| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Habe img_72938.scr geschickt bekommen...Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.01.2015, 19:38
| #1 |
| |  Habe img_72938.scr geschickt bekommen... Guten Tag, Hab vorhin um ca. 15:00 eine Datei Namens img_72938.scr über Steam geschickt bekommen, von einem Freund. Ich lud mir die Datei runter und freute mich auf das Bild wie im Link darauf zu schließen war (Im Link stand am ende .png). Als ich die Datei öffnete war sie weg und ich habe automatisch alle meine Steam Freunde mit diesem Link informiert. Ich habe ihnen schnell geschrieben das sie den nicht aufmachen sollen, und mich dann mit einem meiner Freunde darüber unterhalten. Er meint ich sollte mein Virensuchprogramm (Avast free!) durchlaufen lassen und zusätzlich noch ein Programm Namens Malware Bytes. Beide fanden nichts... Später dann tauchte die Datei urplötzlich auf meinem Desktop auf  Ich habe dann die Datei von Virustotal prüfen lassen (Die Website) dieser gab mir diese Meldung:https://www.virustotal.com/de/file/a13858f23b629315a90c21a95a22986fdf7c0a2103a5aa63521e4de7b9690e50/analysis/1421431994/ Da anscheinend nichts passiert ist, packte ich die Datei mit WinRAR und löschte die originale, das WinRAR packet liegt jetzt hier rum :/ Später erfuhr ich das die Datei wohl ein STeam passwort steahler ist Es würde wenig sinn machen mein Passwort zu ändern da das neue ja dann auch gesteahlt würde... Würde mich sehr über hilfe freuen =) Gruß, Der neue, Phalzu  |
|
16.01.2015, 19:41
| #2 |
| /// the machine /// TB-Ausbilder    |  Habe img_72938.scr geschickt bekommen... hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
16.01.2015, 19:47
| #3 |
| | Danke und hier ;D Wie gesagt Danke ;D
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by Phalzu (administrator) on PHALZU-PC on 16-01-2015 19:45:02
Running from C:\Users\Phalzu\Desktop
Loaded Profiles: Phalzu (Available profiles: Phalzu)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Akamai Technologies, Inc.) C:\Users\Phalzu\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Phalzu\AppData\Local\Akamai\netsession_win.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.232\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.16\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.125\deploy\LolClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13213840 2012-10-26] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-10] (AVAST Software)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1962080147-266859368-1111816681-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-1962080147-266859368-1111816681-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Phalzu\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1962080147-266859368-1111816681-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-01-05] (Glarysoft Ltd)
HKU\S-1-5-21-1962080147-266859368-1111816681-1000\...\Run: [Viber] => C:\Users\Phalzu\AppData\Local\Viber\Viber.exe [936656 2014-07-24] ()
HKU\S-1-5-21-1962080147-266859368-1111816681-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1962080147-266859368-1111816681-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1962080147-266859368-1111816681-1000\...\MountPoints2: {577cdc45-f401-11e3-a5bc-74d43570ebe3} - E:\Autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-05] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * BootDefrag.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1962080147-266859368-1111816681-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1962080147-266859368-1111816681-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Phalzu\AppData\Roaming\Mozilla\Firefox\Profiles\fjay9dam.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-1962080147-266859368-1111816681-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Adblock Plus - C:\Users\Phalzu\AppData\Roaming\Mozilla\Firefox\Profiles\fjay9dam.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-31]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-30]
FF HKU\S-1-5-21-1962080147-266859368-1111816681-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-27]
CHR Extension: (Google Drive) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-05]
CHR Extension: (Adblock for Youtube™) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2014-12-25]
CHR Extension: (Google-Suche) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-05]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-10-30]
CHR Extension: (AdBlock) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-25]
CHR Extension: (Avast Online Security) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-05]
CHR Extension: (Pokemon ORAS) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbjbhhcfmeomoglbopjdpnjabfeapndi [2014-11-24]
CHR Extension: (FVD Downloader) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-07-12]
CHR Extension: (Until AM for Chrome) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofl [2014-11-29]
CHR Extension: (Google Wallet) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-05]
CHR Extension: (Adblock Pro) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2014-12-25]
CHR Extension: (Mein Chrome-Design) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-11-24]
CHR Extension: (Google Mail) - C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-19] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-08-22] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-08-22] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-08-22] (BlueStack Systems, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-06-07] ()
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2014-11-04] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [57512 2012-09-24] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-19] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-19] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-19] ()
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-11-24] (Glarysoft Ltd)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-08-22] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-06] (Disc Soft Ltd)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-12-12] (Glarysoft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-11-18] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 wolfkr; C:\AeriaGames\WolfTeam-DE\avital\wolfk64.sys [86352 2014-07-04] ()
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-16 19:45 - 2015-01-16 19:45 - 00024050 _____ () C:\Users\Phalzu\Desktop\FRST.txt
2015-01-16 19:44 - 2015-01-16 19:45 - 00000000 ____D () C:\FRST
2015-01-16 19:44 - 2015-01-16 19:44 - 02125312 _____ (Farbar) C:\Users\Phalzu\Desktop\FRST64.exe
2015-01-16 19:43 - 2015-01-16 19:43 - 00000000 ____D () C:\Program Files (x86)\GEGEN VIREN
2015-01-16 16:26 - 2015-01-16 16:26 - 00084821 _____ () C:\Users\Phalzu\Desktop\img_72938.rar
2015-01-16 16:08 - 2015-01-16 16:08 - 00000056 _____ () C:\Windows\setupact.log
2015-01-16 16:08 - 2015-01-16 16:08 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-16 14:09 - 2015-01-16 16:18 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-16 14:09 - 2015-01-16 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-01-16 14:09 - 2015-01-16 14:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-16 14:09 - 2015-01-16 14:09 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-01-16 14:09 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-16 14:09 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-16 14:09 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-16 13:17 - 2015-01-16 13:17 - 00003296 ____N () C:\bootsqm.dat
2015-01-15 14:51 - 2015-01-15 15:22 - 00002355 _____ () C:\Users\Phalzu\Desktop\Kurzfassung Neuerungen.txt
2015-01-14 18:15 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 18:15 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 18:15 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 18:15 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 18:15 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 18:15 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 18:15 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 18:15 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 18:15 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 18:15 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 18:15 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 18:15 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 18:15 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-12 17:01 - 2015-01-12 17:35 - 00001044 _____ () C:\Users\Phalzu\Desktop\Hilferuf.txt
2015-01-11 03:04 - 2015-01-11 20:02 - 00000000 ____D () C:\Users\Phalzu\Documents\RPGXP
2015-01-11 03:01 - 2015-01-11 03:01 - 00001754 _____ () C:\Users\Phalzu\Desktop\RPG Maker XP.lnk
2015-01-11 03:00 - 2015-01-13 17:29 - 00001890 ___SH () C:\Windows\SysWOW64\KGyGaAvL.sys
2015-01-11 03:00 - 2015-01-11 03:02 - 00000056 __RSH () C:\Windows\SysWOW64\A464A8AC76.sys
2015-01-11 03:00 - 2015-01-11 03:00 - 00003242 _____ () C:\Windows\System32\Tasks\{6DEA9DF1-1E28-4F81-BBEC-75072B3C3F19}
2015-01-11 02:49 - 2015-01-11 02:49 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-11 02:47 - 2015-01-11 02:47 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-01-09 16:02 - 2015-01-09 16:02 - 00000000 ____D () C:\Users\Phalzu\Documents\Klei
2015-01-08 18:49 - 2015-01-08 18:49 - 00001330 _____ () C:\Users\Phalzu\Desktop\Dont Starve.lnk
2015-01-08 16:45 - 2015-01-08 16:47 - 00000000 ____D () C:\Program Files (x86)\The Binding of Isaac - Rebirth
2015-01-08 02:21 - 2015-01-08 02:31 - 00000000 ____D () C:\Program Files (x86)\Don't Starve Together v.122454 Beta
2015-01-02 19:51 - 2015-01-05 16:23 - 00000000 ____D () C:\Users\Phalzu\Desktop\server
2015-01-01 06:13 - 2015-01-01 06:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-01 01:18 - 2015-01-01 01:18 - 00000000 ____D () C:\Users\Phalzu\Documents\Visual Studio 2010
2014-12-31 22:40 - 2014-12-31 22:40 - 00000000 ____D () C:\Users\Phalzu\AppData\Local\Ubisoft
2014-12-31 22:18 - 2014-12-31 22:18 - 00000222 _____ () C:\Users\Phalzu\Desktop\Might & Magic Duel of Champions.url
2014-12-27 19:26 - 2014-12-27 19:26 - 00008303 _____ () C:\Users\Phalzu\Desktop\Gaming.xspf
2014-12-27 18:26 - 2014-12-27 18:26 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\.mono
2014-12-27 18:26 - 2014-12-27 18:26 - 00000000 ____D () C:\ProgramData\.mono
2014-12-27 18:25 - 2014-12-27 18:25 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\Pokémon Trading Card Game Online
2014-12-27 18:25 - 2014-12-27 18:25 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
2014-12-27 16:34 - 2014-12-27 16:34 - 00000016 _____ () C:\Users\Phalzu\Desktop\Neues Textdokument.txt
2014-12-24 15:43 - 2014-12-24 15:43 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 19:35 - 2014-12-23 19:36 - 00002802 _____ () C:\Users\Phalzu\Desktop\Minecraft.lnk
2014-12-23 19:32 - 2015-01-09 16:40 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\.minecraft
2014-12-23 19:29 - 2014-12-23 19:29 - 00003142 _____ () C:\Windows\System32\Tasks\{C1897245-5A4B-4316-899D-CF343795CDDF}
2014-12-23 19:27 - 2014-12-23 19:27 - 00000000 ____D () C:\Program Files (x86)\UserMonitor
2014-12-21 22:54 - 2014-12-22 03:46 - 00000000 ____D () C:\FFOutput
2014-12-21 21:20 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-21 21:17 - 2014-12-18 03:01 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-21 21:17 - 2014-12-18 03:01 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 16040184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-21 21:17 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 02897824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-21 21:17 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-20 17:49 - 2015-01-10 15:46 - 00000000 ____D () C:\Users\Phalzu\AppData\Local\LogMeIn Hamachi
2014-12-20 17:48 - 2014-12-20 17:48 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-12-20 17:48 - 2014-12-20 17:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-20 17:48 - 2014-12-20 17:48 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-20 17:42 - 2014-12-21 16:13 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
2014-12-20 17:41 - 2014-12-20 17:41 - 00002014 _____ () C:\Users\Public\Desktop\Aufstieg des Hexenkönigs™.lnk
2014-12-20 17:25 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-20 17:25 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-20 17:23 - 2014-12-20 17:23 - 00000000 ____D () C:\Users\Phalzu\AppData\Local\Macromedia
2014-12-20 14:28 - 2014-12-20 14:28 - 00000000 ____D () C:\Users\Phalzu\Desktop\Cracks und Patches
2014-12-20 13:40 - 2015-01-07 16:07 - 00001174 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-12-20 13:39 - 2014-12-20 13:39 - 00000756 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-12-20 13:38 - 2014-12-20 13:38 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-12-20 01:01 - 2014-12-20 13:57 - 00000000 ____D () C:\Users\Phalzu\Desktop\DEAMON Tools Images
2014-12-18 18:35 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 18:35 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-18 17:21 - 2014-12-18 17:21 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\RotMG.Production
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-16 19:39 - 2014-06-13 21:47 - 00000000 ____D () C:\Users\Phalzu\AppData\Local\JDownloader v2.0
2015-01-16 19:26 - 2014-06-06 15:17 - 02056377 _____ () C:\Windows\WindowsUpdate.log
2015-01-16 19:17 - 2014-10-10 13:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-16 18:54 - 2014-06-05 15:26 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-16 18:03 - 2014-06-06 14:58 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\vlc
2015-01-16 18:02 - 2014-06-06 14:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-16 18:02 - 2014-06-06 14:02 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\Skype
2015-01-16 13:57 - 2009-07-14 05:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-16 13:57 - 2009-07-14 05:45 - 00020480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-16 13:52 - 2014-12-12 12:42 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2015-01-16 13:49 - 2014-12-12 12:42 - 00000336 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-01-16 13:49 - 2014-08-10 21:19 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\ViberPC
2015-01-16 13:49 - 2014-08-10 21:17 - 00000000 ____D () C:\Users\Phalzu\AppData\Local\Viber
2015-01-16 13:48 - 2014-06-14 19:59 - 00000000 ____D () C:\Users\Phalzu\AppData\Local\Adobe
