maximilian\Downloads\Far-Cry-3-Demo-lnstall.exe
2014-12-29 20:19 - 2014-12-29 20:19 - 07346943 _____ () C:\Users\Maximilian\Downloads\HemiHead426.zip
2014-12-29 20:16 - 2014-12-29 20:16 - 07358968 _____ () C:\Users\Maximilian\Downloads\Geforce.zip
2014-12-29 14:01 - 2014-12-29 14:06 - 190040291 _____ () C:\Users\Maximilian\Downloads\Beatmap Pack #385.rar
2014-12-29 11:06 - 2014-12-29 11:06 - 00000000 ____D () C:\ProgramData\ATI
2014-12-29 00:22 - 2014-12-29 00:22 - 00000000 ____D () C:\Users\Maximilian\AppData\Roaming\library_dir
2014-12-29 00:22 - 2014-12-29 00:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-12-29 00:21 - 2015-01-07 16:38 - 00000000 ____D () C:\Users\Maximilian\AppData\Roaming\Raptr
2014-12-29 00:21 - 2014-12-29 00:22 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-12-29 00:21 - 2014-12-29 00:21 - 00057374 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201412290021193760.log
2014-12-29 00:21 - 2014-12-29 00:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-12-29 00:21 - 2014-12-29 00:21 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-12-29 00:19 - 2014-12-29 00:20 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-12-29 00:10 - 2014-12-29 00:10 - 05451464 _____ (Advanced Micro Devices, Inc.) C:\Users\Maximilian\Downloads\autodetectutility.exe
2014-12-29 00:03 - 2014-12-29 00:03 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-12-28 21:31 - 2014-12-29 00:25 - 00000000 ____D () C:\Users\Maximilian\Documents\Euro Truck Simulator 2
2014-12-28 21:31 - 2014-12-28 21:35 - 00000000 ____D () C:\Users\Maximilian\Documents\ETS2MP
2014-12-28 17:41 - 2014-12-28 17:41 - 00000000 ____D () C:\ProgramData\LightScribe
2014-12-28 17:15 - 2014-12-28 17:15 - 00000890 _____ () C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk
2014-12-28 17:15 - 2014-12-28 17:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer
2014-12-28 16:59 - 2014-12-28 16:59 - 03853552 _____ () C:\Users\Maximilian\Downloads\ets2mp_client.zip
2014-12-28 16:22 - 2014-12-28 16:22 - 00000197 _____ () C:\WINDOWS\system32\2014-12-28-15-22-12.083-AvastVBoxSVC.exe-3104.log
2014-12-28 01:03 - 2014-12-28 01:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-12-28 01:00 - 2014-12-28 01:00 - 00000000 ____D () C:\Users\Maximilian\AppData\Roaming\3909
2014-12-27 20:57 - 2015-01-06 00:09 - 00000000 ____D () C:\Users\Maximilian\AppData\Local\Game Dev Tycoon - Steam
2014-12-26 14:45 - 2014-12-26 14:45 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-26 14:44 - 2014-12-26 14:45 - 07980403 _____ () C:\Users\Maximilian\Downloads\csgo settings.7z
2014-12-25 16:47 - 2014-12-25 16:47 - 00000197 _____ () C:\WINDOWS\system32\2014-12-25-15-47-43.083-AvastVBoxSVC.exe-2732.log
2014-12-25 16:43 - 2014-12-25 16:43 - 00000916 _____ () C:\Users\Public\Desktop\Leawo Blu-ray Player.lnk
2014-12-25 16:43 - 2014-12-25 16:43 - 00000000 ____D () C:\Users\Maximilian\AppData\Roaming\Leawo
2014-12-25 16:43 - 2014-12-25 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\leawo
2014-12-25 16:43 - 2014-12-25 16:43 - 00000000 ____D () C:\ProgramData\Leawo
2014-12-25 16:39 - 2014-12-25 16:40 - 38694632 _____ (leawo Software Co., Ltd. ) C:\Users\Maximilian\Downloads\blurayplayer_setup_g.exe
2014-12-25 16:23 - 2014-12-25 16:23 - 00000197 _____ () C:\WINDOWS\system32\2014-12-25-15-23-01.096-AvastVBoxSVC.exe-3056.log
2014-12-25 16:23 - 2014-12-25 16:23 - 00000000 ____D () C:\Users\Maximilian\Documents\CyberLink
2014-12-25 16:23 - 2014-12-25 16:23 - 00000000 ____D () C:\Users\Maximilian\AppData\Local\Power2Go
2014-12-25 16:20 - 2014-12-25 16:21 - 00000000 ____D () C:\Temp
2014-12-25 16:19 - 2014-12-25 16:46 - 00000000 _____ () C:\WINDOWS\lgfwup.ini
2014-12-25 16:19 - 2001-08-29 21:00 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemdisp.tlb
2014-12-25 16:19 - 1998-07-22 00:00 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vb6stkit.dll
2014-12-25 16:19 - 1998-07-22 00:00 - 00102160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6KO.DLL
2014-12-25 16:14 - 2014-12-25 16:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2014-12-25 16:14 - 2014-12-25 16:14 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2014-12-25 16:14 - 2014-12-25 16:14 - 00029480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2014-12-25 16:11 - 2014-12-25 16:23 - 00000000 ____D () C:\Users\Maximilian\AppData\Roaming\CyberLink
2014-12-25 16:11 - 2014-12-25 16:23 - 00000000 ____D () C:\Users\Maximilian\AppData\Local\Cyberlink
2014-12-25 16:09 - 2014-12-25 16:09 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
2014-12-25 16:07 - 2014-12-25 16:41 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-25 16:06 - 2014-12-25 16:19 - 00000000 ____D () C:\ProgramData\Temp
2014-12-22 17:57 - 2014-12-22 17:57 - 14911608 _____ () C:\Users\Maximilian\Downloads\Professionelle_Websites.zip
2014-12-22 12:29 - 2014-12-22 12:29 - 02078158 _____ () C:\Users\Maximilian\Downloads\08.wmv
2014-12-21 20:26 - 2014-12-21 20:26 - 00000000 ____D () C:\Users\Maximilian\AppData\Roaming\Ubisoft
2014-12-21 20:26 - 2014-12-21 20:26 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-12-21 11:47 - 2014-12-21 11:47 - 00279704 _____ () C:\WINDOWS\Minidump\122114-7843-01.dmp
2014-12-21 11:47 - 2014-12-21 11:47 - 00000197 _____ () C:\WINDOWS\system32\2014-12-21-10-47-22.080-AvastVBoxSVC.exe-2912.log
2014-12-20 19:01 - 2014-12-20 19:01 - 00000197 _____ () C:\WINDOWS\system32\2014-12-20-18-01-00.002-AvastVBoxSVC.exe-2896.log
2014-12-20 12:20 - 2014-12-20 12:22 - 00000000 ____D () C:\Users\Maximilian\AppData\Roaming\Notepad++
2014-12-20 12:20 - 2014-12-20 12:20 - 00000000 ____D () C:\Users\Maximilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-12-20 12:20 - 2014-12-20 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-12-20 12:19 - 2014-12-20 12:19 - 07944971 _____ () C:\Users\Maximilian\Downloads\npp.6.7.Installer.exe
2014-12-19 20:02 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-19 20:02 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-19 19:30 - 2014-12-19 19:30 - 00866373 _____ () C:\Users\Maximilian\Downloads\OptiFine_1.8.1_HD_U_B4.jar
2014-12-19 15:34 - 2014-12-19 15:34 - 00005056 _____ () C:\Users\Maximilian\Downloads\bibanator config Dezember 2014.rar
2014-12-16 16:23 - 2014-12-18 20:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-12-13 19:14 - 2014-12-13 19:14 - 00000000 ____D () C:\Users\Maximilian\AppData\Roaming\AMD
2014-12-13 16:38 - 2014-12-13 16:38 - 01765113 _____ () C:\Users\Maximilian\Downloads\map aura.rar
2014-12-11 20:35 - 2014-12-11 20:36 - 49268534 _____ () C:\Users\Maximilian\Downloads\LIFE 128x (Vers. 81).zip
2014-12-11 14:21 - 2014-12-11 14:21 - 00000247 _____ () C:\WINDOWS\system32\2014-12-11-13-21-52.003-aswFe.exe-3780.log
2014-12-11 14:19 - 2014-12-11 14:21 - 00000247 _____ () C:\WINDOWS\system32\2014-12-11-13-19-25.014-aswFe.exe-3980.log
2014-12-11 14:17 - 2014-12-11 14:18 - 00000247 _____ () C:\WINDOWS\system32\2014-12-11-13-17-44.051-aswFe.exe-3612.log
2014-12-11 14:17 - 2014-12-11 14:17 - 00000197 _____ () C:\WINDOWS\system32\2014-12-11-13-17-42.037-AvastVBoxSVC.exe-2396.log
2014-12-11 14:11 - 2014-12-11 14:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2014-12-11 14:11 - 2014-12-11 14:11 - 00000000 ____D () C:\WINDOWS\system32\vbox
2014-12-10 17:37 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 17:37 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 17:37 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 17:37 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 17:24 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 17:24 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 17:24 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 17:24 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 17:24 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 17:24 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 17:24 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 17:24 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 17:24 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 17:24 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 17:24 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 17:24 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 17:24 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 17:24 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 17:24 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 17:24 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 17:24 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 17:24 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 17:24 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 17:24 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 17:24 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 17:24 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 17:24 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 17:24 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 17:24 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 17:24 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 17:24 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 17:24 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 17:24 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 17:24 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 17:24 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 17:24 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 17:24 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 17:24 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 17:24 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 17:24 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 17:24 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 17:24 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 17:24 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 17:24 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 17:24 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 17:24 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 17:24 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 17:24 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 17:24 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 17:24 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 17:24 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-07 16:40 - 2014-07-22 16:51 - 00000000 ____D () C:\Users\Maximilian
2015-01-07 16:40 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-07 16:39 - 2014-07-22 16:54 - 01768910 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-07 16:37 - 2014-08-25 16:19 - 00000000 ____D () C:\Users\Public\Documents\phase6_17_Daten
2015-01-07 16:37 - 2014-07-22 18:01 - 00000000 __RDO () C:\Users\Maximilian\OneDrive
2015-01-07 16:37 - 2014-07-21 19:40 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-07 16:36 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-06 22:26 - 2014-07-21 19:48 - 00000000 ____D () C:\Users\Maximilian\AppData\Roaming\Spotify
2015-01-06 21:47 - 2014-07-21 19:40 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-06 20:27 - 2014-07-23 19:11 - 00000000 ____D () C:\Users\Maximilian\AppData\Roaming\TS3Client
2015-01-06 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-06 10:29 - 2014-07-21 19:43 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-255192929-2864458584-2136872281-1001
2015-01-02 22:54 - 2014-07-21 19:49 - 00000000 ____D () C:\Users\Maximilian\AppData\Local\Spotify
2015-01-02 20:52 - 2014-03-18 11:04 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-02 20:52 - 2014-03-18 10:25 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-02 20:52 - 2014-03-18 10:25 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-02 17:31 - 2014-07-21 19:36 - 00000000 ____D () C:\Users\Maximilian\AppData\Local\VirtualStore
2015-01-02 17:29 - 2014-08-19 19:15 - 00000000 ____D () C:\Users\Maximilian\Desktop\Neuer Ordner
2015-01-02 15:14 - 2014-07-23 11:44 - 00369803 _____ () C:\WINDOWS\DirectX.log
2015-01-01 17:07 - 2014-07-21 20:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-31 20:28 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-29 00:25 - 2014-09-10 06:27 - 00000000 ____D () C:\Users\Maximilian\AppData\Roaming\Guild Wars 2
2014-12-29 00:25 - 2014-08-09 16:50 - 00000000 ____D () C:\Users\Maximilian\Documents\Assassin's Creed IV Black Flag
2014-12-29 00:21 - 2014-07-22 18:09 - 00000000 ____D () C:\ProgramData\AMD
2014-12-29 00:20 - 2014-10-24 23:09 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-12-29 00:20 - 2013-08-22 15:46 - 00300125 _____ () C:\WINDOWS\setupact.log
2014-12-29 00:16 - 2014-07-22 18:08 - 00000000 ____D () C:\AMD
2014-12-29 00:03 - 2014-10-24 22:52 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-12-28 16:21 - 2013-08-22 15:44 - 00420824 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-28 04:48 - 2014-08-19 06:00 - 00000000 ____D () C:\Users\Maximilian\AppData\Roaming\.minecraft
2014-12-25 16:50 - 2014-09-29 15:56 - 00000000 ____D () C:\Users\Maximilian\AppData\Roaming\dvdcss
2014-12-25 16:45 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-25 16:14 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-12-21 11:47 - 2014-08-15 16:39 - 00000000 ____D () C:\WINDOWS\Minidump
2014-12-20 18:58 - 2014-07-21 19:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-20 18:58 - 2014-03-18 02:51 - 00578224 _____ () C:\WINDOWS\PFRO.log
2014-12-19 21:42 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 20:27 - 2014-08-06 13:49 - 00000622 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-12-18 20:26 - 2014-09-04 13:35 - 00000000 ____D () C:\Users\Maximilian\Documents\Visual Studio 2012
2014-12-18 20:26 - 2014-07-21 19:44 - 00002110 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-12-18 20:26 - 2014-07-21 19:44 - 00002098 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-12-18 19:05 - 2014-07-23 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-12-17 21:16 - 2014-07-21 19:44 - 00000000 ____D () C:\Users\Maximilian\AppData\Local\Thunderbird
2014-12-17 19:25 - 2014-07-22 18:09 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-13 13:39 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-11 20:04 - 2014-08-17 13:19 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 14:49 - 2014-07-21 19:41 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-10 21:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 17:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-10 17:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-10 17:41 - 2014-07-21 20:58 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-10 17:39 - 2014-07-21 20:58 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-10 17:26 - 2014-08-10 15:31 - 00000000 ____D () C:\Users\Maximilian\AppData\Local\Battle.net
Some content of TEMP:
====================
C:\Users\Maximilian\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win8.1-64bit.exe
C:\Users\Maximilian\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Maximilian\AppData\Local\Temp\comver.dll
C:\Users\Maximilian\AppData\Local\Temp\drm_dyndata.dll
C:\Users\Maximilian\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Maximilian\AppData\Local\Temp\Execute2App.exe
C:\Users\Maximilian\AppData\Local\Temp\FreeAudioConverter.exe
C:\Users\Maximilian\AppData\Local\Temp\Gw2.exe
C:\Users\Maximilian\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Maximilian\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\Maximilian\AppData\Local\Temp\raptrpatch.exe
C:\Users\Maximilian\AppData\Local\Temp\raptr_stub.exe
C:\Users\Maximilian\AppData\Local\Temp\sqlite3.exe
C:\Users\Maximilian\AppData\Local\Temp\SRLDetectionLibrary7860125379099896725.dll
C:\Users\Maximilian\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-05 11:14
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Maximilian at 2015-01-07 16:43:00
Running from C:\Users\Maximilian\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version: - Trion Worlds, Inc.)
