| |
| |||||||
Log-Analyse und Auswertung: Verdacht das ein Kollege auf mein Pc zugreift + Schädling(e)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.02.2015, 18:15
| #1 |
| |  Verdacht das ein Kollege auf mein Pc zugreift + Schädling(e) Guten Abend trojaner-board Community. Nach Monaten trau ich mich mal im Internet zu fragen was man denn bei einem möglichen "Hacker-Angriff" tun könnte, zumal dieser, in der Schule ,einen Tisch voraus ,neben mir sitzt. Er hatte mir 2 mal den Stundenplan geschickt, war ja auch nichts großes bei dran. Später war mir etwas seltsam, da er Themen ansprach die ich gesehen hatte bzw., sich über sowas verschleiert lustig machte sodass man ihn nicht drauf ansprechen konnte. Da dies wiederholt und in gewissen Abständen auftaucht, wollte ich mal sichergehen. ^^ Ich hoffe ich bin nicht zu Paranoid. ^^ -- Zusätzlich, nachdem ich GMER fertig war, bekam ich einen Bluescreen. ._. Äußerst seltsam... Ich hoffe ich gehe nicht zu sehr auf den Geist. Ich bin bereit alles zu Unternehmen was nötig ist! //Edit: Meine Verbindung ist auch manchmal langsam. :S Vielen Dank für eure Mühe.  Geändert von Doksis (16.02.2015 um 18:28 Uhr) |
|
16.02.2015, 18:32
| #2 |
| /// the machine /// TB-Ausbilder    | Verdacht das ein Kollege auf mein Pc zugreift + Schädling(e) Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
16.02.2015, 18:37
| #3 |
| | Verdacht das ein Kollege auf mein Pc zugreift + Schädling(e) Defogger
__________________Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:19 on 16/02/2015 (Name)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by Name (administrator) on Name-PC on 16-02-2015 17:22:03
Running from C:\Users\Name\Downloads
Loaded Profiles: Name (Available profiles: Name)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Spotify Ltd) C:\Users\Name\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Name\Desktop\Defogger.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-11-29] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1679360 2012-02-28] (Wondershare)
HKU\S-1-5-21-3996372732-1842978374-798520949-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3996372732-1842978374-798520949-1000\...\Run: [Spotify] => C:\Users\Eugen\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-02-06] (Spotify Ltd)
HKU\S-1-5-21-3996372732-1842978374-798520949-1000\...\Run: [Spotify Web Helper] => C:\Users\Eugen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-02-06] (Spotify Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-12] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3996372732-1842978374-798520949-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3996372732-1842978374-798520949-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Eugen\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-12]
FF HKU\S-1-5-21-3996372732-1842978374-798520949-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-12]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-11]
CHR Extension: (Google Docs) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-11]
CHR Extension: (Google Drive) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-11]
CHR Extension: (Fast Proxy) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkjcdfmmpdfjohenejbkaaafkoeknjnh [2014-12-11]
CHR Extension: (YouTube) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-11]
CHR Extension: (Google-Suche) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-11]
CHR Extension: (Google Tabellen) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-11]
CHR Extension: (Stylish) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2015-02-09]
CHR Extension: (AdBlock) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-11]
CHR Extension: (Drive Notepad) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpgjomejfimnbmobcocilppikhncegaj [2014-12-11]
CHR Extension: (Stealthy) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2014-12-31]
CHR Extension: (Build with Chrome) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf [2014-12-11]
CHR Extension: (Google Wallet) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-11]
CHR Extension: (WorkFlowy Bookmark) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknfkolnjpnnnnmafomkfieledeepfdo [2014-12-11]
CHR Extension: (Google Mail) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-11]
CHR Extension: (Writer) - C:\Users\Name\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnengefjfhgcceajaepbjhanoojifmog [2014-12-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814464 2015-02-06] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-01-20] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2015-02-02] (Wondershare)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-16 17:22 - 2015-02-16 17:22 - 00013995 _____ () C:\Users\Name\Downloads\FRST.txt
2015-02-16 17:21 - 2015-02-16 17:22 - 00000000 ____D () C:\FRST
2015-02-16 17:21 - 2015-02-16 17:21 - 02085888 _____ (Farbar) C:\Users\Name\Downloads\FRST64.exe