2015-01-16 13:47 - 2014-06-05 20:40 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-16 13:46 - 2014-06-05 15:26 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-16 13:45 - 2014-12-12 18:58 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\DiskDefrag
2015-01-16 13:45 - 2014-06-07 13:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-16 13:45 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 19:11 - 2014-06-06 14:05 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\TS3Client
2015-01-15 14:24 - 2014-12-13 16:55 - 00113272 _____ () C:\Users\Phalzu\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-14 21:38 - 2014-06-05 15:29 - 01629268 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-14 21:38 - 2014-06-05 15:27 - 01629268 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-14 21:38 - 2009-07-14 18:58 - 00716474 _____ () C:\Windows\system32\perfh007.dat
2015-01-14 21:38 - 2009-07-14 18:58 - 00155116 _____ () C:\Windows\system32\perfc007.dat
2015-01-14 21:34 - 2014-06-05 17:57 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 21:28 - 2009-10-14 06:12 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 18:17 - 2014-10-10 13:10 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 18:17 - 2014-10-10 13:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-14 18:17 - 2014-10-10 13:10 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-13 21:52 - 2014-10-21 13:47 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-01-13 17:09 - 2014-12-13 17:58 - 05110280 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-12 17:03 - 2014-12-12 13:27 - 00000416 _____ () C:\Windows\Tasks\GlaryOneClickOptimizer 5.job
2015-01-11 20:26 - 2014-06-05 19:47 - 00000000 ____D () C:\Users\Phalzu\Desktop\Bilder
2015-01-11 00:49 - 2014-06-10 15:50 - 00000000 ____D () C:\Users\Phalzu\Desktop\Rohaufnahmen
2015-01-10 15:34 - 2014-06-25 17:30 - 00000000 ____D () C:\Users\Phalzu\AppData\Local\PasswordSafe
2015-01-07 16:09 - 2014-06-25 17:30 - 00000000 ____D () C:\Users\Phalzu\Documents\My Safes
2015-01-07 16:07 - 2014-06-25 17:29 - 00001030 _____ () C:\Users\Phalzu\Desktop\Password Safe.lnk
2015-01-07 16:06 - 2014-07-06 01:07 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\Notepad++
2015-01-07 16:00 - 2014-12-12 12:42 - 00002976 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2015-01-07 16:00 - 2014-12-12 12:42 - 00002636 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2015-01-07 16:00 - 2014-12-12 12:42 - 00001092 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-01-06 04:36 - 2009-10-14 06:13 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 16:15 - 2014-06-13 21:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-03 19:22 - 2014-10-15 08:07 - 00000000 ____D () C:\Users\Phalzu\Desktop\teamspeak3-server_win64
2015-01-03 19:16 - 2014-12-13 13:45 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-12-31 23:18 - 2014-06-07 18:35 - 00000000 ____D () C:\Users\Phalzu\Desktop\Spiele
2014-12-31 22:40 - 2014-06-17 13:06 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-31 22:15 - 2014-10-11 22:23 - 00000000 ____D () C:\Users\Phalzu\AppData\Local\Battle.net
2014-12-31 18:01 - 2014-10-11 22:23 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\Battle.net
2014-12-30 20:17 - 2014-06-05 20:46 - 00000000 ___RD () C:\Users\Phalzu\Dropbox
2014-12-30 20:17 - 2014-06-05 20:42 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\Dropbox
2014-12-30 17:00 - 2014-10-16 08:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-30 17:00 - 2014-06-06 14:02 - 00000000 ____D () C:\ProgramData\Skype
2014-12-29 17:04 - 2014-08-02 13:22 - 00000000 ____D () C:\Windows\Minidump
2014-12-28 20:24 - 2014-10-31 19:57 - 00006104 _____ () C:\Windows\system32\RaCoInst.log
2014-12-27 16:49 - 2014-10-11 22:25 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-12-27 16:47 - 2014-10-11 22:23 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-26 16:56 - 2014-11-06 14:43 - 00000000 ____D () C:\Users\Phalzu\Desktop\Musik
2014-12-25 01:26 - 2011-03-07 12:10 - 00000000 ____D () C:\Program Files\JDownloader
2014-12-24 18:50 - 2014-06-10 16:00 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\Audacity
2014-12-23 19:31 - 2014-06-06 14:51 - 00000000 ____D () C:\Program Files\Minecraft
2014-12-21 23:29 - 2014-07-31 16:04 - 00000000 ____D () C:\Ph Private
2014-12-21 21:21 - 2014-06-07 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-21 19:00 - 2014-11-12 19:03 - 00001161 _____ () C:\Users\Phalzu\Desktop\The Binding of Isaac - Rebirth.lnk
2014-12-21 18:59 - 2014-06-05 20:32 - 00000000 ____D () C:\Users\Phalzu\Desktop\uTorrent
2014-12-21 18:32 - 2014-06-10 19:35 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\uTorrent
2014-12-20 23:33 - 2014-06-05 15:26 - 00000000 ____D () C:\Users\Phalzu\AppData\Local\Google
2014-12-20 17:40 - 2014-06-07 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-12-20 17:37 - 2014-06-07 17:01 - 00000000 ____D () C:\Program Files\Electronic Arts
2014-12-20 17:36 - 2014-06-06 17:40 - 00000000 ____D () C:\Users\Phalzu\AppData\Roaming\DAEMON Tools Lite
2014-12-20 17:26 - 2014-06-05 16:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-20 17:24 - 2014-06-06 13:50 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-20 17:23 - 2014-06-13 21:32 - 00000000 ____D () C:\Users\Phalzu\AppData\Local\Mozilla
2014-12-20 14:08 - 2014-06-05 20:37 - 00000000 ____D () C:\Users\Phalzu\Desktop\Texte Phalzu
2014-12-20 13:39 - 2014-06-25 17:56 - 00000000 ____D () C:\Program Files\Speccy
2014-12-18 18:04 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-18 03:01 - 2014-06-07 13:01 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
Some content of TEMP:
====================
C:\Users\Phalzu\AppData\Local\Temp\proxy_vole6045306397109258824.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-04 15:31
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 01
Ran by Phalzu at 2015-01-16 19:45:41
Running from C:\Users\Phalzu\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.30 - GIGABYTE)
µTorrent (HKU\S-1-5-21-1962080147-266859368-1111816681-1000\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.)
3TB+Unlock B12.1102.1 (HKLM-x32\...\{17630FD1-B14A-4CA5-A627-B6B5F7DD41CF}) (Version: 1.00.0001 - GIGABYTE)
ActivePerl 5.16.3 Build 1604 (64-bit) (HKLM\...\{A7915697-1675-433D-AD07-759E8550582F}) (Version: 5.16.1604 - ActiveState)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{3EB745BA-194F-4475-9164-B20BB2172395}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Age of Mythology - The Titans Expansion (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: - )
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - )
Akamai NetSession Interface (HKU\S-1-5-21-1962080147-266859368-1111816681-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Aufstieg des Hexenkönigs™ (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version: - )
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Belkin Connect Wireless USB Adapter (HKLM-x32\...\InstallShield_{08B73C99-D071-488F-8861-5DDA897C510D}) (Version: 1.0.0.3 - Belkin)
Belkin Connect Wireless USB Adapter (x32 Version: 1.0.0.3 - Belkin) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.2.4061 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{DA32882F-5E7D-4A73-A503-6CFF16970655}) (Version: 0.9.2.4061 - BlueStack Systems, Inc.)
Bridge Building Game (HKLM-x32\...\Bridge Building Game) (Version: - )
Build and Shoot Launcher 1.2 (HKLM-x32\...\Build and Shoot Launcher) (Version: 1.2 - Buld Then Snip, LLC)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Core FTP LE (HKLM-x32\...\CoreFTP) (Version: - )
Core FTP Server(x64) (HKLM-x32\...\CoreFTPServer(x64)) (Version: - )
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Demolition Company (HKLM-x32\...\DemolitionCompanyDE_is1) (Version: - GIANTS Software)
Die Schlacht um Mittelerde(tm) (HKLM-x32\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version: - )
Die Schlacht um Mittelerde™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
DMIView Ver.1.5 B12.0314.1 (HKLM-x32\...\{3EE1008C-11A1-4F4F-8DB7-27573924DE78}) (Version: 1.5 - GIGABYTE)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dropbox (HKU\S-1-5-21-1962080147-266859368-1111816681-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Easy Tune 6 B13.0125.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B13.0125.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
FormatFactory 3.5.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.5.0.0 - Format Factory)
FotoSketcher 2.95 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version: - David THOIRON)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Glary Utilities PRO 5.16 (HKLM-x32\...\Glary Utilities 5) (Version: 5.16.0.29 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Growl for Windows (HKLM-x32\...\{33715F8B-0EA2-4AE5-B128-C5E467A63B76}) (Version: 2.0.7002 - Growl)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
HyperCam 3 (HKLM-x32\...\HyperCam 3 3.6.1403.19) (Version: 3.6.1403.19 - Solveig Multimedia)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Might & Magic: Duel of Champions (HKLM-x32\...\Steam App 256410) (Version: - Ubisoft Quebec)
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
MySQL Connector/ODBC 5.1 (HKLM-x32\...\{29042B1C-0713-4575-B7CA-5C8E7B0899D4}) (Version: 5.1.5 - MySQL AB)
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version: - )
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.8 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Palringo (HKLM-x32\...\Palringo) (Version: - Palringo Limited)
Password Safe (HKLM-x32\...\Password Safe) (Version: - )
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Pokémon Trading Card Game Online (HKLM-x32\...\{9AD6C3C3-C63C-4025-AC81-CCD60189E160}) (Version: 2.25.0 - The Pokémon Company International)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Q-Share Ver.1.2 (HKLM-x32\...\{F308B531-AB20-4A79-8F5E-83071FE5BE60}) (Version: 1.2 - GIGABYTE)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.31.3 - Ralink)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - Wild Shadow Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
Robocraft version 0.3.290 (HKU\S-1-5-21-1962080147-266859368-1111816681-1000\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.3.290 - Freejam)
Saints Row The Third (HKLM-x32\...\Saints Row The Third_is1) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shutdown Timer (HKLM\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Sims 3 - Nude Clothes Females (HKLM-x32\...\xSIMS_Nude_Clothes_Females) (Version: - )
Sims 3 - Nude Clothes Males (HKLM-x32\...\xSIMS_Nude_Clothes_Males) (Version: - )
Ski Challenge 15 (HKU\S-1-5-21-1962080147-266859368-1111816681-1000\...\sc15-GAMETWIST_MAIN) (Version: - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Recovery 2 B13.0131.1 (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0001 - GIGABYTE)
Speccy (HKLM\...\Speccy) (Version: 1.27 - Piriform)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars(TM): Knights of the Old Republic (TM) (HKLM-x32\...\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}) (Version: - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stormblade Launcher 1.1 (HKLM-x32\...\{D84EA2B7-F65E-43F3-9FB5-18B2162DBFA2}}_is1) (Version: - Stormblade.org)
Strawberry Perl (64-bit) (HKLM\...\{70919690-6C9B-1014-A8F1-1DC63567E6CE}) (Version: 5.18.2002 - strawberryperl.com project)
System Requirements Lab Detection (HKLM-x32\...\{D884F4AA-D8DA-46DA-A696-FF35257BA338}) (Version: 2.0.0.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Total Power Control (HKLM-x32\...\Total Power Control) (Version: - )
Tunngle Version Tunngle (HKLM-x32\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Viber (HKU\S-1-5-21-1962080147-266859368-1111816681-1000\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder Launcher 1.0.1.465 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WolfTeam-DE (HKLM-x32\...\WolfTeam-DE) (Version: - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 3.3.5.12340 - Blizzard Entertainment)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - )
Zuma's Revenge (HKLM-x32\...\Zuma's Revenge) (Version: - islandGirl)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1962080147-266859368-1111816681-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Phalzu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962080147-266859368-1111816681-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962080147-266859368-1111816681-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962080147-266859368-1111816681-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962080147-266859368-1111816681-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962080147-266859368-1111816681-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962080147-266859368-1111816681-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962080147-266859368-1111816681-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1962080147-266859368-1111816681-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
09-01-2015 20:53:27 Geplanter Prüfpunkt
10-01-2015 20:57:02 Installed RPGXP
10-01-2015 21:00:30 Installed RGSS-RTP Standard
11-01-2015 02:47:02 Removed RGSS-RTP Standard
11-01-2015 02:47:45 Removed RPGXP
11-01-2015 02:57:09 Installed RGSS-RTP Standard
11-01-2015 02:58:38 Removed RGSS-RTP Standard
11-01-2015 02:59:32 Installed RGSS-RTP Standard
13-01-2015 17:16:18 Windows Update
14-01-2015 21:28:06 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1998D4E6-5EC4-4457-B1D3-58611E516A18} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2014-11-14] ()
Task: {28E2640E-2C66-46BE-8E31-95EC6CE2F52D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {3E881820-10A4-4AE1-8B82-89018A373EFB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {45B29A04-B85A-4382-8818-806714BA7A64} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {4C79948C-AEA5-4BCA-A4B1-08272B703964} - System32\Tasks\{C1897245-5A4B-4316-899D-CF343795CDDF} => pcalua.exe -a C:\Users\Phalzu\Desktop\UserMonitor_Setup.exe -d C:\Users\Phalzu\Desktop
Task: {4FD371E4-B0EE-40DD-A3CC-9AAE40E7C7DC} - System32\Tasks\GlaryOneClickOptimizer 5 => C:\Program Files (x86)\Glary Utilities 5\OneClickMaintenance.exe [2015-01-05] (Glarysoft Ltd)
Task: {509234F1-34B6-4917-B40F-547D6FE0AF03} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-01-05] (Glarysoft Ltd)
Task: {59B8096F-2B57-4BE4-A2C5-68E7AA690DAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14] (Google Inc.)