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version: - Ubisoft Montreal)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.5.2014 - Georgy Berdyshev)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DriverAgent by eSupport.com (HKLM-x32\...\DriverAgent_is1) (Version: - Copyright © 2013 eSupport.com, Inc • All Rights Reserved)
Dropbox (HKU\S-1-5-21-255192929-2864458584-2136872281-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.2 R2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.2 R2 Alpha - ETS2MP Team)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Converter version 5.0.52.1122 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.52.1122 - DVDVideoSoft Ltd.)
FSX - Dassault Mirage 2000N (HKLM-x32\...\FSX - Dassault Mirage 2000N_is1) (Version: - Danny Garnier)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Half-Life Dedicated Server Update Tool (HKLM-x32\...\Half-Life Dedicated Server Update Tool) (Version: - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Leawo Blu-ray Player version 1.8.0.4 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.8.0.4 - leawo Software)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LibreOffice 4.2.7.2 (HKLM-x32\...\{A313C39F-79A7-408B-97EE-8F958407D694}) (Version: 4.2.7.2 - The Document Foundation)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.9 - www.leaguereplays.com)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (HKLM-x32\...\{69ec32be-d994-44de-9eae-6d86ced6f352}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{e57f95e3-88d0-4d98-a831-dc312b084fc6}) (Version: latest - ppy Pty Ltd)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
phase-6 Feeding Tool 1.1.6 (HKLM-x32\...\phase-6 Feeding Tool) (Version: 1.1.6 - phase-6)
phase6_17 (HKLM-x32\...\{EFFE151C-F863-4B1E-9E22-3C1369B4C690}) (Version: 1.70.0000 - phase6)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Raptr (HKLM-x32\...\Raptr) (Version: - )
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version: - Roccat GmbH)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version: - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0004 - Roccat GmbH)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Spotify (HKU\S-1-5-21-255192929-2864458584-2136872281-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{0F7A3A0A-0E30-4B9C-99AB-B991E1382769}) (Version: 2.2.1.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
To the Moon (HKLM-x32\...\Steam App 206440) (Version: - Freebird Games)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-255192929-2864458584-2136872281-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Maximilian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-255192929-2864458584-2136872281-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Maximilian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-255192929-2864458584-2136872281-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Maximilian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-255192929-2864458584-2136872281-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Maximilian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-255192929-2864458584-2136872281-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Maximilian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
21-12-2014 20:24:21 DirectX wurde installiert
25-12-2014 16:06:17 Installiert Suite
29-12-2014 00:18:18 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
01-01-2015 17:15:00 DirectX wurde installiert
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {15B4ABD5-3B2E-4952-8C94-62939E19C152} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {25359E8F-54C0-4001-9EB2-2AB49AA7B296} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-21] (AVAST Software)
Task: {88C95C5A-CDD2-44E5-8BC3-39AF5E00B00F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-21] (Google Inc.)
Task: {9C3C677B-BFD5-4D5E-BE4F-8D46753B811E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-21] (Google Inc.)
Task: {E1D50D70-ABC0-4E57-8F0D-149E30B65797} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {F3739E6B-0414-4376-AAD0-B773CA555887} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-255192929-2864458584-2136872281-1001
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-08-05 13:19 - 2014-08-05 13:19 - 00034304 _____ () C:\WINDOWS\System32\sst6clm.dll
2014-11-20 21:23 - 2014-11-20 21:23 - 00214528 _____ () D:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () D:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () D:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2014-11-20 21:23 - 2014-11-20 21:23 - 00127488 _____ () D:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-08-06 17:28 - 2014-08-29 22:04 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-11-21 15:10 - 2014-11-21 15:10 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-21 15:10 - 2014-11-21 15:10 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-07-30 10:50 - 2014-07-30 10:50 - 00567880 _____ () D:\Programme\puush\puush.exe
2014-11-20 21:23 - 2014-11-20 21:23 - 00102400 _____ () D:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-12-31 15:35 - 2014-12-31 15:35 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14123100\algo.dll
2014-11-21 15:10 - 2014-11-21 15:10 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-12-31 20:29 - 2014-12-31 20:29 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14123101\algo.dll
2015-01-06 10:31 - 2015-01-06 10:31 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010600\algo.dll
2015-01-07 16:41 - 2015-01-07 16:41 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010700\algo.dll
2014-12-11 14:49 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-11 14:49 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-11 14:49 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-11 14:49 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2011-03-04 12:02 - 2011-03-04 12:02 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2011-03-04 12:02 - 2011-03-04 12:02 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2011-03-04 12:02 - 2011-03-04 12:02 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2014-07-18 09:29 - 2014-07-18 09:29 - 00420352 _____ () D:\LOLReplay\LOLUtils.dll
2014-07-21 20:36 - 2010-11-04 10:48 - 00061440 _____ () D:\Programm(x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2014-07-21 20:37 - 2012-06-23 13:54 - 00061440 _____ () D:\Programm(x86)\ROCCAT\Kone Pure\hiddriver.dll
2014-11-21 15:10 - 2014-11-21 15:10 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2014-08-14 01:37 - 2014-08-14 01:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 01:37 - 2014-08-14 01:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 01:05 - 2013-11-21 01:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Maximilian\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-255192929-2864458584-2136872281-500 - Administrator - Disabled)
Gast (S-1-5-21-255192929-2864458584-2136872281-501 - Limited - Disabled)
Maximilian (S-1-5-21-255192929-2864458584-2136872281-1001 - Administrator - Enabled) => C:\Users\Maximilian
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/04/2015 01:38:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm AION.bin, Version 4514.319.722.8332 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 14ec
Startzeit: 01d0281b4de52983
Endzeit: 2
Anwendungspfad: D:\Programm(x86)\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin
Berichts-ID: a3cec208-940e-11e4-be8b-0026833a0b80
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/03/2015 09:47:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm AION.bin, Version 4514.319.722.8332 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 9b8
Startzeit: 01d02796678b1359
Endzeit: 8
Anwendungspfad: D:\Programm(x86)\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bin
Berichts-ID: c6f1f5a1-9389-11e4-be8b-0026833a0b80
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/01/2015 05:19:03 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (12/29/2014 00:18:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x53ad0dcc
Name des fehlerhaften Moduls: clr.dll, Version: 4.0.30319.34014, Zeitstempel: 0x52e0b86c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000039f0
ID des fehlerhaften Prozesses: 0x17c4
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (12/29/2014 00:18:54 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines internen Fehlers in der .NET-Laufzeit beendet. bei IP 00007FFE8A5C39F0 (00007FFE8A5C0000) mit Exitcode 80131506.
Error: (12/28/2014 04:22:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x53ad0dcc
Name des fehlerhaften Moduls: amdmantle64.dll, Version: 9.1.10.34, Zeitstempel: 0x5417637b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000040cfa6
ID des fehlerhaften Prozesses: 0x17c4
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (12/28/2014 01:09:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: age2_x1.Exe, Version: 0.7.26.809, Zeitstempel: 0x3b7433ec
Name des fehlerhaften Moduls: TAPI32.dll_unloaded, Version: 6.3.9600.16384, Zeitstempel: 0x521588a2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000251c2
ID des fehlerhaften Prozesses: 0x1b08
Startzeit der fehlerhaften Anwendung: 0xage2_x1.Exe0
Pfad der fehlerhaften Anwendung: age2_x1.Exe1
Pfad des fehlerhaften Moduls: age2_x1.Exe2
Berichtskennung: age2_x1.Exe3
Vollständiger Name des fehlerhaften Pakets: age2_x1.Exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: age2_x1.Exe5
Error: (12/28/2014 01:06:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x53ad0dcc
Name des fehlerhaften Moduls: amdmantle64.dll, Version: 9.1.10.34, Zeitstempel: 0x5417637b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000040cfa6
ID des fehlerhaften Prozesses: 0xca0
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (12/27/2014 06:13:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x53ad0dcc
Name des fehlerhaften Moduls: amdmantle64.dll, Version: 9.1.10.34, Zeitstempel: 0x5417637b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000040cfa6
ID des fehlerhaften Prozesses: 0x1350
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (12/27/2014 03:33:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x53ad0dcc
Name des fehlerhaften Moduls: amdmantle64.dll, Version: 9.1.10.34, Zeitstempel: 0x5417637b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000040cfa6
ID des fehlerhaften Prozesses: 0x198c
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
System errors:
=============
Error: (01/06/2015 10:27:09 PM) (Source: DCOM) (EventID: 10010) (User: MAXIS-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/06/2015 10:27:09 PM) (Source: DCOM) (EventID: 10010) (User: MAXIS-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/06/2015 00:10:11 AM) (Source: DCOM) (EventID: 10010) (User: MAXIS-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/06/2015 00:10:11 AM) (Source: DCOM) (EventID: 10010) (User: MAXIS-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/06/2015 00:10:11 AM) (Source: DCOM) (EventID: 10010) (User: MAXIS-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/06/2015 00:10:11 AM) (Source: DCOM) (EventID: 10010) (User: MAXIS-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/04/2015 11:36:48 PM) (Source: DCOM) (EventID: 10010) (User: MAXIS-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/04/2015 11:36:48 PM) (Source: DCOM) (EventID: 10010) (User: MAXIS-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/04/2015 05:06:20 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LAPTOP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{989B0D8E-0D60-4B1C-84A2-9CA9E85CBF8A}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (01/04/2015 00:31:20 AM) (Source: DCOM) (EventID: 10010) (User: MAXIS-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Microsoft Office Sessions:
=========================
Error: (01/04/2015 01:38:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: AION.bin4514.319.722.833214ec01d0281b4de529832D:\Programm(x86)\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.bina3cec208-940e-11e4-be8b-0026833a0b80
Error: (01/03/2015 09:47:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: AION.bin4514.319.722.83329b801d02796678b13598D:\Programm(x86)\GameforgeLive\Games\DEU_deu\AION\Download\bin32\AION.binc6f1f5a1-9389-11e4-be8b-0026833a0b80
Error: (01/01/2015 05:19:03 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883
Error: (12/29/2014 00:18:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe4.5.0.053ad0dccclr.dll4.0.30319.3401452e0b86cc000000500000000000039f017c401d022b21e805dbcC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dlle4502bd2-8ee7-11e4-be8a-0026833a0b80
Error: (12/29/2014 00:18:54 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Anwendung: CCC.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines internen Fehlers in der .NET-Laufzeit beendet. bei IP 00007FFE8A5C39F0 (00007FFE8A5C0000) mit Exitcode 80131506.