2015-02-16 17:19 - 2015-02-16 17:19 - 00000472 _____ () C:\Users\Name\Desktop\defogger_disable.log
2015-02-16 17:19 - 2015-02-16 17:19 - 00000000 _____ () C:\Users\Name\defogger_reenable
2015-02-16 17:17 - 2015-02-16 17:17 - 00050477 _____ () C:\Users\Name\Desktop\Defogger.exe
2015-02-15 22:28 - 2015-02-15 22:28 - 00050477 _____ () C:\Users\Name\Downloads\Defogger (1).exe
2015-02-15 22:24 - 2015-02-15 22:24 - 00304857 _____ () C:\Users\Name\Downloads\HijackThis_205.zip
2015-02-15 18:28 - 2015-02-15 18:29 - 15001961 _____ (Maca134 ) C:\Users\Name\Downloads\setup_dzlauncher.exe
2015-02-15 15:34 - 2015-02-15 15:39 - 00000000 ____D () C:\Users\Name\Documents\DayZ
2015-02-15 15:34 - 2015-02-15 15:39 - 00000000 ____D () C:\Users\Name\AppData\Local\DayZ
2015-02-13 20:19 - 2015-02-13 20:19 - 00728300 _____ () C:\Users\Name\Documents\Wireshark.pcapng
2015-02-13 20:05 - 2015-02-13 20:05 - 00001543 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2015-02-13 20:05 - 2015-02-13 20:05 - 00000000 ____D () C:\Program Files\Wireshark
2015-02-12 18:14 - 2015-02-12 18:14 - 00002035 _____ () C:\Users\Name\Documents\Systemanalyse Protokoll.txt
2015-02-12 17:49 - 2015-02-12 17:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2015-02-12 17:48 - 2015-02-12 17:48 - 10995296 _____ (Deutsche Telekom AG, Marmiko IT-Solutions GmbH ) C:\Users\Name\Downloads\netzmanager_setup.exe
2015-02-12 17:48 - 2015-02-12 17:48 - 00000000 ____D () C:\Users\Name\AppData\Local\PackageAware
2015-02-12 17:43 - 2015-02-12 17:43 - 01203488 _____ () C:\Users\Name\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-02-12 14:43 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 14:43 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 14:43 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 14:43 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 14:56 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:56 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:56 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:56 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:56 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:56 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:56 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:56 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:56 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:56 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:56 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:56 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:56 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:56 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:56 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:56 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:56 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:56 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:56 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:56 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:56 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:56 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:56 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:56 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:56 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:56 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:56 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:56 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:56 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:56 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:56 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:56 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:56 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:56 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:56 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:56 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:56 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:56 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:56 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:56 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:56 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:56 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:56 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:56 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:56 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:56 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:56 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:56 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:56 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:56 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:56 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:56 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:55 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:55 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:55 