Task: {68E2F7E0-9B76-4C87-B1A2-3A94DE17285E} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-01-05] (Glarysoft Ltd)
Task: {7FB7F35E-11B3-476F-A4DD-6BC506F5176E} - System32\Tasks\{8B1A9C74-CB44-456D-8F8F-0A11037D5A26} => pcalua.exe -a C:\Users\Phalzu\Desktop\UPDATE\assassins_creed_2_1.01_us.exe -d C:\Users\Phalzu\Desktop\UPDATE
Task: {8D7AC479-4BB3-4A5F-8A70-2CA2F70CCE6F} - System32\Tasks\{6DEA9DF1-1E28-4F81-BBEC-75072B3C3F19} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Enterbrain\RPGXP\RPGXP.exe" -d "C:\Program Files (x86)\Common Files\Enterbrain\RPGXP"
Task: {95CB47E9-8A74-4FC4-B0DA-EB0D47F2EBC5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-19] (AVAST Software)
Task: {A3DEDFE3-650D-4052-AF8C-717D3399C13E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14] (Google Inc.)
Task: {EAE66E50-4CD4-4FE4-A629-BF54D7B873D4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {EC790657-7EEF-4E88-B47A-0F5E4F8AB930} - System32\Tasks\{96FEA514-0591-4D65-9150-C6AAA3FB9205} => pcalua.exe -a D:\setup.exe -d D:\
Task: {ED5EF739-A8EF-4562-9D44-EC11CD712B80} - System32\Tasks\{077D00DC-F154-4DD3-A0E9-53968EDDC020} => pcalua.exe -a "C:\Program Files (x86)\EA GAMES\Need for Speed Most Wanted\eauninstall.exe" -d "C:\Program Files (x86)\EA GAMES\Need for Speed Most Wanted"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GlaryOneClickOptimizer 5.job => C:\Program Files (x86)\Glary Utilities 5\OneClickMaintenance.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-06-07 13:05 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-07 11:31 - 2014-06-07 11:58 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-06-05 15:41 - 2014-06-05 15:41 - 00008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2013-06-12 17:11 - 2014-06-07 08:21 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2014-06-07 08:22 - 2015-01-15 14:46 - 02436600 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.232\deploy\LoLLauncher.exe
2015-01-15 14:46 - 2015-01-15 14:46 - 04113400 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.16\deploy\LoLPatcher.exe
2014-06-07 08:45 - 2014-06-07 08:45 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.125\deploy\LolClient.exe
2015-01-15 14:20 - 2015-01-15 14:20 - 02910720 _____ () C:\Program Files\AVAST Software\Avast\defs\15011500\algo.dll
2015-01-16 13:49 - 2015-01-16 13:49 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011600\algo.dll
2014-11-19 12:42 - 2014-11-19 12:42 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-31 19:55 - 2013-09-23 16:48 - 01210672 _____ () C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll
2015-01-15 14:46 - 2015-01-15 14:46 - 01617400 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.16\deploy\RiotLauncher.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-06-07 08:44 - 2014-06-07 08:44 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.125\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2014-12-12 13:57 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 13:57 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 13:57 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 13:57 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Mount:$WIMMOUNTDATA
AlternateDataStreams: C:\Users\Phalzu\Cookies:r0YT49Cu3zBYXCtmrY
AlternateDataStreams: C:\Users\Phalzu\AppData\Local\Temp:0AOKPgRieP5FQjma0wfv1nWUi
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Phalzu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Phalzu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Password Safe.lnk => C:\Windows\pss\Password Safe.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Phalzu\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Viber => "C:\Users\Phalzu\AppData\Local\Viber\Viber.exe" StartMinimized
========================= Accounts: ==========================
Administrator (S-1-5-21-1962080147-266859368-1111816681-500 - Administrator - Disabled)
Gast (S-1-5-21-1962080147-266859368-1111816681-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1962080147-266859368-1111816681-1002 - Limited - Enabled)
Phalzu (S-1-5-21-1962080147-266859368-1111816681-1000 - Administrator - Enabled) => C:\Users\Phalzu
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/16/2015 02:21:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Integrator.exe, Version: 5.16.0.29, Zeitstempel: 0x54a9f89a
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161, Zeitstempel: 0x4dace5b9
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0006ccd5
ID des fehlerhaften Prozesses: 0x142c
Startzeit der fehlerhaften Anwendung: 0xIntegrator.exe0
Pfad der fehlerhaften Anwendung: Integrator.exe1
Pfad des fehlerhaften Moduls: Integrator.exe2
Berichtskennung: Integrator.exe3
Error: (01/16/2015 01:47:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/16/2015 01:45:48 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (01/16/2015 01:45:48 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (01/16/2015 01:45:48 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (01/16/2015 01:18:56 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/15/2015 02:20:34 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/14/2015 06:06:12 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/13/2015 09:55:36 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/13/2015 05:09:28 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
System errors:
=============
Error: (01/16/2015 01:47:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (01/16/2015 01:47:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (01/16/2015 01:18:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (01/16/2015 01:18:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (01/15/2015 02:20:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (01/15/2015 02:20:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (01/15/2015 02:20:20 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde nicht richtig gestartet.
Error: (01/14/2015 06:06:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (01/14/2015 06:03:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (01/14/2015 06:03:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde nicht richtig gestartet.
Microsoft Office Sessions:
=========================
Error: (01/16/2015 02:21:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Integrator.exe5.16.0.2954a9f89aMSVCR90.dll9.0.30729.61614dace5b9c00004170006ccd5142c01d0318ad8c38ce7C:\Program Files (x86)\Glary Utilities 5\Integrator.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll8dff4462-9d82-11e4-9aa8-74d43570ebe3
Error: (01/16/2015 01:47:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/16/2015 01:45:48 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (01/16/2015 01:45:48 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (01/16/2015 01:45:48 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (01/16/2015 01:18:56 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/15/2015 02:20:34 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/14/2015 06:06:12 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/13/2015 09:55:36 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (01/13/2015 05:09:28 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
==================== Memory info ===========================
Processor: AMD FX(tm)-4300 Quad-Core Processor
Percentage of memory in use: 43%
Total physical RAM: 8189.55 MB
Available physical RAM: 4595.63 MB
Total Pagefile: 16377.29 MB
Available Pagefile: 12666.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:74.39 GB) NTFS
Drive f: () (Removable) (Total:7.41 GB) (Free:7.41 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 23E074BA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7.4 GB) (Disk ID: 6E652072)
No partition Table on disk 1.
==================== End Of Log ============================
|
|
16.01.2015, 19:49
| #4 |
| /// the machine /// TB-Ausbilder | Habe img_72938.scr geschickt bekommen... hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.01.2015, 20:13
| #5 |
| | Re 2 Hier die erneut gewünschten Codes: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org
Database version: v2015.01.16.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Phalzu :: PHALZU-PC [administrator]
16.01.2015 19:54:01
mbar-log-2015-01-16 (19-54-01).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 350049
Time elapsed: 13 minute(s), 41 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 20:11:05.0212 0x1c54 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
20:11:07.0704 0x1c54 ============================================================
20:11:07.0705 0x1c54 Current date / time: 2015/01/16 20:11:07.0704
20:11:07.0705 0x1c54 SystemInfo:
20:11:07.0705 0x1c54
20:11:07.0705 0x1c54 OS Version: 6.1.7601 ServicePack: 1.0
20:11:07.0705 0x1c54 Product type: Workstation
20:11:07.0705 0x1c54 ComputerName: PHALZU-PC
20:11:07.0705 0x1c54 UserName: Phalzu
20:11:07.0705 0x1c54 Windows directory: C:\Windows
20:11:07.0705 0x1c54 System windows directory: C:\Windows
20:11:07.0705 0x1c54 Running under WOW64
20:11:07.0705 0x1c54 Processor architecture: Intel x64
20:11:07.0705 0x1c54 Number of processors: 4
20:11:07.0705 0x1c54 Page size: 0x1000
20:11:07.0705 0x1c54 Boot type: Normal boot
20:11:07.0705 0x1c54 ============================================================
20:11:11.0545 0x1c54 KLMD registered as C:\Windows\system32\drivers\64161858.sys
20:11:12.0051 0x1c54 System UUID: {09C9570A-1A02-E6CA-74C3-151B0D654624}
20:11:13.0097 0x1c54 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
20:11:13.0102 0x1c54 Drive \Device\Harddisk1\DR1 - Size: 0x1DB000000 ( 7.42 Gb ), SectorSize: 0x200, Cylinders: 0x3C8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:11:13.0105 0x1c54 ============================================================
20:11:13.0105 0x1c54 \Device\Harddisk0\DR0:
20:11:13.0105 0x1c54 MBR partitions:
20:11:13.0105 0x1c54 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:11:13.0105 0x1c54 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
20:11:13.0105 0x1c54 \Device\Harddisk1\DR1:
20:11:13.0106 0x1c54 MBR partitions:
20:11:13.0106 0x1c54 ============================================================
20:11:13.0134 0x1c54 C: <-> \Device\Harddisk0\DR0\Partition2
20:11:13.0135 0x1c54 ============================================================
20:11:13.0135 0x1c54 Initialize success
20:11:13.0135 0x1c54 ============================================================
20:11:21.0265 0x10bc ============================================================
20:11:21.0265 0x10bc Scan started
20:11:21.0265 0x10bc Mode: Manual;
20:11:21.0265 0x10bc ============================================================
20:11:21.0265 0x10bc KSN ping started
20:11:48.0316 0x10bc KSN ping finished: true
20:11:49.0364 0x10bc ================ Scan system memory ========================
20:11:49.0364 0x10bc System memory - ok
20:11:49.0364 0x10bc ================ Scan services =============================
20:11:49.0515 0x10bc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:11:49.0520 0x10bc 1394ohci - ok
20:11:49.0592 0x10bc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:11:49.0599 0x10bc ACPI - ok
20:11:49.0648 0x10bc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:11:49.0649 0x10bc AcpiPmi - ok
20:11:49.0864 0x10bc [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:11:49.0866 0x10bc AdobeARMservice - ok
20:11:50.0022 0x10bc [ CB1719E3EA00A0C114A8AD2655F43754, B38D21C4A7A83904CADEBA96A56AA5D1807C412A8E0BEFC889DF20D02941E570 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:11:50.0028 0x10bc AdobeFlashPlayerUpdateSvc - ok
20:11:50.0114 0x10bc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:11:50.0125 0x10bc adp94xx - ok
20:11:50.0188 0x10bc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:11:50.0195 0x10bc adpahci - ok
20:11:50.0207 0x10bc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:11:50.0211 0x10bc adpu320 - ok
20:11:50.0235 0x10bc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:11:50.0237 0x10bc AeLookupSvc - ok
20:11:50.0309 0x10bc [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
20:11:50.0319 0x10bc AFD - ok
20:11:50.0342 0x10bc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:11:50.0344 0x10bc agp440 - ok
20:11:50.0360 0x10bc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:11:50.0362 0x10bc ALG - ok
20:11:50.0432 0x10bc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:11:50.0433 0x10bc aliide - ok
20:11:50.0436 0x10bc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:11:50.0437 0x10bc amdide - ok
20:11:50.0497 0x10bc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:11:50.0499 0x10bc AmdK8 - ok
20:11:50.0556 0x10bc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:11:50.0558 0x10bc AmdPPM - ok
20:11:50.0580 0x10bc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:11:50.0583 0x10bc amdsata - ok
20:11:50.0604 0x10bc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:11:50.0608 0x10bc amdsbs - ok
20:11:50.0630 0x10bc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:11:50.0631 0x10bc amdxata - ok
20:11:50.0763 0x10bc [ A2A2ADE3F62F9CE2BE657CFFAD7C0C18, 14D8E80EB335D202F9381421AED59A39D95C557430ABF692230DD92466C351F0 ] AODDriver4.2 C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys
20:11:50.0765 0x10bc AODDriver4.2 - ok
20:11:50.0841 0x10bc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
20:11:50.0842 0x10bc AppID - ok
20:11:50.0890 0x10bc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:11:50.0898 0x10bc AppIDSvc - ok
20:11:50.0922 0x10bc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
20:11:50.0924 0x10bc Appinfo - ok
20:11:50.0994 0x10bc [ E4D0F0D5EB374D8BACF40E30E9771D60, 56C4E820485D100DACD4EF076E0B2607274B236CCC45E0CCD527C737645A1ACB ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
20:11:50.0996 0x10bc AppleCharger - ok