Error: (12/28/2014 04:22:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe4.5.0.053ad0dccamdmantle64.dll9.1.10.345417637bc0000005000000000040cfa617c401d022b21e805dbcC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\WINDOWS\SYSTEM32\amdmantle64.dll5faf631d-8ea5-11e4-be8a-0026833a0b80
Error: (12/28/2014 01:09:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: age2_x1.Exe0.7.26.8093b7433ecTAPI32.dll_unloaded6.3.9600.16384521588a2c0000005000251c21b0801d022325aeee7c6D:\Program Files (x86)\Age2_X1\age2_x1.ExeTAPI32.dlld5ba3370-8e25-11e4-be89-0026833a0b80
Error: (12/28/2014 01:06:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe4.5.0.053ad0dccamdmantle64.dll9.1.10.345417637bc0000005000000000040cfa6ca001d0223219b49902C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\WINDOWS\SYSTEM32\amdmantle64.dll5ab64e02-8e25-11e4-be89-0026833a0b80
Error: (12/27/2014 06:13:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe4.5.0.053ad0dccamdmantle64.dll9.1.10.345417637bc0000005000000000040cfa6135001d021f85d6f1591C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\WINDOWS\SYSTEM32\amdmantle64.dll9dcac443-8deb-11e4-be89-0026833a0b80
Error: (12/27/2014 03:33:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe4.5.0.053ad0dccamdmantle64.dll9.1.10.345417637bc0000005000000000040cfa6198c01d021e219751086C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\WINDOWS\SYSTEM32\amdmantle64.dll5a3efe21-8dd5-11e4-be89-0026833a0b80
==================== Memory info ===========================
Processor: AMD A8-3870 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 26%
Total physical RAM: 8169.33 MB
Available physical RAM: 6002.19 MB
Total Pagefile: 16361.33 MB
Available Pagefile: 13870.88 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:59.62 GB) (Free:7.1 GB) NTFS
Drive d: () (Fixed) (Total:465.66 GB) (Free:228.36 GB) NTFS
Drive e: (SHERLOCK STAFFEL 3 DISK 1) (CDROM) (Total:43.89 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B17F5FA2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 59.6 GB) (Disk ID: 2C2E3B23)
Partition 1: (Not Active) - (Size=59.6 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:40 on 07/01/2015 (Maximilian)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-07 17:12:06
Windows 6.2.9200 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-4 SanDisk_SDSSDP064G rev.1.0.0 59,63GB
Running: Gmer-19357.exe; Driver: C:\Users\MAXIMI~1\AppData\Local\Temp\kglcypod.sys
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\atieclxx.exe[8032] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffae2d5169a 4 bytes [D5, E2, FA, 7F]
.text C:\WINDOWS\system32\atieclxx.exe[8032] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffae2d516a2 4 bytes [D5, E2, FA, 7F]
.text C:\WINDOWS\system32\atieclxx.exe[8032] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffae2d5181a 4 bytes [D5, E2, FA, 7F]
.text C:\WINDOWS\system32\atieclxx.exe[8032] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffae2d51832 4 bytes [D5, E2, FA, 7F]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [3152:6068] fffff9600083cb90
---- Processes - GMER 2.1 ----
Library C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c\LibWrap.dll (*** suspicious ***) @ C:\WINDOWS\syswow64\wwahost.exe [8184] (Microsoft Skype/Microsoft Corporation)(2014-12-14 11:17:16) 00000000662c0000
Library C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c\Microsoft.PerfTrack.dll (*** suspicious ***) @ C:\WINDOWS\syswow64\wwahost.exe [8184] (Microsoft.PerfTrack.dll/Microsoft Corporation)(2014-03-18 09:48:21) 00000000600c0000
Library C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c\MicrosoftAdvertising.dll (*** suspicious ***) @ C:\WINDOWS\syswow64\wwahost.exe [8184] (Microsoft Advertising Native SDK for Windows 8/Microsoft Corporation)(2014-03-18 09:48:21) 000000005baa0000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\GSM4B70268853_02_07D8_76^DB0BFDCDEFF71A145EE8A336C1C7BB38@Timestamp 0x03 0xA6 0x1C 0xD1 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -1136430261
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime 14941
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalResumeTime 18982
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeBootMgrTime 307
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppTime 606
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppStartTimestamp 15251
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeLibraryInitTime 43
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeInitTime 17
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeHiberFileTime 544
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeRestoreImageStartTimestamp 15312
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeIoTime 331
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressTime 192
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeKernelSwitchTimestamp 15857
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnFromHandlerTimestamp 16526
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@SleeperThreadEndTimestamp 17548
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TimeStampCounterAtSwitchTime 16526
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnSystemPowerState 18835
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberHiberFileTime 24140
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberInitTime 9
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberSharedBufferTime 2
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalHibernateTime 27389
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeHiberFileTime 1011
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeSharedBufferTime 6
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@DeviceResumeTime 1259
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesProcessed 252871
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesWritten 0xE0 0x59 0x01 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesProcessed 33202
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesWritten 0x06 0x4B 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberWriteRate 17
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberCompressRate 42
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeReadRate 315
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressRate 139
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeIoCpuTime 408
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberIoCpuTime 19601
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HybridBootAnimationTime 1047
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeCompleteTimestamp 0xA7 0x9D 0x69 0x1C ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@GlassSessionId 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0026833a0b80
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Upgrade\LocalRadioSettings
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{FDF5E9A3-E534-42E6-950A-DF0B0975400A}@DefunctTimestamp 0xBE 0x38 0xAC 0x54 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\7c-4f-b5-96-66-2c@AddressCreationTimestamp 0xEF 0xC2 0xBC 0x0A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Teredo\PreviousState\7c-4f-b5-96-66-2c@TeredoAddress 2001:0:9d38:90d7:28f0:212:a226:9b5d
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 3564
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 1767
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{989B0D8E-0D60-4B1C-84A2-9CA9E85CBF8A}@LeaseObtainedTime 1420571117
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{989B0D8E-0D60-4B1C-84A2-9CA9E85CBF8A}@T1 1421478317
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{989B0D8E-0D60-4B1C-84A2-9CA9E85CBF8A}@T2 1422158717
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{989B0D8E-0D60-4B1C-84A2-9CA9E85CBF8A}@LeaseTerminatesTime 1422385517
Reg HKLM\SYSTEM\CurrentControlSet\Services\TCPIP6\Parameters\Interfaces\{989B0D8E-0D60-4B1C-84A2-9CA9E85CBF8A}@Dhcpv6InformationObtainedTime 1420571120
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ...
Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{79fb8d99-11b7-11e4-824f-806e6f6e6963}\Current Media
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{79fb8d99-11b7-11e4-824f-806e6f6e6963}\Current Media@TotalBytes 0x00 0x00 0xAC 0xF8 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{79fb8d99-11b7-11e4-824f-806e6f6e6963}\Current Media@FreeBytes 0x00 0x00 0x00 0x00 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{79fb8d99-11b7-11e4-824f-806e6f6e6963}\Current Media@Blank Disc 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{79fb8d99-11b7-11e4-824f-806e6f6e6963}\Current Media@Can Close 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{79fb8d99-11b7-11e4-824f-806e6f6e6963}\Current Media@Media Type 1048576
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{79fb8d99-11b7-11e4-824f-806e6f6e6963}\Current Media@Imapi Media State 32768
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{79fb8d99-11b7-11e4-824f-806e6f6e6963}\Current Media@IsImapiDataBurnSupported 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{79fb8d99-11b7-11e4-824f-806e6f6e6963}\Current Media@IsImapiEraseSupported 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{79fb8d99-11b7-11e4-824f-806e6f6e6963}\Current Media@Live FS 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{79fb8d99-11b7-11e4-824f-806e6f6e6963}\Current Media@Disc Label SHERLOCK STAFFEL 3 DISK 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{79fb8d99-11b7-11e4-824f-806e6f6e6963}\Current Media@Set 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79fb8d99-11b7-11e4-824f-806e6f6e6963}\shell
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79fb8d99-11b7-11e4-824f-806e6f6e6963}\shell@ None
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79fb8d99-11b7-11e4-824f-806e6f6e6963}\shell\Autoplay
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79fb8d99-11b7-11e4-824f-806e6f6e6963}\shell\Autoplay@MUIVerb @shell32.dll,-8507
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79fb8d99-11b7-11e4-824f-806e6f6e6963}\shell\Autoplay\DropTarget
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{79fb8d99-11b7-11e4-824f-806e6f6e6963}\shell\Autoplay\DropTarget@CLSID {F26A669A-BCBB-4E37-ABF9-7325DA15F931}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell\StateStore@ProcessedPackageStateChangeVersion 803
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\DirtyLocalCollections@windows-wireless 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@PolicyDocumentLastRefresh 0xA2 0x16 0x5D 0x50 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@WindowsBandwidthBucketCounter 12100
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsBandwidthBucketDrainTime 0x7D 0x19 0x4E 0xF8 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@WindowsRequestBucketCounter 15074
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsRequestBucketDrainTime 0xFE 0x10 0x91 0xC7 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsLargeBandwidthBucketDrainTime 0x68 0xFA 0xAA 0x21 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsLargeRequestBucketDrainTime 0xFE 0x10 0x91 0xC7 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@OtherBandwidthBucketCounter 600
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastOtherBandwidthBucketDrainTime 0xE2 0xCC 0xD5 0x6F ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastOtherRequestBucketDrainTime 0xFE 0x10 0x91 0xC7 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@GlobalBandwidthBucketCounter 43170
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastGlobalBandwidthBucketDrainTime 0x98 0x36 0x17 0x83 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@GlobalRequestBucketCounter 100
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastGlobalRequestBucketDrainTime 0xFE 0x10 0x91 0xC7 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@RoamingSyncToken LM%3d63556167920437%3bID%3d2B10FB0C29EC20C5!104%3bLR%3d63556167921520%3bEP%3d4%3bTD%3dTrue%3bSO%3d0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastUploadTime 0x33 0x06 0xA9 0xC7 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastRenewCollectionsInterest 0x81 0xD3 0xF9 0x28 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastDownloadCollectionInterest 0x84 0x4E 0x4D 0x4F ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\PushNotifications@MobileBroadbandLastResetDate 0x51 0x9B 0xE8 0x1C ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData@PendingOperations 14
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Store@LastTileRefresh 0x48 0xD4 0x3E 0xDE ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Store\RefreshBannedAppList@BannedAppsLastModified 0x00 0x4E 0xE0 0xDA ...