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:55 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:55 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:55 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:55 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:55 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:55 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:55 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:55 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:55 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:55 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:55 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:55 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:55 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:55 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:55 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:55 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:55 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:55 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:55 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:55 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:55 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:55 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:55 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:55 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:55 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 14:55 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:55 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:55 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:55 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 14:55 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:55 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:55 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 14:55 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 14:55 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 14:55 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-09 22:05 - 2015-02-09 22:05 - 05325208 _____ (Piriform Ltd) C:\Users\Eugen\Downloads\ccsetup502.exe
2015-02-08 22:00 - 2015-02-16 13:19 - 00004648 _____ () C:\Windows\setupact.log
2015-02-08 22:00 - 2015-02-08 22:00 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-08 12:14 - 2015-02-13 19:40 - 00000000 ____D () C:\Users\Name\AppData\Roaming\Wondershare
2015-02-08 12:14 - 2015-02-13 19:40 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2015-02-08 12:14 - 2015-02-08 12:14 - 00000000 ____D () C:\Users\Eugen\AppData\Local\Wondershare
2015-02-08 12:14 - 2015-02-02 14:45 - 00029288 _____ (Wondershare) C:\Windows\system32\Drivers\WsAudioDevice_383S(1).sys
2015-02-08 12:13 - 2015-02-08 12:13 - 16116400 _____ (Wondershare ) C:\Users\Name\Downloads\streaming-audio-recorder_full1306.exe
2015-02-06 17:01 - 2015-02-13 16:03 - 00000000 ____D () C:\Users\Name\AppData\Local\Spotify
2015-02-06 17:01 - 2015-02-06 17:01 - 00001767 _____ () C:\Users\Name\Desktop\Spotify.lnk
2015-02-06 17:01 - 2015-02-06 17:01 - 00001753 _____ () C:\Users\Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-02-06 17:00 - 2015-02-16 13:20 - 00000000 ____D () C:\Users\Name\AppData\Roaming\Spotify
2015-02-06 17:00 - 2015-02-06 17:00 - 00137888 _____ (Spotify Ltd) C:\Users\Name\Downloads\SpotifySetup.exe
2015-02-05 18:47 - 2015-02-05 18:47 - 00000000 ____D () C:\ProgramData\Unity
2015-02-05 18:42 - 2015-02-05 18:47 - 00000000 ____D () C:\Users\Name\AppData\Local\Unity
2015-02-05 18:41 - 2015-02-05 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2015-02-05 18:41 - 2015-02-05 18:41 - 00001120 _____ () C:\Users\Public\Desktop\Unity.lnk
2015-02-05 18:41 - 2015-02-05 18:41 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2015-02-05 18:37 - 2015-02-05 18:42 - 00000000 ____D () C:\Program Files (x86)\Unity
2015-02-05 17:17 - 2015-02-05 17:59 - 1548453856 _____ (Unity Technologies ApS) C:\Users\Eugen\Downloads\UnitySetup-4.6.2.exe
2015-02-03 19:44 - 2015-02-03 19:44 - 00003864 _____ () C:\Users\Name\AppData\Local\recently-used.xbel
2015-02-03 19:24 - 2015-02-03 19:32 - 00000000 ____D () C:\Users\Name\AppData\Roaming\Wireshark
2015-02-03 19:24 - 2015-02-03 19:24 - 00001809 _____ () C:\Users\Name\Desktop\Wireshark.lnk
2015-02-03 19:23 - 2015-02-13 20:05 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2015-02-03 19:23 - 2015-02-03 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-02-03 19:22 - 2015-02-03 19:23 - 00000000 ____D () C:\Users\Name\Desktop\geo
2015-02-03 19:15 - 2015-02-16 17:18 - 00000000 ____D () C:\Users\Name\Desktop\desktop müll
2015-02-03 19:12 - 2015-02-03 19:20 - 29826488 _____ (Wireshark development team) C:\Users\Name\Downloads\Wireshark-win64-1.12.3.exe
2015-02-03 18:11 - 2015-02-03 18:12 - 524288000 _____ () C:\Users\Name\Downloads\gtasa.part01.rar
2015-02-03 17:48 - 2015-02-03 17:48 - 04767211 _____ () C:\Users\Name\Downloads\gta sa crack 1.01.rar