20:11:51.0063 0x10bc [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
20:11:51.0064 0x10bc AppleChargerSrv - ok
20:11:51.0127 0x10bc [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
20:11:51.0132 0x10bc AppMgmt - ok
20:11:51.0196 0x10bc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:11:51.0199 0x10bc arc - ok
20:11:51.0216 0x10bc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:11:51.0218 0x10bc arcsas - ok
20:11:51.0326 0x10bc [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:11:51.0328 0x10bc aspnet_state - ok
20:11:51.0389 0x10bc [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
20:11:51.0390 0x10bc aswHwid - ok
20:11:51.0402 0x10bc [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:11:51.0404 0x10bc aswMonFlt - ok
20:11:51.0412 0x10bc [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
20:11:51.0414 0x10bc aswRdr - ok
20:11:51.0421 0x10bc [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
20:11:51.0423 0x10bc aswRvrt - ok
20:11:51.0506 0x10bc [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:11:51.0528 0x10bc aswSnx - ok
20:11:51.0553 0x10bc [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:11:51.0562 0x10bc aswSP - ok
20:11:51.0590 0x10bc [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm C:\Windows\system32\drivers\aswStm.sys
20:11:51.0593 0x10bc aswStm - ok
20:11:51.0607 0x10bc [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
20:11:51.0612 0x10bc aswVmm - ok
20:11:51.0670 0x10bc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:11:51.0671 0x10bc AsyncMac - ok
20:11:51.0686 0x10bc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:11:51.0687 0x10bc atapi - ok
20:11:51.0772 0x10bc [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:11:51.0787 0x10bc AudioEndpointBuilder - ok
20:11:51.0809 0x10bc [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:11:51.0821 0x10bc AudioSrv - ok
20:11:51.0917 0x10bc [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:11:51.0919 0x10bc avast! Antivirus - ok
20:11:52.0001 0x10bc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:11:52.0004 0x10bc AxInstSV - ok
20:11:52.0078 0x10bc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:11:52.0088 0x10bc b06bdrv - ok
20:11:52.0153 0x10bc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:11:52.0159 0x10bc b57nd60a - ok
20:11:52.0226 0x10bc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:11:52.0228 0x10bc BDESVC - ok
20:11:52.0233 0x10bc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:11:52.0233 0x10bc Beep - ok
20:11:52.0321 0x10bc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:11:52.0333 0x10bc BFE - ok
20:11:52.0365 0x10bc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:11:52.0384 0x10bc BITS - ok
20:11:52.0446 0x10bc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:11:52.0447 0x10bc blbdrive - ok
20:11:52.0545 0x10bc [ 369D7E0E01117A1A4A23C9C6A04EED06, 000793ECF7BF88A108A9FF623AF03508AD360854D08BD70DF32C22EBFE78E119 ] BootDefragDriver C:\Windows\system32\drivers\BootDefragDriver.sys
20:11:52.0546 0x10bc BootDefragDriver - ok
20:11:52.0622 0x10bc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:11:52.0624 0x10bc bowser - ok
20:11:52.0635 0x10bc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:11:52.0636 0x10bc BrFiltLo - ok
20:11:52.0639 0x10bc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:11:52.0640 0x10bc BrFiltUp - ok
20:11:52.0655 0x10bc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:11:52.0658 0x10bc Browser - ok
20:11:52.0667 0x10bc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:11:52.0674 0x10bc Brserid - ok
20:11:52.0678 0x10bc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:11:52.0680 0x10bc BrSerWdm - ok
20:11:52.0684 0x10bc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:11:52.0685 0x10bc BrUsbMdm - ok
20:11:52.0688 0x10bc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:11:52.0689 0x10bc BrUsbSer - ok
20:11:52.0833 0x10bc [ 08AA4F2C3E7868DD6E52ED3FA581C185, 2A3482784BD8981EE983D9B69C4A3C9EC180B5099B48A91E74DF7939002F208B ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
20:11:52.0842 0x10bc BstHdAndroidSvc - ok
20:11:52.0915 0x10bc [ 1244CCF9E9231A0B27D2612156C7B74C, 0FB40FB7CCBC4EE2323F86A16A4F74CFDC3F709A8826704BD57AD1C0DD48089F ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
20:11:52.0918 0x10bc BstHdDrv - ok
20:11:52.0933 0x10bc [ 79E66A993F851BA07054BE71A31CB2A1, 4AA01042987D127A58403C99716D2539FDFB5BA81EA9F2C2F26DF76ACF110151 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
20:11:52.0940 0x10bc BstHdLogRotatorSvc - ok
20:11:52.0968 0x10bc [ 57A82D078875E8740F53B87D8C3E6A70, EBD4FDAC649763FA938122DF31F2D6B8E083F0848A0769C126E5631D28E6107C ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
20:11:52.0981 0x10bc BstHdUpdaterSvc - ok
20:11:53.0000 0x10bc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:11:53.0002 0x10bc BTHMODEM - ok
20:11:53.0023 0x10bc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:11:53.0025 0x10bc bthserv - ok
20:11:53.0039 0x10bc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:11:53.0041 0x10bc cdfs - ok
20:11:53.0112 0x10bc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:11:53.0115 0x10bc cdrom - ok
20:11:53.0181 0x10bc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:11:53.0184 0x10bc CertPropSvc - ok
20:11:53.0257 0x10bc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:11:53.0259 0x10bc circlass - ok
20:11:53.0282 0x10bc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
20:11:53.0289 0x10bc CLFS - ok
20:11:53.0371 0x10bc [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:11:53.0373 0x10bc clr_optimization_v2.0.50727_32 - ok
20:11:53.0447 0x10bc [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:11:53.0450 0x10bc clr_optimization_v2.0.50727_64 - ok
20:11:53.0577 0x10bc [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:11:53.0580 0x10bc clr_optimization_v4.0.30319_32 - ok
20:11:53.0623 0x10bc [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:11:53.0627 0x10bc clr_optimization_v4.0.30319_64 - ok
20:11:53.0691 0x10bc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:11:53.0692 0x10bc CmBatt - ok
20:11:53.0707 0x10bc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:11:53.0708 0x10bc cmdide - ok
20:11:53.0783 0x10bc [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
20:11:53.0793 0x10bc CNG - ok
20:11:53.0851 0x10bc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:11:53.0852 0x10bc Compbatt - ok
20:11:53.0868 0x10bc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:11:53.0869 0x10bc CompositeBus - ok
20:11:53.0901 0x10bc COMSysApp - ok
20:11:53.0931 0x10bc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:11:53.0932 0x10bc crcdisk - ok
20:11:54.0005 0x10bc [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:11:54.0010 0x10bc CryptSvc - ok
20:11:54.0045 0x10bc [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
20:11:54.0056 0x10bc CSC - ok
20:11:54.0082 0x10bc [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
20:11:54.0097 0x10bc CscService - ok
20:11:54.0115 0x10bc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:11:54.0126 0x10bc DcomLaunch - ok
20:11:54.0156 0x10bc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:11:54.0163 0x10bc defragsvc - ok
20:11:54.0236 0x10bc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:11:54.0239 0x10bc DfsC - ok
20:11:54.0315 0x10bc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:11:54.0323 0x10bc Dhcp - ok
20:11:54.0345 0x10bc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:11:54.0346 0x10bc discache - ok
20:11:54.0405 0x10bc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:11:54.0407 0x10bc Disk - ok
20:11:54.0482 0x10bc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:11:54.0487 0x10bc Dnscache - ok
20:11:54.0509 0x10bc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:11:54.0515 0x10bc dot3svc - ok
20:11:54.0536 0x10bc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:11:54.0540 0x10bc DPS - ok
20:11:54.0604 0x10bc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:11:54.0605 0x10bc drmkaud - ok
20:11:54.0682 0x10bc [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:11:54.0688 0x10bc dtsoftbus01 - ok
20:11:54.0770 0x10bc [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:11:54.0791 0x10bc DXGKrnl - ok
20:11:54.0861 0x10bc [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD, 967829CE37158020F6026C588260FCFC6F9852DDDACD622FAF7AB75121DF5B3D ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
20:11:54.0864 0x10bc E1G60 - ok
20:11:54.0941 0x10bc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:11:54.0943 0x10bc EapHost - ok
20:11:55.0024 0x10bc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:11:55.0091 0x10bc ebdrv - ok
20:11:55.0166 0x10bc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
20:11:55.0168 0x10bc EFS - ok
20:11:55.0207 0x10bc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:11:55.0222 0x10bc ehRecvr - ok
20:11:55.0246 0x10bc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:11:55.0249 0x10bc ehSched - ok
20:11:55.0283 0x10bc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:11:55.0294 0x10bc elxstor - ok
20:11:55.0310 0x10bc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:11:55.0311 0x10bc ErrDev - ok
20:11:55.0392 0x10bc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:11:55.0399 0x10bc EventSystem - ok
20:11:55.0419 0x10bc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:11:55.0423 0x10bc exfat - ok
20:11:55.0445 0x10bc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:11:55.0449 0x10bc fastfat - ok
20:11:55.0530 0x10bc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:11:55.0542 0x10bc Fax - ok
20:11:55.0555 0x10bc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:11:55.0557 0x10bc fdc - ok
20:11:55.0622 0x10bc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:11:55.0624 0x10bc fdPHost - ok
20:11:55.0636 0x10bc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:11:55.0638 0x10bc FDResPub - ok
20:11:55.0648 0x10bc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:11:55.0650 0x10bc FileInfo - ok
20:11:55.0662 0x10bc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:11:55.0663 0x10bc Filetrace - ok
20:11:55.0679 0x10bc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:11:55.0680 0x10bc flpydisk - ok
20:11:55.0755 0x10bc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:11:55.0762 0x10bc FltMgr - ok
20:11:55.0855 0x10bc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
20:11:55.0880 0x10bc FontCache - ok
20:11:55.0920 0x10bc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:11:55.0921 0x10bc FontCache3.0.0.0 - ok
20:11:55.0952 0x10bc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:11:55.0954 0x10bc FsDepends - ok
20:11:55.0976 0x10bc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:11:55.0977 0x10bc Fs_Rec - ok
20:11:56.0044 0x10bc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:11:56.0049 0x10bc fvevol - ok
20:11:56.0063 0x10bc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:11:56.0065 0x10bc gagp30kx - ok
20:11:56.0130 0x10bc [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys
20:11:56.0131 0x10bc gdrv - ok
20:11:56.0290 0x10bc [ 0C52567F023D0F05F4EFC26F607D415B, 168D2AAB2F9CF8DE4A894DE3B2A5C67F1DAD758DBEC95FCFF4D752645BB37C38 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:11:56.0309 0x10bc GfExperienceService - ok
20:11:56.0346 0x10bc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:11:56.0363 0x10bc gpsvc - ok
20:11:56.0417 0x10bc [ 0636745A40DEA06283D45885C228AF01, 514EF6F912CB9BF552AE109739BC02A2BC46B4784C65BC3C0B03DB6F60BBF380 ] GUBootStartup C:\Windows\System32\drivers\GUBootStartup.sys
20:11:56.0419 0x10bc GUBootStartup - ok
20:11:56.0539 0x10bc [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:11:56.0541 0x10bc gupdate - ok
20:11:56.0545 0x10bc [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:11:56.0547 0x10bc gupdatem - ok
20:11:56.0564 0x10bc [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:11:56.0568 0x10bc gusvc - ok
20:11:56.0581 0x10bc [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64 C:\Windows\GVTDrv64.sys
20:11:56.0582 0x10bc GVTDrv64 - ok
20:11:56.0655 0x10bc [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
20:11:56.0656 0x10bc hamachi - ok
20:11:56.0805 0x10bc [ 8F1E6AC416C8E48F6731B8F625BBC30B, A4BDFA9771C1470FCAB65ACEDF57CCA5C741A8DF09FA3A7F91EE79DBFE9D5699 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
20:11:56.0847 0x10bc Hamachi2Svc - ok
20:11:56.0873 0x10bc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:11:56.0874 0x10bc hcw85cir - ok
20:11:56.0960 0x10bc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:11:56.0967 0x10bc HdAudAddService - ok
20:11:57.0017 0x10bc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:11:57.0020 0x10bc HDAudBus - ok
20:11:57.0024 0x10bc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:11:57.0025 0x10bc HidBatt - ok
20:11:57.0030 0x10bc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:11:57.0032 0x10bc HidBth - ok
20:11:57.0044 0x10bc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:11:57.0046 0x10bc HidIr - ok
20:11:57.0064 0x10bc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:11:57.0067 0x10bc hidserv - ok
20:11:57.0138 0x10bc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:11:57.0139 0x10bc HidUsb - ok
20:11:57.0159 0x10bc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:11:57.0163 0x10bc hkmsvc - ok
20:11:57.0186 0x10bc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:11:57.0193 0x10bc HomeGroupListener - ok
20:11:57.0217 0x10bc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:11:57.0224 0x10bc HomeGroupProvider - ok
20:11:57.0256 0x10bc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:11:57.0258 0x10bc HpSAMD - ok
20:11:57.0339 0x10bc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:11:57.0355 0x10bc HTTP - ok