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk1\DR1 unknown MBR code
---- EOF - GMER 2.1 ----
Bedanke mich im Vorraus schon mal für die Hilfe  Mfg maxi078 |
|
07.01.2015, 17:33
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 8: .scr-Datei Download per Link über Steam hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
07.01.2015, 17:45
| #3 |
| | Windows 8: .scr-Datei Download per Link über Steam Danke für die schnelle Antwort!
__________________So hier der angeforderte Log: Code:
ATTFilter 17:40:25.0621 0x1e00 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
17:40:39.0842 0x1e00 ============================================================
17:40:39.0842 0x1e00 Current date / time: 2015/01/07 17:40:39.0842
17:40:39.0842 0x1e00 SystemInfo:
17:40:39.0842 0x1e00
17:40:39.0842 0x1e00 OS Version: 6.3.9600 ServicePack: 0.0
17:40:39.0842 0x1e00 Product type: Workstation
17:40:39.0842 0x1e00 ComputerName: MAXIS-PC
17:40:39.0842 0x1e00 UserName: Maximilian
17:40:39.0842 0x1e00 Windows directory: C:\WINDOWS
17:40:39.0842 0x1e00 System windows directory: C:\WINDOWS
17:40:39.0842 0x1e00 Running under WOW64
17:40:39.0842 0x1e00 Processor architecture: Intel x64
17:40:39.0842 0x1e00 Number of processors: 4
17:40:39.0842 0x1e00 Page size: 0x1000
17:40:39.0842 0x1e00 Boot type: Normal boot
17:40:39.0842 0x1e00 ============================================================
17:40:40.0061 0x1e00 KLMD registered as C:\WINDOWS\system32\drivers\38060926.sys
17:40:40.0342 0x1e00 System UUID: {BED00EAF-6823-5491-21A5-44995F975F1D}
17:40:40.0875 0x1e00 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:40:40.0875 0x1e00 Drive \Device\Harddisk1\DR1 - Size: 0xEE8156000 ( 59.63 Gb ), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:40:40.0891 0x1e00 ============================================================
17:40:40.0891 0x1e00 \Device\Harddisk0\DR0:
17:40:40.0891 0x1e00 MBR partitions:
17:40:40.0891 0x1e00 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:40:40.0891 0x1e00 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
17:40:40.0891 0x1e00 \Device\Harddisk1\DR1:
17:40:40.0891 0x1e00 MBR partitions:
17:40:40.0891 0x1e00 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x773F800
17:40:40.0891 0x1e00 ============================================================
17:40:40.0906 0x1e00 C: <-> \Device\Harddisk1\DR1\Partition1
17:40:40.0922 0x1e00 D: <-> \Device\Harddisk0\DR0\Partition2
17:40:40.0922 0x1e00 ============================================================
17:40:40.0922 0x1e00 Initialize success
17:40:40.0922 0x1e00 ============================================================
17:41:29.0053 0x2010 ============================================================
17:41:29.0053 0x2010 Scan started
17:41:29.0053 0x2010 Mode: Manual; SigCheck; TDLFS;
17:41:29.0053 0x2010 ============================================================
17:41:29.0053 0x2010 KSN ping started
17:41:31.0431 0x2010 KSN ping finished: true
17:41:32.0071 0x2010 ================ Scan system memory ========================
17:41:32.0071 0x2010 System memory - ok
17:41:32.0071 0x2010 ================ Scan services =============================
17:41:32.0134 0x2010 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
17:41:32.0196 0x2010 1394ohci - ok
17:41:32.0212 0x2010 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
17:41:32.0243 0x2010 3ware - ok
17:41:32.0259 0x2010 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
17:41:32.0305 0x2010 ACPI - ok
17:41:32.0305 0x2010 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
17:41:32.0339 0x2010 acpiex - ok
17:41:32.0339 0x2010 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
17:41:32.0370 0x2010 acpipagr - ok
17:41:32.0370 0x2010 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
17:41:32.0401 0x2010 AcpiPmi - ok
17:41:32.0401 0x2010 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
17:41:32.0433 0x2010 acpitime - ok
17:41:32.0448 0x2010 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:41:32.0479 0x2010 AdobeARMservice - ok
17:41:32.0495 0x2010 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:41:32.0542 0x2010 ADP80XX - ok
17:41:32.0557 0x2010 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
17:41:32.0589 0x2010 AeLookupSvc - ok
17:41:32.0604 0x2010 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
17:41:32.0651 0x2010 AFD - ok
17:41:32.0651 0x2010 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
17:41:32.0682 0x2010 agp440 - ok
17:41:32.0682 0x2010 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:41:32.0729 0x2010 ahcache - ok
17:41:32.0729 0x2010 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe
17:41:32.0760 0x2010 ALG - ok
17:41:32.0776 0x2010 [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
17:41:32.0807 0x2010 AMD External Events Utility - ok
17:41:32.0839 0x2010 AMD FUEL Service - ok
17:41:32.0854 0x2010 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
17:41:32.0917 0x2010 AmdK8 - ok
17:41:32.0932 0x2010 [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys
17:41:32.0964 0x2010 amdkmafd - ok
17:41:33.0354 0x2010 [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
17:41:33.0887 0x2010 amdkmdag - ok
17:41:33.0934 0x2010 [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
17:41:33.0981 0x2010 amdkmdap - ok
17:41:33.0996 0x2010 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
17:41:34.0028 0x2010 AmdPPM - ok
17:41:34.0028 0x2010 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
17:41:34.0043 0x2010 amdsata - ok
17:41:34.0059 0x2010 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
17:41:34.0090 0x2010 amdsbs - ok
17:41:34.0090 0x2010 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
17:41:34.0121 0x2010 amdxata - ok
17:41:34.0121 0x2010 AODDriver4.2.0 - ok
17:41:34.0137 0x2010 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 D:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:41:34.0184 0x2010 AODDriver4.3 - ok
17:41:34.0200 0x2010 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys
17:41:34.0246 0x2010 AppID - ok
17:41:34.0246 0x2010 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
17:41:34.0278 0x2010 AppIDSvc - ok
17:41:34.0278 0x2010 [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo C:\WINDOWS\System32\appinfo.dll
17:41:34.0309 0x2010 Appinfo - ok
17:41:34.0325 0x2010 [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:41:34.0356 0x2010 AppMgmt - ok
17:41:34.0371 0x2010 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
17:41:34.0418 0x2010 AppReadiness - ok
17:41:34.0450 0x2010 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
17:41:34.0512 0x2010 AppXSvc - ok
17:41:34.0528 0x2010 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
17:41:34.0543 0x2010 arcsas - ok
17:41:34.0543 0x2010 [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
17:41:34.0575 0x2010 aswHwid - ok
17:41:34.0575 0x2010 [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
17:41:34.0590 0x2010 aswMonFlt - ok
17:41:34.0606 0x2010 [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
17:41:34.0621 0x2010 aswRdr - ok
17:41:34.0637 0x2010 [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
17:41:34.0653 0x2010 aswRvrt - ok
17:41:34.0684 0x2010 [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
17:41:34.0731 0x2010 aswSnx - ok
17:41:34.0746 0x2010 [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
17:41:34.0778 0x2010 aswSP - ok
17:41:34.0793 0x2010 [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
17:41:34.0825 0x2010 aswStm - ok
17:41:34.0840 0x2010 [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
17:41:34.0856 0x2010 aswVmm - ok
17:41:34.0871 0x2010 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
17:41:34.0887 0x2010 atapi - ok
17:41:34.0903 0x2010 [ 4ECC791539F23982411864037D1AC8FC, 063CBA00E453B5FF3CDFDFB5FA2E6A190A0DC3D399EC36F646262BE76F98A60C ] AthDfu C:\WINDOWS\System32\Drivers\AthDfu.sys
17:41:34.0918 0x2010 AthDfu - ok
17:41:34.0996 0x2010 [ B04BF12AEBFB5E71971B4EDA4EDFC196, BCFC79ED014F3E835957D6FD5985DF97A9F2BFD9E762594C48AB8299240FF667 ] athr C:\WINDOWS\system32\DRIVERS\athwnx.sys
17:41:35.0121 0x2010 athr - ok
17:41:35.0137 0x2010 [ 8523AA8BD207F937E8C047F8713D4788, EB131C38F51DEDCE2445648CAAE7B7F04F0009EB823A77D1D08B2E9CA8EC9B7D ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWB6.sys
17:41:35.0168 0x2010 AtiHDAudioService - ok
17:41:35.0184 0x2010 [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:41:35.0200 0x2010 AudioEndpointBuilder - ok
17:41:35.0231 0x2010 [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
17:41:35.0278 0x2010 Audiosrv - ok
17:41:35.0293 0x2010 [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:41:35.0309 0x2010 avast! Antivirus - ok
17:41:35.0403 0x2010 [ 4F4EBF6163D3A02D52A66BBD145B0069, 179B2FD2671F6BB8D3F77B39001F546A0DEBE85BFF9782060AF1DC50DFA071EF ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
17:41:35.0543 0x2010 AvastVBoxSvc - ok
17:41:35.0559 0x2010 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
17:41:35.0590 0x2010 AxInstSV - ok
17:41:35.0606 0x2010 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
17:41:35.0637 0x2010 b06bdrv - ok
17:41:35.0653 0x2010 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:41:35.0668 0x2010 BasicDisplay - ok
17:41:35.0684 0x2010 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
17:41:35.0700 0x2010 BasicRender - ok
17:41:35.0700 0x2010 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
17:41:35.0715 0x2010 bcmfn2 - ok
17:41:35.0731 0x2010 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
17:41:35.0778 0x2010 BDESVC - ok
17:41:35.0778 0x2010 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:41:35.0793 0x2010 Beep - ok
17:41:35.0825 0x2010 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll
17:41:35.0871 0x2010 BFE - ok
17:41:35.0903 0x2010 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll
17:41:35.0950 0x2010 BITS - ok
17:41:35.0965 0x2010 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
17:41:35.0981 0x2010 bowser - ok
17:41:35.0996 0x2010 [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:41:36.0028 0x2010 BrokerInfrastructure - ok
17:41:36.0043 0x2010 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\WINDOWS\System32\browser.dll
17:41:36.0075 0x2010 Browser - ok
17:41:36.0090 0x2010 [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
17:41:36.0121 0x2010 BtFilter - ok
17:41:36.0137 0x2010 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:41:36.0153 0x2010 BthAvrcpTg - ok
17:41:36.0153 0x2010 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
17:41:36.0184 0x2010 BthEnum - ok
17:41:36.0184 0x2010 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
17:41:36.0215 0x2010 BthHFEnum - ok
17:41:36.0215 0x2010 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
17:41:36.0246 0x2010 bthhfhid - ok
17:41:36.0246 0x2010 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
17:41:36.0278 0x2010 BTHMODEM - ok
17:41:36.0278 0x2010 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
17:41:36.0309 0x2010 BthPan - ok
17:41:36.0340 0x2010 [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
17:41:36.0403 0x2010 BTHPORT - ok
17:41:36.0418 0x2010 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll
17:41:36.0450 0x2010 bthserv - ok
17:41:36.0450 0x2010 [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
17:41:36.0481 0x2010 BTHUSB - ok
17:41:36.0481 0x2010 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:41:36.0512 0x2010 cdfs - ok
17:41:36.0528 0x2010 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
17:41:36.0543 0x2010 cdrom - ok
17:41:36.0559 0x2010 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
17:41:36.0590 0x2010 CertPropSvc - ok
17:41:36.0590 0x2010 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
17:41:36.0621 0x2010 circlass - ok
17:41:36.0637 0x2010 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
17:41:36.0668 0x2010 CLFS - ok
17:41:36.0684 0x2010 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
17:41:36.0700 0x2010 CmBatt - ok
17:41:36.0715 0x2010 [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
17:41:36.0762 0x2010 CNG - ok
17:41:36.0762 0x2010 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
17:41:36.0793 0x2010 CompositeBus - ok
17:41:36.0793 0x2010 COMSysApp - ok
17:41:36.0809 0x2010 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
17:41:36.0825 0x2010 condrv - ok
17:41:36.0840 0x2010 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
17:41:36.0871 0x2010 CryptSvc - ok
17:41:36.0887 0x2010 [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC C:\WINDOWS\system32\drivers\csc.sys
17:41:36.0918 0x2010 CSC - ok
17:41:36.0950 0x2010 [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService C:\WINDOWS\System32\cscsvc.dll