20:11:57.0374 0x10bc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:11:57.0375 0x10bc hwpolicy - ok
20:11:57.0439 0x10bc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:11:57.0441 0x10bc i8042prt - ok
20:11:57.0504 0x10bc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:11:57.0513 0x10bc iaStorV - ok
20:11:57.0585 0x10bc [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
20:11:57.0589 0x10bc ICCS - ok
20:11:57.0687 0x10bc [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:11:57.0689 0x10bc IDriverT - ok
20:11:57.0771 0x10bc [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:11:57.0789 0x10bc idsvc - ok
20:11:57.0833 0x10bc IEEtwCollectorService - ok
20:11:57.0871 0x10bc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:11:57.0873 0x10bc iirsp - ok
20:11:57.0913 0x10bc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
20:11:57.0932 0x10bc IKEEXT - ok
20:11:58.0093 0x10bc [ 7A93DBF7DD86A28C0B941F4D39B85A0E, DBA4AE976CD01C599B85933E9B8741D7F01FD88F5BEAF01DDA3BCCDD1550607A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:11:58.0180 0x10bc IntcAzAudAddService - ok
20:11:58.0207 0x10bc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:11:58.0208 0x10bc intelide - ok
20:11:58.0273 0x10bc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:11:58.0275 0x10bc intelppm - ok
20:11:58.0291 0x10bc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:11:58.0295 0x10bc IPBusEnum - ok
20:11:58.0329 0x10bc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:11:58.0331 0x10bc IpFilterDriver - ok
20:11:58.0368 0x10bc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:11:58.0381 0x10bc iphlpsvc - ok
20:11:58.0411 0x10bc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:11:58.0414 0x10bc IPMIDRV - ok
20:11:58.0419 0x10bc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:11:58.0422 0x10bc IPNAT - ok
20:11:58.0484 0x10bc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:11:58.0485 0x10bc IRENUM - ok
20:11:58.0499 0x10bc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:11:58.0500 0x10bc isapnp - ok
20:11:58.0528 0x10bc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:11:58.0534 0x10bc iScsiPrt - ok
20:11:58.0590 0x10bc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:11:58.0592 0x10bc kbdclass - ok
20:11:58.0646 0x10bc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:11:58.0647 0x10bc kbdhid - ok
20:11:58.0666 0x10bc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
20:11:58.0668 0x10bc KeyIso - ok
20:11:58.0691 0x10bc [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:11:58.0694 0x10bc KSecDD - ok
20:11:58.0758 0x10bc [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:11:58.0762 0x10bc KSecPkg - ok
20:11:58.0785 0x10bc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:11:58.0786 0x10bc ksthunk - ok
20:11:58.0819 0x10bc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:11:58.0829 0x10bc KtmRm - ok
20:11:58.0911 0x10bc [ A43A9920D2409BB9DA747D2FD20A2E61, 6D48897F3B9F0D04FC0C09017A34F1614C708476829F275682963F162BCBE8A0 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
20:11:58.0914 0x10bc L1C - ok
20:11:59.0037 0x10bc [ AE24245C64D0B497957495F88BDB2B22, 975E0B644F16F1CAA2C257242B5E197EDD7856312D111773DCB7F5D17D352061 ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys
20:11:59.0039 0x10bc L8042Kbd - ok
20:11:59.0107 0x10bc [ E65F86536847F6ED8BB35BAF4E575375, 28DEDCBD06D5DF277C6BEA539F1155B7FCF206F07A1B86234309D6CDEE5F7C09 ] L8042mou C:\Windows\system32\DRIVERS\L8042mou.Sys
20:11:59.0110 0x10bc L8042mou - ok
20:11:59.0184 0x10bc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:11:59.0192 0x10bc LanmanServer - ok
20:11:59.0249 0x10bc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:11:59.0254 0x10bc LanmanWorkstation - ok
20:11:59.0457 0x10bc [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
20:11:59.0465 0x10bc LBTServ - ok
20:11:59.0529 0x10bc [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:11:59.0532 0x10bc LHidFilt - ok
20:11:59.0586 0x10bc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:11:59.0588 0x10bc lltdio - ok
20:11:59.0620 0x10bc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:11:59.0628 0x10bc lltdsvc - ok
20:11:59.0649 0x10bc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:11:59.0651 0x10bc lmhosts - ok
20:11:59.0739 0x10bc [ DECDC94EE980974EDFE4663B28A127C1, 9546F6B6F049EAD3D503A18CA106A1716AFE46CA40769D3DB128A3C152E02D30 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
20:11:59.0746 0x10bc LMIGuardianSvc - ok
20:11:59.0764 0x10bc [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:11:59.0765 0x10bc LMouFilt - ok
20:11:59.0836 0x10bc [ 52550A3CDB1BEE425569DEE0A17E834A, A524A8F3008DCC2726E95C88E40025182DCF79D9C1166D83D6F5B782F51396FB ] LMouKE C:\Windows\system32\DRIVERS\LMouKE.Sys
20:11:59.0839 0x10bc LMouKE - ok
20:11:59.0920 0x10bc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:11:59.0923 0x10bc LSI_FC - ok
20:11:59.0936 0x10bc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:11:59.0938 0x10bc LSI_SAS - ok
20:11:59.0952 0x10bc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:11:59.0955 0x10bc LSI_SAS2 - ok
20:11:59.0968 0x10bc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:11:59.0972 0x10bc LSI_SCSI - ok
20:12:00.0032 0x10bc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:12:00.0035 0x10bc luafv - ok
20:12:00.0103 0x10bc [ 9659AA75AC920EF6393B8CF77E21D1B9, 76706516DF281B48ABB2A43CA81B6EA0551937BE1C21AEA0A522AA717C27FD0A ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
20:12:00.0105 0x10bc LUsbFilt - ok
20:12:00.0193 0x10bc [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:12:00.0195 0x10bc MBAMProtector - ok
20:12:00.0271 0x10bc [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
20:12:00.0309 0x10bc MBAMScheduler - ok
20:12:00.0363 0x10bc [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
20:12:00.0383 0x10bc MBAMService - ok
20:12:00.0437 0x10bc [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
20:12:00.0439 0x10bc MBAMWebAccessControl - ok
20:12:00.0475 0x10bc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:12:00.0479 0x10bc Mcx2Svc - ok
20:12:00.0497 0x10bc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:12:00.0499 0x10bc megasas - ok
20:12:00.0574 0x10bc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:12:00.0580 0x10bc MegaSR - ok
20:12:00.0679 0x10bc Microsoft SharePoint Workspace Audit Service - ok
20:12:00.0743 0x10bc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:12:00.0746 0x10bc MMCSS - ok
20:12:00.0758 0x10bc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:12:00.0760 0x10bc Modem - ok
20:12:00.0824 0x10bc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:12:00.0825 0x10bc monitor - ok
20:12:00.0849 0x10bc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:12:00.0851 0x10bc mouclass - ok
20:12:00.0867 0x10bc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:12:00.0868 0x10bc mouhid - ok
20:12:00.0889 0x10bc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:12:00.0898 0x10bc mountmgr - ok
20:12:00.0972 0x10bc [ 35BE659B9A2B73E80E076A436B98CA4F, 0B497BC38FC2CC383759D70D311A6202AEB4045F3C2A48E6D0C503F7A7DC605E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:12:00.0974 0x10bc MozillaMaintenance - ok
20:12:01.0001 0x10bc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:12:01.0004 0x10bc mpio - ok
20:12:01.0070 0x10bc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:12:01.0072 0x10bc mpsdrv - ok
20:12:01.0111 0x10bc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:12:01.0130 0x10bc MpsSvc - ok
20:12:01.0193 0x10bc [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:12:01.0196 0x10bc MRxDAV - ok
20:12:01.0223 0x10bc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:12:01.0227 0x10bc mrxsmb - ok
20:12:01.0250 0x10bc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:12:01.0257 0x10bc mrxsmb10 - ok
20:12:01.0271 0x10bc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:12:01.0274 0x10bc mrxsmb20 - ok
20:12:01.0299 0x10bc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:12:01.0300 0x10bc msahci - ok
20:12:01.0330 0x10bc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:12:01.0333 0x10bc msdsm - ok
20:12:01.0355 0x10bc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:12:01.0360 0x10bc MSDTC - ok
20:12:01.0380 0x10bc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:12:01.0381 0x10bc Msfs - ok
20:12:01.0443 0x10bc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:12:01.0443 0x10bc mshidkmdf - ok
20:12:01.0459 0x10bc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:12:01.0460 0x10bc msisadrv - ok
20:12:01.0488 0x10bc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:12:01.0493 0x10bc MSiSCSI - ok
20:12:01.0496 0x10bc msiserver - ok
20:12:01.0548 0x10bc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:12:01.0549 0x10bc MSKSSRV - ok
20:12:01.0560 0x10bc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:12:01.0561 0x10bc MSPCLOCK - ok
20:12:01.0567 0x10bc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:12:01.0568 0x10bc MSPQM - ok
20:12:01.0595 0x10bc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:12:01.0602 0x10bc MsRPC - ok
20:12:01.0620 0x10bc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:12:01.0625 0x10bc mssmbios - ok
20:12:01.0699 0x10bc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:12:01.0700 0x10bc MSTEE - ok
20:12:01.0710 0x10bc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:12:01.0711 0x10bc MTConfig - ok
20:12:01.0780 0x10bc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:12:01.0782 0x10bc Mup - ok
20:12:01.0800 0x10bc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:12:01.0812 0x10bc napagent - ok
20:12:01.0881 0x10bc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:12:01.0888 0x10bc NativeWifiP - ok
20:12:01.0974 0x10bc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:12:01.0994 0x10bc NDIS - ok
20:12:02.0005 0x10bc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:12:02.0007 0x10bc NdisCap - ok
20:12:02.0062 0x10bc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:12:02.0064 0x10bc NdisTapi - ok
20:12:02.0082 0x10bc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:12:02.0084 0x10bc Ndisuio - ok
20:12:02.0104 0x10bc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:12:02.0107 0x10bc NdisWan - ok
20:12:02.0130 0x10bc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:12:02.0132 0x10bc NDProxy - ok
20:12:02.0203 0x10bc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:12:02.0205 0x10bc NetBIOS - ok
20:12:02.0231 0x10bc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:12:02.0236 0x10bc NetBT - ok
20:12:02.0249 0x10bc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
20:12:02.0251 0x10bc Netlogon - ok
20:12:02.0277 0x10bc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:12:02.0285 0x10bc Netman - ok
20:12:02.0336 0x10bc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:12:02.0339 0x10bc NetMsmqActivator - ok
20:12:02.0344 0x10bc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:12:02.0347 0x10bc NetPipeActivator - ok
20:12:02.0386 0x10bc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:12:02.0397 0x10bc netprofm - ok
20:12:02.0514 0x10bc [ B7053DF2D07413727B9A3AC195172364, 97B7B02B3B578F054EEA1CCC6A318F91288F9E2B0644DE45D5CDCF1326EC014A ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
20:12:02.0560 0x10bc netr28ux - ok
20:12:02.0594 0x10bc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:12:02.0597 0x10bc NetTcpActivator - ok
20:12:02.0602 0x10bc [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:12:02.0605 0x10bc NetTcpPortSharing - ok
20:12:02.0644 0x10bc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:12:02.0645 0x10bc nfrd960 - ok
20:12:02.0695 0x10bc [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:12:02.0702 0x10bc NlaSvc - ok
20:12:02.0727 0x10bc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:12:02.0729 0x10bc Npfs - ok
20:12:02.0750 0x10bc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:12:02.0752 0x10bc nsi - ok
20:12:02.0759 0x10bc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:12:02.0760 0x10bc nsiproxy - ok
20:12:02.0810 0x10bc [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:12:02.0838 0x10bc Ntfs - ok
20:12:02.0852 0x10bc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:12:02.0852 0x10bc Null - ok
20:12:02.0929 0x10bc [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
20:12:02.0933 0x10bc NVHDA - ok
20:12:03.0240 0x10bc [ ED4D88A04D22E6B00DB6BC8FACDBAFED, 38DDB9B353D3A24DD8390C6FB58FD513B46F9F715BC7E68D0958E78EACC3D3FA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:12:03.0461 0x10bc nvlddmkm - ok
20:12:03.0643 0x10bc [ DDF6920EBE96B0304279834F2EE2193E, F631974EE3659EC01863C2502FD26A45A237A59B9B005E5B1F9F78357CCBB974 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:12:03.0671 0x10bc NvNetworkService - ok
20:12:03.0733 0x10bc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:12:03.0736 0x10bc nvraid - ok
20:12:03.0770 0x10bc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:12:03.0774 0x10bc nvstor - ok
20:12:03.0869 0x10bc [ 0C4A0D577A6EF1B9D353851668779944, 70E866AD50809CC80F167796C516190918A542F7767A8841948E656F36877AFE ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:12:03.0870 0x10bc NvStreamKms - ok
20:12:04.0389 0x10bc [ BC00A5B3A9F759F7B1DD0A5868C4492F, 23058E56016B836339AACDB0D42E074FB4EF560C27831F6228A455D70585D1EE ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
20:12:04.0711 0x10bc NvStreamSvc - ok
20:12:04.0830 0x10bc [ B7CD89EFA562A991F2864EFD3147473A, D38BAE7883BC073562C3C77DF59663B820CFE8305A3319C6E5CF8E48752E18C1 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:12:04.0847 0x10bc nvsvc - ok
20:12:04.0919 0x10bc [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
20:12:04.0921 0x10bc nvvad_WaveExtensible - ok