17:41:36.0996 0x2010 CscService - ok
17:41:36.0996 0x2010 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
17:41:37.0028 0x2010 dam - ok
17:41:37.0043 0x2010 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:41:37.0090 0x2010 DcomLaunch - ok
17:41:37.0106 0x2010 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
17:41:37.0153 0x2010 defragsvc - ok
17:41:37.0168 0x2010 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:41:37.0215 0x2010 DeviceAssociationService - ok
17:41:37.0215 0x2010 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
17:41:37.0246 0x2010 DeviceInstall - ok
17:41:37.0262 0x2010 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
17:41:37.0293 0x2010 Dfsc - ok
17:41:37.0293 0x2010 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
17:41:37.0340 0x2010 Dhcp - ok
17:41:37.0340 0x2010 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
17:41:37.0371 0x2010 disk - ok
17:41:37.0371 0x2010 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
17:41:37.0387 0x2010 dmvsc - ok
17:41:37.0403 0x2010 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:41:37.0434 0x2010 Dnscache - ok
17:41:37.0450 0x2010 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll
17:41:37.0481 0x2010 dot3svc - ok
17:41:37.0496 0x2010 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll
17:41:37.0528 0x2010 DPS - ok
17:41:37.0528 0x2010 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:41:37.0543 0x2010 drmkaud - ok
17:41:37.0590 0x2010 [ 1ED08A6264C5C92099D6D1DAE5E8F530, 4045AE77859B1DBF13972451972EAAF6F3C97BEA423E9E78F1C2F14330CD47CA ] DrvAgent64 C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
17:41:37.0606 0x2010 DrvAgent64 - ok
17:41:37.0606 0x2010 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
17:41:37.0637 0x2010 DsmSvc - ok
17:41:37.0684 0x2010 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:41:37.0762 0x2010 DXGKrnl - ok
17:41:37.0778 0x2010 EagleX64 - ok
17:41:37.0778 0x2010 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll
17:41:37.0809 0x2010 Eaphost - ok
17:41:37.0887 0x2010 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
17:41:38.0012 0x2010 ebdrv - ok
17:41:38.0028 0x2010 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe
17:41:38.0075 0x2010 EFS - ok
17:41:38.0090 0x2010 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
17:41:38.0106 0x2010 EhStorClass - ok
17:41:38.0121 0x2010 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:41:38.0153 0x2010 EhStorTcgDrv - ok
17:41:38.0153 0x2010 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
17:41:38.0184 0x2010 ErrDev - ok
17:41:38.0200 0x2010 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll
17:41:38.0231 0x2010 EventSystem - ok
17:41:38.0246 0x2010 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
17:41:38.0278 0x2010 exfat - ok
17:41:38.0293 0x2010 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
17:41:38.0326 0x2010 fastfat - ok
17:41:38.0342 0x2010 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe
17:41:38.0389 0x2010 Fax - ok
17:41:38.0404 0x2010 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
17:41:38.0420 0x2010 fdc - ok
17:41:38.0420 0x2010 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll
17:41:38.0451 0x2010 fdPHost - ok
17:41:38.0467 0x2010 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll
17:41:38.0498 0x2010 FDResPub - ok
17:41:38.0498 0x2010 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll
17:41:38.0529 0x2010 fhsvc - ok
17:41:38.0529 0x2010 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
17:41:38.0560 0x2010 FileInfo - ok
17:41:38.0560 0x2010 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
17:41:38.0592 0x2010 Filetrace - ok
17:41:38.0592 0x2010 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
17:41:38.0623 0x2010 flpydisk - ok
17:41:38.0639 0x2010 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:41:38.0670 0x2010 FltMgr - ok
17:41:38.0701 0x2010 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll
17:41:38.0764 0x2010 FontCache - ok
17:41:38.0779 0x2010 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:41:38.0795 0x2010 FontCache3.0.0.0 - ok
17:41:38.0810 0x2010 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
17:41:38.0826 0x2010 FsDepends - ok
17:41:38.0826 0x2010 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:41:38.0842 0x2010 Fs_Rec - ok
17:41:38.0873 0x2010 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:41:38.0904 0x2010 fvevol - ok
17:41:38.0920 0x2010 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
17:41:38.0935 0x2010 FxPPM - ok
17:41:38.0951 0x2010 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
17:41:38.0967 0x2010 gagp30kx - ok
17:41:38.0982 0x2010 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
17:41:38.0998 0x2010 gencounter - ok
17:41:39.0014 0x2010 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:41:39.0029 0x2010 GPIOClx0101 - ok
17:41:39.0060 0x2010 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
17:41:39.0139 0x2010 gpsvc - ok
17:41:39.0154 0x2010 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:41:39.0170 0x2010 gupdate - ok
17:41:39.0170 0x2010 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:41:39.0201 0x2010 gupdatem - ok
17:41:39.0217 0x2010 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
17:41:39.0248 0x2010 HdAudAddService - ok
17:41:39.0264 0x2010 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
17:41:39.0279 0x2010 HDAudBus - ok
17:41:39.0295 0x2010 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
17:41:39.0310 0x2010 HidBatt - ok
17:41:39.0326 0x2010 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
17:41:39.0342 0x2010 HidBth - ok
17:41:39.0357 0x2010 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
17:41:39.0373 0x2010 hidi2c - ok
17:41:39.0373 0x2010 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
17:41:39.0404 0x2010 HidIr - ok
17:41:39.0404 0x2010 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll
17:41:39.0435 0x2010 hidserv - ok
17:41:39.0435 0x2010 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
17:41:39.0467 0x2010 HidUsb - ok
17:41:39.0467 0x2010 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
17:41:39.0498 0x2010 hkmsvc - ok
17:41:39.0514 0x2010 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:41:39.0545 0x2010 HomeGroupListener - ok
17:41:39.0560 0x2010 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:41:39.0607 0x2010 HomeGroupProvider - ok
17:41:39.0623 0x2010 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
17:41:39.0639 0x2010 HpSAMD - ok
17:41:39.0670 0x2010 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
17:41:39.0717 0x2010 HTTP - ok
17:41:39.0732 0x2010 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
17:41:39.0748 0x2010 hwpolicy - ok
17:41:39.0748 0x2010 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
17:41:39.0779 0x2010 hyperkbd - ok
17:41:39.0779 0x2010 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:41:39.0810 0x2010 HyperVideo - ok
17:41:39.0810 0x2010 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
17:41:39.0842 0x2010 i8042prt - ok
17:41:39.0842 0x2010 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:41:39.0857 0x2010 iaLPSSi_GPIO - ok
17:41:39.0873 0x2010 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:41:39.0889 0x2010 iaLPSSi_I2C - ok
17:41:39.0904 0x2010 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
17:41:39.0951 0x2010 iaStorAV - ok
17:41:39.0967 0x2010 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
17:41:39.0998 0x2010 iaStorV - ok
17:41:39.0998 0x2010 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:41:40.0029 0x2010 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:41:42.0514 0x2010 Detect skipped due to KSN trusted
17:41:42.0514 0x2010 IDriverT - ok
17:41:42.0514 0x2010 IEEtwCollectorService - ok
17:41:42.0560 0x2010 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
17:41:42.0623 0x2010 IKEEXT - ok
17:41:42.0639 0x2010 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
17:41:42.0654 0x2010 intelide - ok
17:41:42.0670 0x2010 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
17:41:42.0685 0x2010 intelpep - ok
17:41:42.0701 0x2010 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
17:41:42.0717 0x2010 intelppm - ok
17:41:42.0732 0x2010 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:41:42.0748 0x2010 IpFilterDriver - ok
17:41:42.0779 0x2010 [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
17:41:42.0843 0x2010 iphlpsvc - ok
17:41:42.0874 0x2010 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:41:42.0921 0x2010 IPMIDRV - ok
17:41:42.0937 0x2010 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
17:41:42.0968 0x2010 IPNAT - ok
17:41:42.0984 0x2010 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
17:41:42.0999 0x2010 IRENUM - ok
17:41:42.0999 0x2010 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
17:41:43.0031 0x2010 isapnp - ok
17:41:43.0046 0x2010 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
17:41:43.0078 0x2010 iScsiPrt - ok
17:41:43.0078 0x2010 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
17:41:43.0093 0x2010 kbdclass - ok
17:41:43.0109 0x2010 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
17:41:43.0124 0x2010 kbdhid - ok
17:41:43.0124 0x2010 [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys
17:41:43.0156 0x2010 kbldfltr - ok
17:41:43.0156 0x2010 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:41:43.0171 0x2010 kdnic - ok
17:41:43.0187 0x2010 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe
17:41:43.0203 0x2010 KeyIso - ok
17:41:43.0218 0x2010 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
17:41:43.0234 0x2010 KSecDD - ok
17:41:43.0249 0x2010 [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:41:43.0281 0x2010 KSecPkg - ok
17:41:43.0281 0x2010 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
17:41:43.0296 0x2010 ksthunk - ok
17:41:43.0312 0x2010 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
17:41:43.0359 0x2010 KtmRm - ok
17:41:43.0374 0x2010 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
17:41:43.0406 0x2010 LanmanServer - ok
17:41:43.0421 0x2010 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:41:43.0453 0x2010 LanmanWorkstation - ok
17:41:43.0468 0x2010 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
17:41:43.0499 0x2010 lfsvc - ok
17:41:43.0515 0x2010 [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:41:43.0531 0x2010 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
17:41:46.0002 0x2010 Detect skipped due to KSN trusted
17:41:46.0002 0x2010 LightScribeService - ok
17:41:46.0017 0x2010 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:41:46.0049 0x2010 lltdio - ok
17:41:46.0064 0x2010 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
17:41:46.0111 0x2010 lltdsvc - ok
17:41:46.0111 0x2010 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
17:41:46.0127 0x2010 lmhosts - ok
17:41:46.0142 0x2010 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
17:41:46.0174 0x2010 LSI_SAS - ok
17:41:46.0174 0x2010 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:41:46.0205 0x2010 LSI_SAS2 - ok
17:41:46.0205 0x2010 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
17:41:46.0221 0x2010 LSI_SAS3 - ok
17:41:46.0236 0x2010 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
17:41:46.0252 0x2010 LSI_SSS - ok
17:41:46.0283 0x2010 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll
17:41:46.0330 0x2010 LSM - ok
17:41:46.0330 0x2010 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
17:41:46.0361 0x2010 luafv - ok
17:41:46.0377 0x2010 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
17:41:46.0392 0x2010 megasas - ok
17:41:46.0408 0x2010 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
17:41:46.0455 0x2010 megasr - ok
17:41:46.0455 0x2010 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll
17:41:46.0486 0x2010 MMCSS - ok
17:41:46.0486 0x2010 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
17:41:46.0517 0x2010 Modem - ok
17:41:46.0517 0x2010 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
17:41:46.0549 0x2010 monitor - ok
17:41:46.0549 0x2010 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
17:41:46.0564 0x2010 mouclass - ok
17:41:46.0580 0x2010 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
17:41:46.0595 0x2010 mouhid - ok
17:41:46.0611 0x2010 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
17:41:46.0627 0x2010 mountmgr - ok
17:41:46.0642 0x2010 [ A08662124B1510709C4514E7333E27D8, 4ECF5200484A0412F1B9EEBA10D3E01F6610FA33C99140EB8F329CFDF812FD3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:41:46.0658 0x2010 MozillaMaintenance - ok
17:41:46.0674 0x2010 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
17:41:46.0689 0x2010 mpsdrv - ok
17:41:46.0720 0x2010 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
17:41:46.0767 0x2010 MpsSvc - ok
17:41:46.0783 0x2010 [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
17:41:46.0814 0x2010 MRxDAV - ok
17:41:46.0830 0x2010 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:41:46.0861 0x2010 mrxsmb - ok
17:41:46.0877 0x2010 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:41:46.0908 0x2010 mrxsmb10 - ok
17:41:46.0924 0x2010 [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:41:46.0955 0x2010 mrxsmb20 - ok
17:41:46.0955 0x2010 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
17:41:46.0986 0x2010 MsBridge - ok
17:41:46.0986 0x2010 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
17:41:47.0017 0x2010 MSDTC - ok
17:41:47.0033 0x2010 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:41:47.0064 0x2010 Msfs - ok
17:41:47.0064 0x2010 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:41:47.0080 0x2010 msgpiowin32 - ok
17:41:47.0096 0x2010 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:41:47.0111 0x2010 mshidkmdf - ok
17:41:47.0127 0x2010 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
17:41:47.0142 0x2010 mshidumdf - ok
17:41:47.0142 0x2010 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
17:41:47.0174 0x2010 msisadrv - ok
17:41:47.0174 0x2010 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
17:41:47.0205 0x2010 MSiSCSI - ok
17:41:47.0205 0x2010 msiserver - ok
17:41:47.0221 0x2010 [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
17:41:47.0236 0x2010 MsKeyboardFilter - ok
17:41:47.0252 0x2010 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:41:47.0267 0x2010 MSKSSRV - ok
17:41:47.0283 0x2010 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:41:47.0299 0x2010 MsLldp - ok
17:41:47.0314 0x2010 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:41:47.0330 0x2010 MSPCLOCK - ok
17:41:47.0330 0x2010 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:41:47.0361 0x2010 MSPQM - ok
17:41:47.0377 0x2010 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
17:41:47.0408 0x2010 MsRPC - ok
17:41:47.0408 0x2010 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
17:41:47.0439 0x2010 mssmbios - ok
17:41:47.0439 0x2010 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:41:47.0455 0x2010 MSTEE - ok
17:41:47.0470 0x2010 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
17:41:47.0486 0x2010 MTConfig - ok
17:41:47.0502 0x2010 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
17:41:47.0517 0x2010 Mup - ok
17:41:47.0533 0x2010 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
17:41:47.0549 0x2010 mvumis - ok
17:41:47.0564 0x2010 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll
17:41:47.0611 0x2010 napagent - ok
17:41:47.0627 0x2010 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:41:47.0658 0x2010 NativeWifiP - ok
17:41:47.0674 0x2010 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
17:41:47.0705 0x2010 NcaSvc - ok
17:41:47.0705 0x2010 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll
17:41:47.0736 0x2010 NcbService - ok
17:41:47.0752 0x2010 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
17:41:47.0783 0x2010 NcdAutoSetup - ok
17:41:47.0814 0x2010 [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
17:41:47.0877 0x2010 NDIS - ok
17:41:47.0877 0x2010 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:41:47.0908 0x2010 NdisCap - ok
17:41:47.0908 0x2010 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:41:47.0939 0x2010 NdisImPlatform - ok
17:41:47.0955 0x2010 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:41:47.0986 0x2010 NdisTapi - ok
17:41:47.0986 0x2010 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:41:48.0017 0x2010 Ndisuio - ok
17:41:48.0017 0x2010 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:41:48.0049 0x2010 NdisVirtualBus - ok
17:41:48.0049 0x2010 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:41:48.0082 0x2010 NdisWan - ok
17:41:48.0097 0x2010 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:41:48.0128 0x2010 NdisWanLegacy - ok
17:41:48.0128 0x2010 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:41:48.0160 0x2010 NDProxy - ok
17:41:48.0160 0x2010 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
17:41:48.0191 0x2010 Ndu - ok
17:41:48.0191 0x2010 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:41:48.0222 0x2010 NetBIOS - ok
17:41:48.0238 0x2010 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:41:48.0269 0x2010 NetBT - ok
17:41:48.0269 0x2010 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:41:48.0300 0x2010 Netlogon - ok
17:41:48.0300 0x2010 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll
17:41:48.0347 0x2010 Netman - ok
17:41:48.0363 0x2010 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
17:41:48.0410 0x2010 netprofm - ok
17:41:48.0425 0x2010 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:41:48.0457 0x2010 NetTcpPortSharing - ok
17:41:48.0457 0x2010 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
17:41:48.0488 0x2010 netvsc - ok
17:41:48.0503 0x2010 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
17:41:48.0535 0x2010 NlaSvc - ok
17:41:48.0550 0x2010 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:41:48.0566 0x2010 Npfs - ok
17:41:48.0582 0x2010 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
17:41:48.0597 0x2010 npsvctrig - ok
17:41:48.0613 0x2010 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll
17:41:48.0628 0x2010 nsi - ok
17:41:48.0644 0x2010 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
17:41:48.0660 0x2010 nsiproxy - ok
17:41:48.0707 0x2010 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:41:48.0800 0x2010 Ntfs - ok
17:41:48.0816 0x2010 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
17:41:48.0832 0x2010 Null - ok
17:41:48.0847 0x2010 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
17:41:48.0863 0x2010 nvraid - ok
17:41:48.0878 0x2010 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
17:41:48.0894 0x2010 nvstor - ok
17:41:48.0910 0x2010 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
17:41:48.0925 0x2010 nv_agp - ok
17:41:48.0941 0x2010 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
17:41:48.0988 0x2010 p2pimsvc - ok
17:41:49.0003 0x2010 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
17:41:49.0035 0x2010 p2psvc - ok
17:41:49.0050 0x2010 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
17:41:49.0066 0x2010 Parport - ok
17:41:49.0082 0x2010 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
17:41:49.0097 0x2010 partmgr - ok
17:41:49.0113 0x2010 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
17:41:49.0160 0x2010 PcaSvc - ok
17:41:49.0175 0x2010 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
17:41:49.0207 0x2010 pci - ok
17:41:49.0207 0x2010 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
17:41:49.0222 0x2010 pciide - ok
17:41:49.0238 0x2010 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
17:41:49.0253 0x2010 pcmcia - ok
17:41:49.0269 0x2010 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
17:41:49.0285 0x2010 pcw - ok
17:41:49.0285 0x2010 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
17:41:49.0316 0x2010 pdc - ok
17:41:49.0332 0x2010 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
17:41:49.0378 0x2010 PEAUTH - ok
17:41:49.0425 0x2010 [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
17:41:49.0519 0x2010 PeerDistSvc - ok
17:41:49.0550 0x2010 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
17:41:49.0582 0x2010 PerfHost - ok
17:41:49.0628 0x2010 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll
17:41:49.0707 0x2010 pla - ok
17:41:49.0707 0x2010 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
17:41:49.0738 0x2010 PlugPlay - ok
17:41:49.0738 0x2010 PnkBstrA - ok
17:41:49.0753 0x2010 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
17:41:49.0769 0x2010 PNRPAutoReg - ok
17:41:49.0785 0x2010 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
17:41:49.0832 0x2010 PNRPsvc - ok
17:41:49.0847 0x2010 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
17:41:49.0878 0x2010 PolicyAgent - ok
17:41:49.0894 0x2010 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll
17:41:49.0910 0x2010 Power - ok
17:41:49.0988 0x2010 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:41:50.0097 0x2010 PrintNotify - ok
17:41:50.0113 0x2010 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
17:41:50.0128 0x2010 Processor - ok
17:41:50.0144 0x2010 [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
17:41:50.0175 0x2010 ProfSvc - ok
17:41:50.0191 0x2010 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
17:41:50.0222 0x2010 Psched - ok
17:41:50.0238 0x2010 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll
17:41:50.0269 0x2010 QWAVE - ok
17:41:50.0269 0x2010 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
17:41:50.0300 0x2010 QWAVEdrv - ok
17:41:50.0300 0x2010 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:41:50.0332 0x2010 RasAcd - ok
17:41:50.0332 0x2010 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:41:50.0363 0x2010 RasAuto - ok
17:41:50.0378 0x2010 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:41:50.0425 0x2010 RasMan - ok
17:41:50.0441 0x2010 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:41:50.0457 0x2010 RasPppoe - ok
17:41:50.0472 0x2010 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:41:50.0519 0x2010 rdbss - ok
17:41:50.0519 0x2010 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
17:41:50.0550 0x2010 rdpbus - ok
17:41:50.0566 0x2010 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
17:41:50.0582 0x2010 RDPDR - ok
17:41:50.0597 0x2010 [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:41:50.0613 0x2010 RdpVideoMiniport - ok
17:41:50.0628 0x2010 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
17:41:50.0660 0x2010 rdyboost - ok
17:41:50.0675 0x2010 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
17:41:50.0738 0x2010 ReFS - ok
17:41:50.0753 0x2010 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:41:50.0785 0x2010 RemoteAccess - ok
17:41:50.0800 0x2010 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:41:50.0832 0x2010 RemoteRegistry - ok
17:41:50.0847 0x2010 [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
17:41:50.0863 0x2010 RFCOMM - ok
17:41:50.0878 0x2010 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
17:41:50.0910 0x2010 RpcEptMapper - ok
17:41:50.0910 0x2010 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe
17:41:50.0941 0x2010 RpcLocator - ok
17:41:50.0957 0x2010 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:41:51.0003 0x2010 RpcSs - ok
17:41:51.0019 0x2010 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:41:51.0035 0x2010 rspndr - ok
17:41:51.0066 0x2010 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
17:41:51.0097 0x2010 RTL8168 - ok
17:41:51.0113 0x2010 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
17:41:51.0128 0x2010 s3cap - ok
17:41:51.0128 0x2010 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe
17:41:51.0160 0x2010 SamSs - ok
17:41:51.0175 0x2010 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
17:41:51.0191 0x2010 sbp2port - ok
17:41:51.0207 0x2010 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
17:41:51.0238 0x2010 SCardSvr - ok
17:41:51.0238 0x2010 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
17:41:51.0269 0x2010 ScDeviceEnum - ok
17:41:51.0285 0x2010 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:41:51.0300 0x2010 scfilter - ok
17:41:51.0332 0x2010 [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:41:51.0410 0x2010 Schedule - ok
17:41:51.0410 0x2010 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
17:41:51.0441 0x2010 SCPolicySvc - ok
17:41:51.0457 0x2010 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
17:41:51.0488 0x2010 sdbus - ok
17:41:51.0503 0x2010 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
17:41:51.0519 0x2010 sdstor - ok
17:41:51.0519 0x2010 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
17:41:51.0550 0x2010 secdrv - ok
17:41:51.0550 0x2010 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll
17:41:51.0582 0x2010 seclogon - ok
17:41:51.0582 0x2010 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll
17:41:51.0613 0x2010 SENS - ok
17:41:51.0628 0x2010 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsSimulatorDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:41:51.0660 0x2010 SensorsSimulatorDriver - ok
17:41:51.0676 0x2010 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
17:41:51.0707 0x2010 SensrSvc - ok
17:41:51.0707 0x2010 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
17:41:51.0738 0x2010 SerCx - ok
17:41:51.0738 0x2010 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
17:41:51.0769 0x2010 SerCx2 - ok
17:41:51.0769 0x2010 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