20:12:04.0999 0x10bc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:12:05.0002 0x10bc nv_agp - ok
20:12:05.0038 0x10bc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:12:05.0040 0x10bc ohci1394 - ok
20:12:05.0137 0x10bc [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:12:05.0141 0x10bc ose - ok
20:12:05.0304 0x10bc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:12:05.0404 0x10bc osppsvc - ok
20:12:05.0476 0x10bc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:12:05.0484 0x10bc p2pimsvc - ok
20:12:05.0515 0x10bc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:12:05.0526 0x10bc p2psvc - ok
20:12:05.0552 0x10bc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:12:05.0555 0x10bc Parport - ok
20:12:05.0583 0x10bc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:12:05.0585 0x10bc partmgr - ok
20:12:05.0597 0x10bc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
20:12:05.0602 0x10bc PcaSvc - ok
20:12:05.0612 0x10bc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
20:12:05.0617 0x10bc pci - ok
20:12:05.0635 0x10bc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
20:12:05.0636 0x10bc pciide - ok
20:12:05.0643 0x10bc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:12:05.0649 0x10bc pcmcia - ok
20:12:05.0660 0x10bc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:12:05.0662 0x10bc pcw - ok
20:12:05.0697 0x10bc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:12:05.0711 0x10bc PEAUTH - ok
20:12:05.0761 0x10bc [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:12:05.0791 0x10bc PeerDistSvc - ok
20:12:05.0837 0x10bc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:12:05.0839 0x10bc PerfHost - ok
20:12:05.0894 0x10bc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
20:12:05.0925 0x10bc pla - ok
20:12:05.0951 0x10bc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:12:05.0962 0x10bc PlugPlay - ok
20:12:05.0991 0x10bc PnkBstrA - ok
20:12:06.0022 0x10bc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:12:06.0025 0x10bc PNRPAutoReg - ok
20:12:06.0042 0x10bc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:12:06.0050 0x10bc PNRPsvc - ok
20:12:06.0082 0x10bc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:12:06.0094 0x10bc PolicyAgent - ok
20:12:06.0120 0x10bc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:12:06.0126 0x10bc Power - ok
20:12:06.0198 0x10bc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:12:06.0201 0x10bc PptpMiniport - ok
20:12:06.0212 0x10bc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:12:06.0214 0x10bc Processor - ok
20:12:06.0278 0x10bc [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
20:12:06.0285 0x10bc ProfSvc - ok
20:12:06.0307 0x10bc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:12:06.0309 0x10bc ProtectedStorage - ok
20:12:06.0383 0x10bc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:12:06.0386 0x10bc Psched - ok
20:12:06.0493 0x10bc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:12:06.0526 0x10bc ql2300 - ok
20:12:06.0540 0x10bc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:12:06.0543 0x10bc ql40xx - ok
20:12:06.0572 0x10bc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:12:06.0579 0x10bc QWAVE - ok
20:12:06.0588 0x10bc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:12:06.0589 0x10bc QWAVEdrv - ok
20:12:06.0772 0x10bc [ E3D78F6FE54B27DE451E350AC908E8B4, 55F4EC8044E513640867DC9521279FA92D8C753807049D136C9C1D041B99E254 ] RalinkRegistryWriter C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
20:12:06.0779 0x10bc RalinkRegistryWriter - ok
20:12:06.0793 0x10bc [ 956C8ADBCBCD003AEE3D34B10E94D04A, 25A419A8283D56BCCD743482696F1FB430CB201211127490E3120F2452D3B701 ] RalinkRegistryWriter64 C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
20:12:06.0801 0x10bc RalinkRegistryWriter64 - ok
20:12:06.0864 0x10bc [ 2977F7750EA2BECB3E623814D2C18800, A2FAE078FC18481C59D7D3B465D4E53756D85C1C49F6471D3840EEF49814EA19 ] RaMediaServer C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
20:12:06.0903 0x10bc RaMediaServer - ok
20:12:06.0929 0x10bc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:12:06.0930 0x10bc RasAcd - ok
20:12:06.0994 0x10bc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:12:06.0996 0x10bc RasAgileVpn - ok
20:12:07.0017 0x10bc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:12:07.0021 0x10bc RasAuto - ok
20:12:07.0045 0x10bc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:12:07.0048 0x10bc Rasl2tp - ok
20:12:07.0068 0x10bc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
20:12:07.0078 0x10bc RasMan - ok
20:12:07.0100 0x10bc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:12:07.0102 0x10bc RasPppoe - ok
20:12:07.0113 0x10bc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:12:07.0115 0x10bc RasSstp - ok
20:12:07.0153 0x10bc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:12:07.0160 0x10bc rdbss - ok
20:12:07.0184 0x10bc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:12:07.0186 0x10bc rdpbus - ok
20:12:07.0193 0x10bc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:12:07.0194 0x10bc RDPCDD - ok
20:12:07.0218 0x10bc [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:12:07.0222 0x10bc RDPDR - ok
20:12:07.0255 0x10bc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:12:07.0256 0x10bc RDPENCDD - ok
20:12:07.0261 0x10bc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:12:07.0261 0x10bc RDPREFMP - ok
20:12:07.0364 0x10bc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:12:07.0365 0x10bc RdpVideoMiniport - ok
20:12:07.0423 0x10bc [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:12:07.0428 0x10bc RDPWD - ok
20:12:07.0461 0x10bc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:12:07.0466 0x10bc rdyboost - ok
20:12:07.0487 0x10bc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:12:07.0491 0x10bc RemoteAccess - ok
20:12:07.0513 0x10bc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:12:07.0519 0x10bc RemoteRegistry - ok
20:12:07.0582 0x10bc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:12:07.0586 0x10bc RpcEptMapper - ok
20:12:07.0599 0x10bc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:12:07.0601 0x10bc RpcLocator - ok
20:12:07.0631 0x10bc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
20:12:07.0641 0x10bc RpcSs - ok
20:12:07.0667 0x10bc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:12:07.0670 0x10bc rspndr - ok
20:12:07.0755 0x10bc [ FC00C0DE6DC83DE1B2B01420E2195B21, BA9670F67BEFE4DD39D9F98329AA69380E167383448C9488F4E500E0ECF22A97 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
20:12:07.0770 0x10bc RTL8192su - ok
20:12:07.0797 0x10bc [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:12:07.0798 0x10bc s3cap - ok
20:12:07.0806 0x10bc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
20:12:07.0809 0x10bc SamSs - ok
20:12:07.0828 0x10bc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:12:07.0830 0x10bc sbp2port - ok
20:12:07.0857 0x10bc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:12:07.0864 0x10bc SCardSvr - ok
20:12:07.0883 0x10bc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:12:07.0884 0x10bc scfilter - ok
20:12:07.0932 0x10bc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
20:12:07.0958 0x10bc Schedule - ok
20:12:07.0981 0x10bc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:12:07.0983 0x10bc SCPolicySvc - ok
20:12:07.0993 0x10bc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:12:07.0999 0x10bc SDRSVC - ok
20:12:08.0062 0x10bc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:12:08.0063 0x10bc secdrv - ok
20:12:08.0086 0x10bc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
20:12:08.0089 0x10bc seclogon - ok
20:12:08.0108 0x10bc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:12:08.0111 0x10bc SENS - ok
20:12:08.0123 0x10bc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:12:08.0127 0x10bc SensrSvc - ok
20:12:08.0184 0x10bc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:12:08.0185 0x10bc Serenum - ok
20:12:08.0194 0x10bc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:12:08.0197 0x10bc Serial - ok
20:12:08.0216 0x10bc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:12:08.0217 0x10bc sermouse - ok
20:12:08.0247 0x10bc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
20:12:08.0252 0x10bc SessionEnv - ok
20:12:08.0272 0x10bc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:12:08.0273 0x10bc sffdisk - ok
20:12:08.0276 0x10bc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:12:08.0277 0x10bc sffp_mmc - ok
20:12:08.0280 0x10bc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:12:08.0281 0x10bc sffp_sd - ok
20:12:08.0308 0x10bc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:12:08.0309 0x10bc sfloppy - ok
20:12:08.0380 0x10bc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:12:08.0389 0x10bc SharedAccess - ok
20:12:08.0403 0x10bc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:12:08.0411 0x10bc ShellHWDetection - ok
20:12:08.0428 0x10bc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:12:08.0430 0x10bc SiSRaid2 - ok
20:12:08.0448 0x10bc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:12:08.0450 0x10bc SiSRaid4 - ok
20:12:08.0531 0x10bc [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:12:08.0538 0x10bc SkypeUpdate - ok
20:12:08.0610 0x10bc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:12:08.0612 0x10bc Smb - ok
20:12:08.0678 0x10bc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:12:08.0681 0x10bc SNMPTRAP - ok
20:12:08.0691 0x10bc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:12:08.0692 0x10bc spldr - ok
20:12:08.0726 0x10bc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
20:12:08.0740 0x10bc Spooler - ok
20:12:08.0837 0x10bc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
20:12:08.0913 0x10bc sppsvc - ok
20:12:08.0945 0x10bc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:12:08.0949 0x10bc sppuinotify - ok
20:12:08.0981 0x10bc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:12:08.0991 0x10bc srv - ok
20:12:09.0005 0x10bc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:12:09.0014 0x10bc srv2 - ok
20:12:09.0028 0x10bc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:12:09.0032 0x10bc srvnet - ok
20:12:09.0045 0x10bc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:12:09.0052 0x10bc SSDPSRV - ok
20:12:09.0076 0x10bc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:12:09.0080 0x10bc SstpSvc - ok
20:12:09.0172 0x10bc [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:12:09.0189 0x10bc Steam Client Service - ok
20:12:09.0328 0x10bc [ E7AF8F82C69A5E9B2CC46633BCBBAAEE, D7FC81DB72A1A96219335AFF861ADD82BEC115CBCB70C6765058E1D76702403C ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:12:09.0335 0x10bc Stereo Service - ok
20:12:09.0356 0x10bc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:12:09.0357 0x10bc stexstor - ok
20:12:09.0427 0x10bc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
20:12:09.0442 0x10bc stisvc - ok
20:12:09.0459 0x10bc [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:12:09.0461 0x10bc storflt - ok
20:12:09.0477 0x10bc [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:12:09.0479 0x10bc storvsc - ok
20:12:09.0492 0x10bc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
20:12:09.0493 0x10bc swenum - ok
20:12:09.0650 0x10bc [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:12:09.0661 0x10bc SwitchBoard - ok
20:12:09.0701 0x10bc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:12:09.0715 0x10bc swprv - ok
20:12:09.0746 0x10bc Synth3dVsc - ok
20:12:09.0818 0x10bc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
20:12:09.0858 0x10bc SysMain - ok
20:12:09.0885 0x10bc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:12:09.0890 0x10bc TabletInputService - ok
20:12:09.0955 0x10bc [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
20:12:09.0956 0x10bc tap0901t - ok
20:12:09.0975 0x10bc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
20:12:09.0984 0x10bc TapiSrv - ok
20:12:10.0011 0x10bc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:12:10.0015 0x10bc TBS - ok
20:12:10.0119 0x10bc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:12:10.0159 0x10bc Tcpip - ok
20:12:10.0231 0x10bc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:12:10.0262 0x10bc TCPIP6 - ok
20:12:10.0310 0x10bc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:12:10.0312 0x10bc tcpipreg - ok
20:12:10.0333 0x10bc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:12:10.0334 0x10bc TDPIPE - ok
20:12:10.0358 0x10bc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:12:10.0359 0x10bc TDTCP - ok
20:12:10.0426 0x10bc [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:12:10.0429 0x10bc tdx - ok
20:12:10.0691 0x10bc [ 6EC042A004268B3EA2FB96D939303095, 0E889FB317AF484DA4A8529C5569350C69F4587C2B455C0F559E8061ECC2247B ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
20:12:10.0780 0x10bc TeamViewer - ok
20:12:11.0000 0x10bc [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
20:12:11.0079 0x10bc TeamViewer9 - ok
20:12:11.0155 0x10bc [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
20:12:11.0156 0x10bc teamviewervpn - ok
20:12:11.0181 0x10bc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
20:12:11.0183 0x10bc TermDD - ok
20:12:11.0258 0x10bc [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
20:12:11.0271 0x10bc TermService - ok
20:12:11.0287 0x10bc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
20:12:11.0291 0x10bc Themes - ok
20:12:11.0308 0x10bc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:12:11.0311 0x10bc THREADORDER - ok
20:12:11.0380 0x10bc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:12:11.0385 0x10bc TrkWks - ok
20:12:11.0429 0x10bc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:12:11.0433 0x10bc TrustedInstaller - ok
20:12:11.0467 0x10bc [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:12:11.0469 0x10bc tssecsrv - ok
20:12:11.0510 0x10bc [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:12:11.0512 0x10bc TsUsbFlt - ok
20:12:11.0515 0x10bc tsusbhub - ok
20:12:11.0587 0x10bc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:12:11.0590 0x10bc tunnel - ok
20:12:11.0725 0x10bc [ A96BE6F92EDE53BA5997B2AE7367EACD, D2CE331F0BBA15C19A66BEF91FBDA96536F656C89DC9FE1A2F88D0C368986BB2 ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
20:12:11.0741 0x10bc TunngleService - ok
20:12:11.0763 0x10bc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:12:11.0765 0x10bc uagp35 - ok
20:12:11.0793 0x10bc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:12:11.0800 0x10bc udfs - ok
20:12:11.0823 0x10bc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:12:11.0827 0x10bc UI0Detect - ok
20:12:11.0889 0x10bc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:12:11.0891 0x10bc uliagpkx - ok
20:12:11.0911 0x10bc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
20:12:11.0912 0x10bc umbus - ok
20:12:11.0916 0x10bc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:12:11.0916 0x10bc UmPass - ok
20:12:11.0939 0x10bc [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
20:12:11.0946 0x10bc UmRdpService - ok
20:12:11.0966 0x10bc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:12:11.0975 0x10bc upnphost - ok
20:12:12.0057 0x10bc [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:12:12.0060 0x10bc usbaudio - ok
20:12:12.0081 0x10bc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:12:12.0083 0x10bc usbccgp - ok
20:12:12.0166 0x10bc [ 84A8E67E6CB15B070A2A7A0B3A9F1609, 08AB5691024A5B69A23DEF4E69696EC46D5BAD01A24861CFE612FBD649D87BDB ] UsbCharger C:\Windows\system32\DRIVERS\UsbCharger.sys
20:12:12.0167 0x10bc UsbCharger - ok
20:12:12.0228 0x10bc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:12:12.0231 0x10bc usbcir - ok
20:12:12.0243 0x10bc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:12:12.0245 0x10bc usbehci - ok
20:12:12.0330 0x10bc [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
20:12:12.0332 0x10bc usbfilter - ok
20:12:12.0399 0x10bc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:12:12.0407 0x10bc usbhub - ok
20:12:12.0423 0x10bc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:12:12.0425 0x10bc usbohci - ok
20:12:12.0438 0x10bc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:12:12.0439 0x10bc usbprint - ok
20:12:12.0460 0x10bc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:12:12.0463 0x10bc USBSTOR - ok
20:12:12.0481 0x10bc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:12:12.0483 0x10bc usbuhci - ok
20:12:12.0542 0x10bc [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
20:12:12.0544 0x10bc usb_rndisx - ok
20:12:12.0570 0x10bc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:12:12.0573 0x10bc UxSms - ok
20:12:12.0582 0x10bc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
20:12:12.0584 0x10bc VaultSvc - ok
20:12:12.0594 0x10bc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:12:12.0595 0x10bc vdrvroot - ok
20:12:12.0626 0x10bc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
20:12:12.0640 0x10bc vds - ok
20:12:12.0718 0x10bc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:12:12.0719 0x10bc vga - ok
20:12:12.0736 0x10bc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:12:12.0737 0x10bc VgaSave - ok
20:12:12.0772 0x10bc VGPU - ok
20:12:12.0824 0x10bc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:12:12.0829 0x10bc vhdmp - ok
20:12:12.0856 0x10bc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
20:12:12.0858 0x10bc viaide - ok
20:12:12.0928 0x10bc [ FF7C6E015AA32FC6BE0AEF582B802332, D59A4AC8A0B0F1B036E2A0BAE8F4DF302AAB1D62C7888224536A1622A912A7B0 ] VirtDiskBus C:\Windows\system32\DRIVERS\VirtDiskBus64.sys
20:12:12.0930 0x10bc VirtDiskBus - ok
20:12:12.0940 0x10bc [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:12:12.0945 0x10bc vmbus - ok
20:12:12.0959 0x10bc [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:12:12.0961 0x10bc VMBusHID - ok
20:12:12.0980 0x10bc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:12:12.0983 0x10bc volmgr - ok
20:12:13.0005 0x10bc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:12:13.0013 0x10bc volmgrx - ok
20:12:13.0050 0x10bc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:12:13.0057 0x10bc volsnap - ok
20:12:13.0080 0x10bc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:12:13.0084 0x10bc vsmraid - ok
20:12:13.0139 0x10bc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
20:12:13.0173 0x10bc VSS - ok
20:12:13.0188 0x10bc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:12:13.0189 0x10bc vwifibus - ok
20:12:13.0201 0x10bc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:12:13.0203 0x10bc vwififlt - ok
20:12:13.0260 0x10bc [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:12:13.0261 0x10bc vwifimp - ok
20:12:13.0287 0x10bc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:12:13.0298 0x10bc W32Time - ok
20:12:13.0308 0x10bc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:12:13.0310 0x10bc WacomPen - ok
20:12:13.0380 0x10bc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:12:13.0382 0x10bc WANARP - ok
20:12:13.0415 0x10bc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:12:13.0417 0x10bc Wanarpv6 - ok
20:12:13.0490 0x10bc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
20:12:13.0523 0x10bc wbengine - ok
20:12:13.0600 0x10bc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:12:13.0607 0x10bc WbioSrvc - ok
20:12:13.0633 0x10bc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:12:13.0643 0x10bc wcncsvc - ok
20:12:13.0656 0x10bc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:12:13.0660 0x10bc WcsPlugInService - ok
20:12:13.0683 0x10bc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:12:13.0684 0x10bc Wd - ok
20:12:13.0727 0x10bc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:12:13.0743 0x10bc Wdf01000 - ok
20:12:13.0799 0x10bc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:12:13.0804 0x10bc WdiServiceHost - ok
20:12:13.0808 0x10bc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:12:13.0812 0x10bc WdiSystemHost - ok
20:12:13.0833 0x10bc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
20:12:13.0841 0x10bc WebClient - ok
20:12:13.0864 0x10bc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:12:13.0872 0x10bc Wecsvc - ok
20:12:13.0886 0x10bc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:12:13.0891 0x10bc wercplsupport - ok
20:12:13.0951 0x10bc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:12:13.0956 0x10bc WerSvc - ok
20:12:13.0977 0x10bc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:12:13.0978 0x10bc WfpLwf - ok
20:12:13.0988 0x10bc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:12:13.0989 0x10bc WIMMount - ok
20:12:14.0012 0x10bc WinDefend - ok
20:12:14.0044 0x10bc WinHttpAutoProxySvc - ok
20:12:14.0110 0x10bc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:12:14.0116 0x10bc Winmgmt - ok
20:12:14.0238 0x10bc [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
20:12:14.0239 0x10bc WinRing0_1_2_0 - ok
20:12:14.0339 0x10bc [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
20:12:14.0384 0x10bc WinRM - ok
20:12:14.0481 0x10bc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:12:14.0482 0x10bc WinUsb - ok
20:12:14.0531 0x10bc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:12:14.0552 0x10bc Wlansvc - ok
20:12:14.0568 0x10bc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:12:14.0570 0x10bc WmiAcpi - ok
20:12:14.0600 0x10bc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:12:14.0605 0x10bc wmiApSrv - ok
20:12:14.0672 0x10bc WMPNetworkSvc - ok
20:12:14.0794 0x10bc [ B868BA9AE6C5F13FE0E54DCCE8FC9448, 4F66DD0A8519464D9A26E8CB5685CA0874E6558E2B066873EFDD1E833A0EE89E ] wolfkr C:\AeriaGames\WolfTeam-DE\avital\wolfk64.sys
20:12:14.0796 0x10bc wolfkr - ok
20:12:14.0816 0x10bc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:12:14.0820 0x10bc WPCSvc - ok
20:12:14.0860 0x10bc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:12:14.0866 0x10bc WPDBusEnum - ok
20:12:14.0908 0x10bc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:12:14.0909 0x10bc ws2ifsl - ok
20:12:14.0924 0x10bc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
20:12:14.0929 0x10bc wscsvc - ok
20:12:14.0932 0x10bc WSearch - ok
20:12:15.0050 0x10bc [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
20:12:15.0104 0x10bc wuauserv - ok
20:12:15.0134 0x10bc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:12:15.0137 0x10bc WudfPf - ok
20:12:15.0208 0x10bc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:12:15.0212 0x10bc WUDFRd - ok
20:12:15.0235 0x10bc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:12:15.0240 0x10bc wudfsvc - ok
20:12:15.0265 0x10bc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:12:15.0273 0x10bc WwanSvc - ok
20:12:15.0360 0x10bc ================ Scan global ===============================
20:12:15.0405 0x10bc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:12:15.0436 0x10bc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:12:15.0449 0x10bc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
20:12:15.0475 0x10bc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:12:15.0497 0x10bc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:12:15.0506 0x10bc [ Global ] - ok
20:12:15.0506 0x10bc ================ Scan MBR ==================================
20:12:15.0510 0x10bc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:12:15.0807 0x10bc \Device\Harddisk0\DR0 - ok
20:12:15.0812 0x10bc [ 36B113AEADC5A9A2646D8320706EEA08 ] \Device\Harddisk1\DR1
20:12:17.0038 0x10bc \Device\Harddisk1\DR1 - ok
20:12:17.0038 0x10bc ================ Scan VBR ==================================
20:12:17.0040 0x10bc [ 129C4E8E7C56A9246DC53B26FC07E767 ] \Device\Harddisk0\DR0\Partition1
20:12:17.0041 0x10bc \Device\Harddisk0\DR0\Partition1 - ok
20:12:17.0043 0x10bc [ E13B12EC484FE4577763A21A3D7B1516 ] \Device\Harddisk0\DR0\Partition2
20:12:17.0044 0x10bc \Device\Harddisk0\DR0\Partition2 - ok
20:12:17.0045 0x10bc ================ Scan generic autorun ======================
20:12:17.0362 0x10bc [ A95B965C141A3FC74E7C246163253B0E, CB7DA2873231A7188CF7DC1CECF1F7F51F6EBDAF6DC5FA355381D000C372B734 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:12:17.0565 0x10bc RtHDVCpl - ok
20:12:17.0656 0x10bc [ 7304E21B92E538E2CC793EDF478AC034, 39992D4541E100E5D8199B2FB5B7C7DD7213F8BC84AEA1924C6EC46E8711BF28 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:12:17.0694 0x10bc NvBackend - ok
20:12:17.0711 0x10bc [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
20:12:17.0715 0x10bc ShadowPlay - ok
20:12:17.0898 0x10bc [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
20:12:17.0945 0x10bc EvtMgr6 - ok
20:12:18.0035 0x10bc [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
20:12:18.0047 0x10bc AdobeAAMUpdater-1.0 - ok
20:12:18.0203 0x10bc [ 312C7978F0A42DB0475CE31D884DCE88, 53DBEF2473F39754BB1BC352DB9A32607FD3A2E2DC5E7AA6AE821CABEC00CCD1 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
20:12:18.0283 0x10bc AvastUI.exe - ok
20:12:18.0343 0x10bc [ D2AEADFD998706B4216315B2BD3FA79E, D45634355B7733F9B6754A6FB80B7EC20C0D584A08E2F710DF612B393D96A8F9 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
20:12:18.0345 0x10bc ISUSScheduler - ok
20:12:18.0411 0x10bc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:12:18.0434 0x10bc Sidebar - ok
20:12:18.0459 0x10bc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:12:18.0462 0x10bc mctadmin - ok
20:12:18.0488 0x10bc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:12:18.0506 0x10bc Sidebar - ok
20:12:18.0512 0x10bc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:12:18.0515 0x10bc mctadmin - ok
20:12:18.0532 0x10bc [ A379B75A6FFE4DFD3184F35F0141CE91, C777B01B4361456D4D829E96723C85CCDC2E3647C4CF25894AC83100552E36AB ] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe
20:12:18.0536 0x10bc ISUSPM Startup - ok
20:12:18.0721 0x10bc [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Phalzu\AppData\Local\Akamai\netsession_win.exe
20:12:18.0792 0x10bc Akamai NetSession Interface - ok
20:12:18.0868 0x10bc [ A44C6AB33131B80BCDAA2366C0AB5CD4, 1F6FADAEF053216E447D034B8F0FCA19C47AA34C8D60515C33C4357C107D1DCD ] C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe
20:12:18.0869 0x10bc GUDelayStartup - ok
20:12:18.0932 0x10bc [ E5B836841C228FC9C47CE0F287C57EF8, 3279EDFC7B570C00ECC4AEF72EE976DAA996A4C3F26F2FA6B36D462F660760DC ] C:\Users\Phalzu\AppData\Local\Viber\Viber.exe
20:12:18.0950 0x10bc Viber - ok
20:12:18.0952 0x10bc Waiting for KSN requests completion. In queue: 79
20:12:19.0952 0x10bc Waiting for KSN requests completion. In queue: 79
20:12:20.0952 0x10bc Waiting for KSN requests completion. In queue: 15
20:12:21.0977 0x10bc AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
20:12:21.0992 0x10bc Win FW state via NFP2: enabled
20:12:24.0732 0x10bc ============================================================
20:12:24.0732 0x10bc Scan finished
20:12:24.0732 0x10bc ============================================================
20:12:24.0737 0x148c Detected object count: 0
20:12:24.0737 0x148c Actual detected object count: 0
20:12:58.0068 0x1598 Deinitialize success
|
|
17.01.2015, 12:26
| #6 |
| /// the machine /// TB-Ausbilder | Habe img_72938.scr geschickt bekommen... hi, Scan mit Combofix
__________________ --> Habe img_72938.scr geschickt bekommen... |
|
17.01.2015, 16:35
| #7 |
| | Fertig Hab alles getan wie beschrieben. Fehler sind nicht aufgetreten. Code:
ATTFilter ComboFix 15-01-08.01 - Phalzu 17.01.2015 16:21:50.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.8190.6002 [GMT 1:00]
ausgeführt von:: c:\users\Phalzu\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-12-17 bis 2015-01-17 ))))))))))))))))))))))))))))))
.
.