17:41:51.0785 0x2010 Serenum - ok
17:41:51.0800 0x2010 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
17:41:51.0832 0x2010 Serial - ok
17:41:51.0832 0x2010 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
17:41:51.0847 0x2010 sermouse - ok
17:41:51.0878 0x2010 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
17:41:51.0910 0x2010 SessionEnv - ok
17:41:51.0910 0x2010 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
17:41:51.0941 0x2010 sfloppy - ok
17:41:51.0957 0x2010 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:41:51.0988 0x2010 SharedAccess - ok
17:41:52.0003 0x2010 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:41:52.0066 0x2010 ShellHWDetection - ok
17:41:52.0066 0x2010 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:41:52.0097 0x2010 SiSRaid2 - ok
17:41:52.0097 0x2010 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
17:41:52.0113 0x2010 SiSRaid4 - ok
17:41:52.0128 0x2010 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll
17:41:52.0144 0x2010 smphost - ok
17:41:52.0160 0x2010 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
17:41:52.0191 0x2010 SNMPTRAP - ok
17:41:52.0207 0x2010 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
17:41:52.0238 0x2010 spaceport - ok
17:41:52.0253 0x2010 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
17:41:52.0269 0x2010 SpbCx - ok
17:41:52.0285 0x2010 [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\WINDOWS\System32\spoolsv.exe
17:41:52.0347 0x2010 Spooler - ok
17:41:52.0472 0x2010 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
17:41:52.0692 0x2010 sppsvc - ok
17:41:52.0723 0x2010 [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:41:52.0739 0x2010 SQLWriter - ok
17:41:52.0755 0x2010 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:41:52.0786 0x2010 srv - ok
17:41:52.0817 0x2010 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
17:41:52.0864 0x2010 srv2 - ok
17:41:52.0864 0x2010 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:41:52.0895 0x2010 srvnet - ok
17:41:52.0911 0x2010 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:41:52.0942 0x2010 SSDPSRV - ok
17:41:52.0958 0x2010 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
17:41:52.0989 0x2010 SstpSvc - ok
17:41:53.0005 0x2010 [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:41:53.0052 0x2010 Steam Client Service - ok
17:41:53.0067 0x2010 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
17:41:53.0083 0x2010 stexstor - ok
17:41:53.0098 0x2010 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll
17:41:53.0161 0x2010 stisvc - ok
17:41:53.0161 0x2010 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
17:41:53.0192 0x2010 storahci - ok
17:41:53.0192 0x2010 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
17:41:53.0224 0x2010 storflt - ok
17:41:53.0224 0x2010 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
17:41:53.0239 0x2010 stornvme - ok
17:41:53.0255 0x2010 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll
17:41:53.0270 0x2010 StorSvc - ok
17:41:53.0302 0x2010 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
17:41:53.0333 0x2010 storvsc - ok
17:41:53.0364 0x2010 [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
17:41:53.0380 0x2010 storvsp - ok
17:41:53.0395 0x2010 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll
17:41:53.0411 0x2010 svsvc - ok
17:41:53.0427 0x2010 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
17:41:53.0442 0x2010 swenum - ok
17:41:53.0473 0x2010 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll
17:41:53.0520 0x2010 swprv - ok
17:41:53.0552 0x2010 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll
17:41:53.0614 0x2010 SysMain - ok
17:41:53.0630 0x2010 [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:41:53.0661 0x2010 SystemEventsBroker - ok
17:41:53.0677 0x2010 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:41:53.0692 0x2010 TabletInputService - ok
17:41:53.0708 0x2010 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:41:53.0739 0x2010 TapiSrv - ok
17:41:53.0802 0x2010 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
17:41:53.0911 0x2010 Tcpip - ok
17:41:53.0973 0x2010 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:41:54.0083 0x2010 TCPIP6 - ok
17:41:54.0098 0x2010 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
17:41:54.0114 0x2010 tcpipreg - ok
17:41:54.0146 0x2010 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
17:41:54.0177 0x2010 tdx - ok
17:41:54.0193 0x2010 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
17:41:54.0208 0x2010 terminpt - ok
17:41:54.0239 0x2010 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll
17:41:54.0286 0x2010 TermService - ok
17:41:54.0302 0x2010 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll
17:41:54.0333 0x2010 Themes - ok
17:41:54.0364 0x2010 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
17:41:54.0395 0x2010 THREADORDER - ok
17:41:54.0411 0x2010 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
17:41:54.0442 0x2010 TimeBroker - ok
17:41:54.0458 0x2010 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
17:41:54.0474 0x2010 TPM - ok
17:41:54.0489 0x2010 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll
17:41:54.0520 0x2010 TrkWks - ok
17:41:54.0520 0x2010 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:41:54.0552 0x2010 TrustedInstaller - ok
17:41:54.0552 0x2010 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
17:41:54.0583 0x2010 TsUsbFlt - ok
17:41:54.0583 0x2010 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:41:54.0598 0x2010 TsUsbGD - ok
17:41:54.0614 0x2010 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:41:54.0645 0x2010 tunnel - ok
17:41:54.0645 0x2010 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
17:41:54.0677 0x2010 uagp35 - ok
17:41:54.0677 0x2010 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
17:41:54.0692 0x2010 UASPStor - ok
17:41:54.0708 0x2010 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
17:41:54.0739 0x2010 UCX01000 - ok
17:41:54.0755 0x2010 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
17:41:54.0786 0x2010 udfs - ok
17:41:54.0786 0x2010 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
17:41:54.0817 0x2010 UEFI - ok
17:41:54.0817 0x2010 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
17:41:54.0849 0x2010 UI0Detect - ok
17:41:54.0864 0x2010 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
17:41:54.0880 0x2010 uliagpkx - ok
17:41:54.0880 0x2010 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
17:41:54.0911 0x2010 umbus - ok
17:41:54.0911 0x2010 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
17:41:54.0942 0x2010 UmPass - ok
17:41:54.0942 0x2010 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
17:41:54.0989 0x2010 UmRdpService - ok
17:41:55.0005 0x2010 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:41:55.0036 0x2010 upnphost - ok
17:41:55.0052 0x2010 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
17:41:55.0067 0x2010 usbaudio - ok
17:41:55.0083 0x2010 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
17:41:55.0098 0x2010 usbccgp - ok
17:41:55.0114 0x2010 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
17:41:55.0145 0x2010 usbcir - ok
17:41:55.0145 0x2010 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
17:41:55.0177 0x2010 usbehci - ok
17:41:55.0192 0x2010 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
17:41:55.0224 0x2010 usbhub - ok
17:41:55.0239 0x2010 [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
17:41:55.0270 0x2010 USBHUB3 - ok
17:41:55.0286 0x2010 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
17:41:55.0302 0x2010 usbohci - ok
17:41:55.0317 0x2010 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
17:41:55.0364 0x2010 usbprint - ok
17:41:55.0380 0x2010 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:41:55.0395 0x2010 USBSTOR - ok
17:41:55.0411 0x2010 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
17:41:55.0427 0x2010 usbuhci - ok
17:41:55.0442 0x2010 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:41:55.0474 0x2010 USBXHCI - ok
17:41:55.0474 0x2010 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
17:41:55.0505 0x2010 VaultSvc - ok
17:41:55.0521 0x2010 [ 1352B215BDC5807A5641E7C143796DD7, B54F95307253BB81E4CEE4F2033782210652364DE6A1E833B27ECE7E04A2BD51 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
17:41:55.0536 0x2010 VBoxAswDrv - ok
17:41:55.0552 0x2010 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
17:41:55.0567 0x2010 vdrvroot - ok
17:41:55.0599 0x2010 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe
17:41:55.0677 0x2010 vds - ok
17:41:55.0677 0x2010 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
17:41:55.0708 0x2010 VerifierExt - ok
17:41:55.0724 0x2010 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
17:41:55.0770 0x2010 vhdmp - ok
17:41:55.0770 0x2010 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
17:41:55.0802 0x2010 viaide - ok
17:41:55.0802 0x2010 [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\WINDOWS\System32\drivers\Vid.sys
17:41:55.0833 0x2010 Vid - ok
17:41:55.0849 0x2010 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
17:41:55.0864 0x2010 vmbus - ok
17:41:55.0880 0x2010 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
17:41:55.0895 0x2010 VMBusHID - ok
17:41:55.0911 0x2010 [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
17:41:55.0927 0x2010 vmbusr - ok
17:41:55.0958 0x2010 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
17:41:55.0989 0x2010 vmicguestinterface - ok
17:41:56.0005 0x2010 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
17:41:56.0052 0x2010 vmicheartbeat - ok
17:41:56.0067 0x2010 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:41:56.0114 0x2010 vmickvpexchange - ok
17:41:56.0130 0x2010 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
17:41:56.0177 0x2010 vmicrdv - ok
17:41:56.0192 0x2010 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
17:41:56.0239 0x2010 vmicshutdown - ok
17:41:56.0255 0x2010 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
17:41:56.0286 0x2010 vmictimesync - ok
17:41:56.0302 0x2010 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
17:41:56.0349 0x2010 vmicvss - ok
17:41:56.0364 0x2010 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
17:41:56.0380 0x2010 volmgr - ok
17:41:56.0396 0x2010 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
17:41:56.0427 0x2010 volmgrx - ok
17:41:56.0443 0x2010 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
17:41:56.0474 0x2010 volsnap - ok
17:41:56.0474 0x2010 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
17:41:56.0505 0x2010 vpci - ok
17:41:56.0505 0x2010 [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
17:41:56.0536 0x2010 vpcivsp - ok
17:41:56.0536 0x2010 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
17:41:56.0567 0x2010 vsmraid - ok
17:41:56.0599 0x2010 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe
17:41:56.0677 0x2010 VSS - ok
17:41:56.0692 0x2010 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
17:41:56.0724 0x2010 VSTXRAID - ok
17:41:56.0739 0x2010 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
17:41:56.0755 0x2010 vwifibus - ok
17:41:56.0755 0x2010 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:41:56.0786 0x2010 vwififlt - ok
17:41:56.0786 0x2010 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:41:56.0817 0x2010 vwifimp - ok
17:41:56.0833 0x2010 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll
17:41:56.0880 0x2010 W32Time - ok
17:41:56.0880 0x2010 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
17:41:56.0895 0x2010 WacomPen - ok
17:41:56.0942 0x2010 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe
17:41:57.0005 0x2010 wbengine - ok
17:41:57.0036 0x2010 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
17:41:57.0067 0x2010 WbioSrvc - ok
17:41:57.0085 0x2010 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
17:41:57.0116 0x2010 Wcmsvc - ok
17:41:57.0131 0x2010 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
17:41:57.0178 0x2010 wcncsvc - ok
17:41:57.0178 0x2010 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:41:57.0210 0x2010 WcsPlugInService - ok
17:41:57.0210 0x2010 [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
17:41:57.0241 0x2010 WdBoot - ok
17:41:57.0256 0x2010 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
17:41:57.0303 0x2010 Wdf01000 - ok
17:41:57.0319 0x2010 [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
17:41:57.0350 0x2010 WdFilter - ok
17:41:57.0366 0x2010 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
17:41:57.0397 0x2010 WdiServiceHost - ok
17:41:57.0397 0x2010 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
17:41:57.0428 0x2010 WdiSystemHost - ok
17:41:57.0444 0x2010 [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:41:57.0460 0x2010 WdNisDrv - ok
17:41:57.0460 0x2010 WdNisSvc - ok
17:41:57.0475 0x2010 [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\WINDOWS\System32\webclnt.dll
17:41:57.0506 0x2010 WebClient - ok
17:41:57.0522 0x2010 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
17:41:57.0553 0x2010 Wecsvc - ok
17:41:57.0553 0x2010 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
17:41:57.0585 0x2010 WEPHOSTSVC - ok
17:41:57.0585 0x2010 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
17:41:57.0616 0x2010 wercplsupport - ok
17:41:57.0631 0x2010 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
17:41:57.0647 0x2010 WerSvc - ok
17:41:57.0663 0x2010 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:41:57.0694 0x2010 WFPLWFS - ok
17:41:57.0694 0x2010 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
17:41:57.0725 0x2010 WiaRpc - ok
17:41:57.0725 0x2010 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
17:41:57.0757 0x2010 WIMMount - ok
17:41:57.0757 0x2010 WinDefend - ok
17:41:57.0788 0x2010 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:41:57.0835 0x2010 WinHttpAutoProxySvc - ok
17:41:57.0850 0x2010 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:41:57.0881 0x2010 Winmgmt - ok
17:41:57.0928 0x2010 [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
17:41:58.0038 0x2010 WinRM - ok
17:41:58.0053 0x2010 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
17:41:58.0069 0x2010 WinUsb - ok
17:41:58.0116 0x2010 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
17:41:58.0194 0x2010 WlanSvc - ok
17:41:58.0225 0x2010 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
17:41:58.0303 0x2010 wlidsvc - ok
17:41:58.0319 0x2010 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
17:41:58.0335 0x2010 WmiAcpi - ok
17:41:58.0350 0x2010 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:41:58.0381 0x2010 wmiApSrv - ok
17:41:58.0381 0x2010 WMPNetworkSvc - ok
17:41:58.0397 0x2010 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
17:41:58.0413 0x2010 Wof - ok
17:41:58.0475 0x2010 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
17:41:58.0553 0x2010 workfolderssvc - ok
17:41:58.0553 0x2010 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:41:58.0585 0x2010 wpcfltr - ok
17:41:58.0585 0x2010 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
17:41:58.0616 0x2010 WPCSvc - ok
17:41:58.0616 0x2010 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
17:41:58.0647 0x2010 WPDBusEnum - ok
17:41:58.0647 0x2010 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:41:58.0663 0x2010 WpdUpFltr - ok
17:41:58.0678 0x2010 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:41:58.0694 0x2010 ws2ifsl - ok
17:41:58.0710 0x2010 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll
17:41:58.0741 0x2010 wscsvc - ok
17:41:58.0741 0x2010 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
17:41:58.0772 0x2010 WSDPrintDevice - ok
17:41:58.0772 0x2010 [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
17:41:58.0803 0x2010 WSDScan - ok
17:41:58.0803 0x2010 WSearch - ok
17:41:58.0881 0x2010 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll
17:41:59.0006 0x2010 WSService - ok
17:41:59.0100 0x2010 [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
17:41:59.0225 0x2010 wuauserv - ok
17:41:59.0225 0x2010 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
17:41:59.0256 0x2010 WudfPf - ok
17:41:59.0272 0x2010 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
17:41:59.0288 0x2010 WUDFRd - ok
17:41:59.0303 0x2010 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:41:59.0335 0x2010 WUDFSensorLP - ok
17:41:59.0335 0x2010 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
17:41:59.0366 0x2010 wudfsvc - ok
17:41:59.0381 0x2010 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:41:59.0413 0x2010 WUDFWpdFs - ok
17:41:59.0413 0x2010 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:41:59.0444 0x2010 WUDFWpdMtp - ok
17:41:59.0460 0x2010 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
17:41:59.0506 0x2010 WwanSvc - ok
17:41:59.0522 0x2010 ================ Scan global ===============================
17:41:59.0522 0x2010 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
17:41:59.0538 0x2010 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
17:41:59.0553 0x2010 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
17:41:59.0569 0x2010 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
17:41:59.0585 0x2010 [ Global ] - ok
17:41:59.0585 0x2010 ================ Scan MBR ==================================
17:41:59.0600 0x2010 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:41:59.0960 0x2010 \Device\Harddisk0\DR0 - ok
17:41:59.0975 0x2010 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:42:00.0038 0x2010 \Device\Harddisk1\DR1 - ok
17:42:00.0038 0x2010 ================ Scan VBR ==================================
17:42:00.0053 0x2010 [ A2B154A71F09BBCE3423656CBEB3CC0F ] \Device\Harddisk0\DR0\Partition1
17:42:00.0069 0x2010 \Device\Harddisk0\DR0\Partition1 - ok
17:42:00.0085 0x2010 [ E795DBF7D462066C1322F4D7A6635A8C ] \Device\Harddisk0\DR0\Partition2
17:42:00.0085 0x2010 \Device\Harddisk0\DR0\Partition2 - ok
17:42:00.0085 0x2010 [ 9DCCBFC281732C91A5DB54E30672E9F4 ] \Device\Harddisk1\DR1\Partition1
17:42:00.0100 0x2010 \Device\Harddisk1\DR1\Partition1 - ok
17:42:00.0100 0x2010 ================ Scan generic autorun ======================
17:42:00.0131 0x2010 [ D0B1DA5382433AFBF52DE8815298EB0C, A326D01783359CCA1054210D82F17533638A9769A7A08C2BD0621DE016909359 ] D:\Programm(x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE
17:42:00.0163 0x2010 RoccatIsku - detected UnsignedFile.Multi.Generic ( 1 )
17:42:07.0907 0x2010 RoccatIsku ( UnsignedFile.Multi.Generic ) - warning
17:42:10.0345 0x2010 [ 036224DB76C7D4808D6AB76D542077A5, 4465619103D24CD364911537FEADAFBDB902C604AE8EA9CA60F5D9AFC74C46DB ] D:\Programm(x86)\ROCCAT\Kone Pure\KonePureMonitor.EXE
17:42:10.0407 0x2010 RoccatKonePure - detected UnsignedFile.Multi.Generic ( 1 )
17:42:16.0435 0x2010 RoccatKonePure ( UnsignedFile.Multi.Generic ) - warning
17:42:18.0939 0x2010 [ 312C7978F0A42DB0475CE31D884DCE88, 53DBEF2473F39754BB1BC352DB9A32607FD3A2E2DC5E7AA6AE821CABEC00CCD1 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
17:42:19.0142 0x2010 AvastUI.exe - ok
17:42:19.0158 0x2010 [ 14D6542607ACD4B2D1DDB1A36E0D8813, 3A270600549E8E7988D5AF3486C0F504269B9573393D87BF87BDB2287BF007B2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:42:19.0173 0x2010 SunJavaUpdateSched - ok
17:42:19.0267 0x2010 [ 2199723879C9F75A709680E2935C052F, DDD5B5CC86463284D9137372CB8541D1258AC020EA811F1AD3735809F314B086 ] D:\Program Files (x86)\PDF24\pdf24.exe
17:42:19.0314 0x2010 PDFPrint - ok
17:42:19.0392 0x2010 [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] D:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
17:42:19.0439 0x2010 StartCCC - ok
17:42:19.0455 0x2010 [ 1E74755254CCD44A4CC61E73E14BBA4E, 0A5B5A289E3AD75A8C2DF763026C2590DF5A2D966CC1346AB17AE960142119EA ] C:\PROGRA~2\Raptr\raptrstub.exe
17:42:19.0486 0x2010 Raptr - ok
17:42:19.0502 0x2010 [ 5F3587E344F2990B59C941FB405CAA0F, FECEC63F515EF66FAD84FF589E95B931574CA1F6BDFC9D6E016B0604AFF18498 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
17:42:19.0564 0x2010 GoogleChromeAutoLaunch_6EC6A5E07D40E919B614D70E465AAA4A - ok
17:42:19.0595 0x2010 [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Maximilian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
17:42:19.0673 0x2010 Spotify Web Helper - ok
17:42:19.0720 0x2010 [ 9A0ABBB44CBDF1F35D9657E9BF141898, B5D7822EE77998EBA4A4F08998B387BC8BE835C6668615F88C9910FFFD96A421 ] D:\Programme\puush\puush.exe
17:42:19.0783 0x2010 puush - ok
17:42:19.0845 0x2010 [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
17:42:19.0939 0x2010 LightScribe Control Panel - ok
17:42:19.0939 0x2010 Waiting for KSN requests completion. In queue: 9
17:42:20.0954 0x2010 Waiting for KSN requests completion. In queue: 9
17:42:21.0957 0x2010 Waiting for KSN requests completion. In queue: 9
17:42:22.0988 0x2010 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
17:42:22.0988 0x2010 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
17:42:22.0988 0x2010 Win FW state via NFP2: enabled
17:42:25.0383 0x2010 ============================================================
17:42:25.0383 0x2010 Scan finished
17:42:25.0383 0x2010 ============================================================
17:42:25.0399 0x0ae0 Detected object count: 2
17:42:25.0399 0x0ae0 Actual detected object count: 2
17:42:48.0502 0x0ae0 RoccatIsku ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:48.0502 0x0ae0 RoccatIsku ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:48.0502 0x0ae0 RoccatKonePure ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:48.0502 0x0ae0 RoccatKonePure ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:42:59.0642 0x11cc Deinitialize success
Auch noch erwähnenswert: Ich hab die heruntergeladene .scr-Datei NICHT ausgeführt. |
|
07.01.2015, 18:21
| #4 | |
| /// the machine /// TB-Ausbilder | Windows 8: .scr-Datei Download per Link über SteamZitat:
Trotzdem, sicher is sicher, nen Onlinescan muss sein: ESET Online Scanner
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.01.2015, 19:14
| #5 |
| | Windows 8: .scr-Datei Download per Link über Steam Hallo schrauber, bis jetzt (50%) werden mir 2 Befunde angezeigt, soll ich den ESET-Scanner zum Ende des Scans trotzdem deinstallieren oder für spätere weitere Überprüfungen installiert lassen? (Gefunden wurde unter anderem eine Form des "Aug-Trojaner" ) |
|
07.01.2015, 20:03
| #6 |
| /// the machine /// TB-Ausbilder | Windows 8: .scr-Datei Download per Link über Steam Lass ihn drauf und fertig scannen, dann das Log erstmal posten
__________________ --> Windows 8: .scr-Datei Download per Link über Steam |
|
07.01.2015, 22:17
| #7 |
| | Windows 8: .scr-Datei Download per Link über Steam Log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=f86a36a190d73f4492ae68362abe6abf
# engine=21854
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-07 06:56:04
# local_time=2015-01-07 07:56:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 95 1558640 13487339 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4070994 10961283 0 0
# scanned=399033
# found=2
# cleaned=0
# scan_time=5338
sh=083EDC2AEE0A34402A96AE11BB2D3A1555302683 ft=1 fh=62a71d1c95327e80 vn="Variante von Win32/WinloadSDA.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Maximilian\Downloads\Far-Cry-3-Demo-lnstall.exe"
sh=78CC277EA98B19D5B6716103F74666D8CDD7D618 ft=1 fh=dce1984da0a9b847 vn="Variante von MSIL/Kryptik.AUG Trojaner" ac=I fn="C:\Users\Maximilian\Downloads\Screenshot_071.scr"
|
|
08.01.2015, 07:57
| #8 |
| /// the machine /// TB-Ausbilder | Windows 8: .scr-Datei Download per Link über Steam Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Maximilian\Downloads\Screenshot_071.scr
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.01.2015, 14:16
| #9 |
| | Windows 8: .scr-Datei Download per Link über Steam Hi schrauber, habe deine oben genannten Schritte ausgeführt, alle funktionierten ohne Probleme Hier noch der Log: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by Maximilian at 2015-01-08 14:14:44 Run:1
Running from C:\Users\Maximilian\Desktop
Loaded Profile: Maximilian (Available profiles: Maximilian)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Users\Maximilian\Downloads\Screenshot_071.scr
*****************
C:\Users\Maximilian\Downloads\Screenshot_071.scr => Moved successfully.
==== End of Fixlog 14:14:44 ====
|
|
08.01.2015, 17:10
| #10 |
| /// the machine /// TB-Ausbilder | Windows 8: .scr-Datei Download per Link über Steam Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.01.2015, 17:28
| #11 |
| | Windows 8: .scr-Datei Download per Link über Steam hey schrauber, das ging ja Superfix! Danke für die tolle und kompetente Hilfe Eine Frage habe ich allerdings noch, ist dir bekannt ob es eine Möglichkeit gibt, die automatischen Downloads in Chrome auszuschalten, bzw. ob es dafür ein Add-On für Chrome gibt? Falls du keine Antwort hast, ist's auch nicht schlimm, kannst den Thread dann aus deinen Abos löschen Mfg maxi078 |
|
08.01.2015, 18:54
| #12 |
| /// the machine /// TB-Ausbilder | Windows 8: .scr-Datei Download per Link über Steam Öhm, keine Ahnung
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 8: .scr-Datei Download per Link über Steam |
| .dll, administrator, adobe, adware, antivirus, avast, browser, computer, defender, dvdvideosoft ltd., euro, explorer, google, installation, mozilla, refresh, registry, scan, scr-datei, security, server, services.exe, software, svchost.exe, system, teredo, uplay, ups, windows, windows 8, windowsapps, winlogon.exe |
Linear-Darstellung