2015-01-17 15:23 . 2015-01-17 15:23 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73A47C61-A183-4AB2-A39F-093EC1E4B76C}\offreg.dll
2015-01-16 18:53 . 2015-01-16 19:08 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-01-16 18:44 . 2015-01-16 18:46 -------- d-----w- C:\FRST
2015-01-16 18:43 . 2015-01-16 18:43 -------- d-----w- c:\program files (x86)\GEGEN VIREN
2015-01-16 13:09 . 2015-01-17 15:15 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-16 13:09 . 2015-01-16 19:08 96472 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-16 13:09 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-01-16 13:09 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-01-16 13:09 . 2015-01-16 13:09 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-01-16 13:09 . 2015-01-16 13:09 -------- d-----w- c:\programdata\Malwarebytes
2015-01-16 12:55 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73A47C61-A183-4AB2-A39F-093EC1E4B76C}\mpengine.dll
2015-01-11 02:00 . 2015-01-11 02:02 56 --sh--r- c:\windows\SysWow64\A464A8AC76.sys
2015-01-11 02:00 . 2015-01-13 16:29 1890 --sha-w- c:\windows\SysWow64\KGyGaAvL.sys
2015-01-11 01:59 . 2015-01-11 18:46 -------- d-----w- c:\program files (x86)\Common Files\Enterbrain
2015-01-11 01:51 . 2015-01-11 01:51 -------- d-----w- c:\programdata\Logs
2015-01-11 01:49 . 2015-01-11 01:49 -------- d-----w- c:\users\Phalzu\AppData\Local\Programs
2015-01-11 01:47 . 2015-01-11 01:47 -------- d-----w- c:\windows\system32\appmgmt
2015-01-08 15:45 . 2015-01-08 15:47 -------- d-----w- c:\program files (x86)\The Binding of Isaac - Rebirth
2015-01-08 01:21 . 2015-01-08 01:31 -------- d-----w- c:\program files (x86)\Don't Starve Together v.122454 Beta
2014-12-31 21:40 . 2014-12-31 21:40 -------- d-----w- c:\users\Phalzu\AppData\Local\Ubisoft
2014-12-27 17:26 . 2014-12-27 17:26 -------- d-----w- c:\users\Phalzu\AppData\Roaming\.mono
2014-12-27 17:26 . 2014-12-27 17:26 -------- d-----w- c:\programdata\.mono
2014-12-27 17:25 . 2014-12-27 17:25 -------- d-----w- c:\users\Phalzu\AppData\Roaming\Pokémon Trading Card Game Online
2014-12-23 18:32 . 2015-01-09 15:40 -------- d-----w- c:\users\Phalzu\AppData\Roaming\.minecraft
2014-12-23 18:27 . 2014-12-23 18:27 -------- d-----w- c:\program files (x86)\UserMonitor
2014-12-21 21:54 . 2014-12-22 02:46 -------- d-----w- C:\FFOutput
2014-12-21 20:20 . 2014-12-13 00:47 620176 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-12-20 16:49 . 2015-01-10 14:46 -------- d-----w- c:\users\Phalzu\AppData\Local\LogMeIn Hamachi
2014-12-20 16:48 . 2014-12-20 16:48 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-12-20 16:42 . 2014-12-21 15:13 -------- d-----w- c:\users\Phalzu\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
2014-12-20 16:25 . 2014-11-22 10:46 38032 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-12-20 16:25 . 2014-11-22 10:46 32400 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-12-20 16:23 . 2014-12-20 16:23 -------- d-----w- c:\users\Phalzu\AppData\Local\Macromedia
2014-12-18 17:35 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-18 17:35 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-18 16:21 . 2014-12-18 16:21 -------- d-----w- c:\users\Phalzu\AppData\Roaming\RotMG.Production
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-14 20:28 . 2009-10-14 05:12 113365784 ----a-w- c:\windows\system32\MRT.exe
2015-01-14 17:17 . 2014-10-10 12:10 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-14 17:17 . 2014-10-10 12:10 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-13 20:52 . 2014-10-21 12:47 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2015-01-06 03:36 . 2009-10-14 05:13 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-18 02:01 . 2014-06-07 12:01 1540240 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2014-12-13 10:08 . 2014-09-22 16:25 17264312 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-12-13 10:08 . 2014-07-31 17:09 14128496 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-12-13 10:08 . 2014-06-07 12:05 74056 ----a-w- c:\windows\system32\OpenCL.dll
2014-12-13 10:08 . 2014-06-07 12:05 60560 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-12-13 10:08 . 2014-06-07 12:01 18594432 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-12-13 10:08 . 2014-06-07 12:01 3293136 ----a-w- c:\windows\system32\nvapi64.dll
2014-12-13 08:03 . 2014-06-07 12:05 6859408 ----a-w- c:\windows\system32\nvcpl.dll
2014-12-13 08:03 . 2014-06-07 12:05 3513488 ----a-w- c:\windows\system32\nvsvc64.dll
2014-12-13 08:03 . 2014-06-07 12:05 935240 ----a-w- c:\windows\system32\nvvsvc.exe
2014-12-13 08:03 . 2014-06-07 12:05 62608 ----a-w- c:\windows\system32\nvshext.dll
2014-12-13 08:03 . 2014-06-07 12:05 386368 ----a-w- c:\windows\system32\nvmctray.dll
2014-12-13 08:03 . 2014-06-07 12:05 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2014-12-13 00:12 . 2014-07-09 23:32 1291464 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-12-13 00:12 . 2014-06-07 12:06 2210040 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-12-13 00:12 . 2014-07-09 23:32 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-12-13 00:12 . 2014-06-07 12:06 2824504 ----a-w- c:\windows\system32\nvspcap64.dll
2014-12-12 23:11 . 2014-06-07 12:05 4151176 ----a-w- c:\windows\system32\nvcoproc.bin
2014-12-12 11:42 . 2014-12-12 11:42 20160 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys
2014-12-08 05:48 . 2014-12-12 12:46 28960 ----a-w- c:\windows\system32\RegBootDefrag.exe
2014-12-08 05:47 . 2014-12-12 13:28 118048 ----a-w- c:\windows\system32\BootDefrag.exe
2014-12-04 02:50 . 2014-12-10 12:24 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-10 12:24 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-10 12:24 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-10 12:24 830976 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-10 12:24 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-10 12:24 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-10 12:24 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-10 12:24 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-27 01:43 . 2014-12-10 12:24 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-24 03:47 . 2014-12-12 13:28 17600 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
2014-11-22 10:46 . 2014-06-07 12:01 35472 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-11-22 03:13 . 2014-12-10 12:24 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-10 12:24 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-10 12:24 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-10 12:24 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-10 12:24 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-10 12:24 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-10 12:24 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-10 12:24 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-10 12:24 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-10 12:24 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-10 12:24 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-10 12:24 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-10 12:24 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-10 12:24 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-10 12:24 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-10 12:24 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-10 12:24 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-10 12:24 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-10 12:24 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-10 12:24 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-10 12:24 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-10 12:24 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-10 12:24 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-10 12:24 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-10 12:24 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-10 12:24 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-10 12:24 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-10 12:24 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-10 12:24 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-10 12:24 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-10 12:24 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-10 12:24 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-10 12:24 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-10 12:24 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-10 12:24 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-10 12:24 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-10 12:24 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-10 12:24 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-10 12:24 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-21 23:42 . 2014-06-05 19:39 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-19 11:42 . 2014-06-05 19:39 116728 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-19 11:42 . 2014-06-05 19:39 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-19 11:42 . 2014-11-19 11:42 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-19 11:42 . 2014-06-05 19:39 436624 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-19 11:42 . 2014-06-05 19:39 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-19 11:42 . 2014-06-05 19:39 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-19 11:42 . 2014-06-05 19:39 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-19 11:42 . 2014-06-05 19:39 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-19 11:42 . 2014-11-19 11:42 43152 ----a-w- c:\windows\avastSS.scr
2014-11-19 03:31 . 2014-11-19 03:31 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2014-11-18 16:49 . 2014-06-05 14:37 30528 ----a-w- c:\windows\GVTDrv64.sys
2014-11-18 16:49 . 2014-06-05 14:45 25640 ----a-w- c:\windows\gdrv.sys
2014-11-13 00:20 . 2014-11-18 17:34 1876296 ----a-w- c:\windows\system32\nvdispco6434475.dll
2014-11-13 00:20 . 2014-11-18 17:34 1540424 ----a-w- c:\windows\system32\nvdispgenco6434475.dll
2014-11-11 03:09 . 2014-12-10 12:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-19 10:56 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 10:56 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-10 12:24 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 10:56 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 10:56 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-11 01:46 . 2014-12-10 12:24 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-10 12:22 2048 ----a-w- c:\windows\system32\tzres.dll
2014-11-08 02:45 . 2014-12-10 12:22 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"Akamai NetSession Interface"="c:\users\Phalzu\AppData\Local\Akamai\netsession_win.exe" [2014-10-29 4673432]
"GUDelayStartup"="c:\program files (x86)\Glary Utilities 5\StartupManager.exe" [2015-01-05 37152]
"Viber"="c:\users\Phalzu\AppData\Local\Viber\Viber.exe" [2014-10-20 936656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-09 5227112]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files (x86)\Ralink\Common\RaUI.exe -s [2014-10-31 15661872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk * \0BootDefrag.exe
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys;c:\windows\SYSNATIVE\drivers\BootDefragDriver.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys;c:\program files (x86)\GIGABYTE\ET6\amd64\AODDriver2.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-17 03:54 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.99\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-10 17:17]
.
2015-01-17 c:\windows\Tasks\GlaryInitialize 5.job
- c:\program files (x86)\Glary Utilities 5\Initialize.exe [2015-01-05 05:16]
.
2015-01-12 c:\windows\Tasks\GlaryOneClickOptimizer 5.job
- c:\program files (x86)\Glary Utilities 5\OneClickMaintenance.exe [2015-01-05 05:16]
.
2015-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-05 11:43]
.
2015-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-05 11:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-19 11:42 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Phalzu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-10-26 13213840]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2014-05-19 3100440]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: An OneNote s&enden - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
Trusted Zone: aeriagames.com
FF - ProfilePath - c:\users\Phalzu\AppData\Roaming\Mozilla\Firefox\Profiles\fjay9dam.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1962080147-266859368-1111816681-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:a5,97,e2,b7,82,4b,c9,cb,e0,7e,88,f2,64,44,36,c7,32,35,ed,47,a8,
8f,46,cc,db,53,11,22,43,a7,02,a5,50,d7,e7,74,54,6e,91,e3,70,a6,44,9f,98,f6,\
"rkeysecu"=hex:96,8f,cc,4c,17,03,c7,8e,f5,be,d9,d1,ff,5f,f2,d6
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-01-17 16:31:47
ComboFix-quarantined-files.txt 2015-01-17 15:31
.
Vor Suchlauf: 19 Verzeichnis(se), 79.780.130.816 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 79.480.578.048 Bytes frei
.
- - End Of File - - 3E145275194FCF4B17EFD316A5D8F8CD
A36C5E4F47E84449FF07ED3517B43A31
|
|
17.01.2015, 22:34
| #8 |
| /// the machine /// TB-Ausbilder | Habe img_72938.scr geschickt bekommen... Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.01.2015, 20:15
| #9 |
| | Re 3 oder 4 Sooo nach Internetausfall wieder da. Doofes Telecolumbus :/ Malware Bytes: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 18.01.2015 Suchlauf-Zeit: 19:16:46 Logdatei: Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.01.18.06 Rootkit Datenbank: v2015.01.14.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Phalzu Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 367497 Verstrichene Zeit: 11 Min, 24 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.108 - Bericht erstellt am 20/01/2015 um 19:55:35
# Aktualisiert 17/01/2015 von Xplode
# Database : 2015-01-18.1 [Live]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Phalzu - PHALZU-PC
# Gestartet von : C:\Users\Phalzu\Desktop\AdwCleaner_4.108.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\baidu
Ordner Gelöscht : C:\ProgramData\iWin
Ordner Gelöscht : C:\Users\Public\Documents\baidu
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.best-deals-products.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
Datei Gelöscht : C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
Datei Gelöscht : C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.best-deals-products.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.best-deals-products.com_0.localstorage
Datei Gelöscht : C:\Users\Phalzu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.best-deals-products.com_0.localstorage
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v35.0 (x86 en-US)
-\\ Google Chrome v39.0.2171.99
*************************
AdwCleaner[R0].txt - [2081 octets] - [20/01/2015 18:49:47]
AdwCleaner[S0].txt - [1956 octets] - [20/01/2015 19:55:35]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2016 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Ultimate x64
Ran by Phalzu on 20.01.2015 at 20:01:11,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\Windows\Tasks\GlaryOneClickOptimizer 5.job
~~~ Folders
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.01.2015 at 20:08:58,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 |
|
21.01.2015, 11:16
| #10 |
| /// the machine /// TB-Ausbilder | Habe img_72938.scr geschickt bekommen...ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.02.2015, 20:59
| #11 |
| |  Dankeschön! Bis hierhin ein herzliches danke, guter Support Professionelle hilfe, alles dabei  Da ich mein Pc neu aufgesetzt habe, dürfte sich das Problem erledigt haben. MfG Phalzu |
|
17.02.2015, 11:35
| #12 |
| /// the machine /// TB-Ausbilder | Habe img_72938.scr geschickt bekommen... ok
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Habe img_72938.scr geschickt bekommen... |
| automatisch, avast, bild, datei, desktop, erhalte, free, freunde, guten, img_72938.scr, link, malware, meldung, namens, neue, passwort, passwortsteahler, prüfen, rum, runter, schließen, schnell, steam, steam-passwortsteahler, virus, virustotal, winrar, zusätzlich, ändern |
WARNUNG an die MITLESER: 
Linear-Darstellung