2015-02-02 17:37 - 2015-02-02 17:37 - 00056486 _____ () C:\Users\Name\Documents\cc_20150202_173715.reg
2015-02-02 17:32 - 2015-02-09 22:07 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-02 17:32 - 2015-02-09 22:07 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-02 17:32 - 2015-02-02 17:32 - 04188536 _____ (Piriform Ltd) C:\Users\Eugen\Downloads\ccsetup501_slim.exe
2015-02-02 17:32 - 2015-02-02 17:32 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-02-02 17:32 - 2015-02-02 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-02 14:09 - 2015-02-02 14:11 - 00000000 ____D () C:\ProgramData\Max Secure
2015-02-01 20:42 - 2015-02-01 20:42 - 00523720 _____ (Max Secure Software) C:\Users\Name\Downloads\maxspywaredetectordm.exe
2015-02-01 20:42 - 2015-02-01 20:42 - 00000000 ____D () C:\Users\Name\AppData\Local\Max Secure Software
2015-02-01 20:36 - 2015-02-01 20:36 - 00000269 _____ () C:\Users\Name\Downloads\gold.cgi
2015-02-01 20:36 - 2015-02-01 20:36 - 00000269 _____ () C:\Users\Name\Downloads\gold (1).cgi
2015-02-01 20:26 - 2015-02-01 20:26 - 02696840 _____ () C:\Users\Name\Documents\Panorama.veg
2015-01-31 22:01 - 2015-01-31 22:01 - 30653552 _____ (DVDVideoSoft Ltd. ) C:\Users\Name\Downloads\FreeAudioConverter.exe
2015-01-31 18:57 - 2015-01-31 18:57 - 00000000 ____D () C:\Users\Name\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-01-30 21:10 - 2015-01-30 21:10 - 00000000 ____D () C:\Users\Name\AppData\Local\Doctor Entertainment AB
2015-01-29 21:26 - 2015-01-29 21:26 - 00236092 _____ () C:\Users\Name\Documents\gillette.mxf
2015-01-29 21:26 - 2015-01-29 21:26 - 00000082 _____ () C:\Users\Name\Documents\gillette.mxf.sfl
2015-01-29 20:44 - 2015-01-29 20:44 - 00384413 _____ () C:\Users\Name\Documents\hqdefault.xcf
2015-01-29 20:18 - 2015-02-01 20:18 - 00170224 _____ () C:\Users\Name\Documents\gillette.veg
2015-01-29 20:18 - 2015-01-31 23:14 - 00170224 _____ () C:\Users\Name\Documents\gillette.veg.bak
2015-01-26 13:19 - 2015-01-26 13:19 - 00639400 _____ (Oracle Corporation) C:\Users\Name\Downloads\chromeinstall-8u31.exe
2015-01-26 11:56 - 2015-01-26 11:56 - 01188194 _____ () C:\Users\Name\Downloads\ProcessExplorer_1604.zip
2015-01-26 11:50 - 2009-07-14 05:54 - 00001280 _____ () C:\Users\Name\Desktop\Command Prompt.lnk
2015-01-25 19:50 - 2015-01-25 19:50 - 00000000 ____D () C:\Users\Name\AppData\Roaming\.minecraft
2015-01-25 18:55 - 2015-01-25 20:21 - 262144000 _____ () C:\Users\Name\Downloads\Image11.0.3.part1.rar
2015-01-22 14:00 - 2015-01-22 14:00 - 00000000 ____D () C:\Users\Name\AppData\Roaming\.StarMade
2015-01-21 15:23 - 2015-01-21 15:23 - 00000000 ____D () C:\Users\Name\AppData\Local\DCS
2015-01-20 18:21 - 2015-01-24 18:52 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-20 18:21 - 2015-01-24 18:52 - 00000000 ____D () C:\Program Files\Java
2015-01-20 14:53 - 2015-01-20 14:54 - 92658088 _____ (Oracle Corporation) C:\Users\Name\Downloads\jre-8u25-windows-x64.exe
2015-01-20 14:23 - 2015-02-05 22:40 - 00000000 ____D () C:\Users\Name\Documents\FTB
2015-01-20 14:22 - 2015-02-05 22:41 - 00000000 ____D () C:\Users\Name\AppData\Local\ftblauncher
2015-01-20 14:22 - 2015-01-20 14:23 - 00000000 ____D () C:\Users\Name\AppData\Roaming\ftblauncher
2015-01-20 14:21 - 2015-01-20 14:22 - 06619054 _____ () C:\Users\Name\Desktop\FTB_Launcher.exe
2015-01-18 16:47 - 2015-01-18 16:48 - 00000000 ____D () C:\Users\Name\Documents\PlanetExplorers
2015-01-18 14:24 - 2015-01-18 14:24 - 00000000 ____D () C:\Users\Name\AppData\Local\Targem
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-16 17:19 - 2014-12-11 15:36 - 00000000 ____D () C:\Users\Name
2015-02-16 17:10 - 2014-12-11 15:54 - 00000000 ____D () C:\Users\Name\AppData\Roaming\Skype
2015-02-16 17:01 - 2014-12-11 15:50 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-16 16:51 - 2014-12-11 15:18 - 01359958 _____ () C:\Windows\WindowsUpdate.log
2015-02-16 13:26 - 2009-07-14 05:45 - 00014912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-16 13:26 - 2009-07-14 05:45 - 00014912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-16 13:25 - 2009-07-14 18:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-02-16 13:25 - 2009-07-14 18:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-02-16 13:25 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-16 13:19 - 2014-12-11 16:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-16 13:19 - 2014-12-11 15:50 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-16 13:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 22:25 - 2014-12-11 15:37 - 00000000 ____D () C:\Users\Name\AppData\Local\VirtualStore
2015-02-15 21:45 - 2014-12-11 16:49 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-15 21:39 - 2015-01-10 14:21 - 00000000 ____D () C:\Users\Name\AppData\Roaming\TS3Client
2015-02-15 18:30 - 2014-12-21 17:53 - 00000000 ____D () C:\Program Files (x86)\DayZLauncher
2015-02-15 18:29 - 2014-12-21 17:53 - 00001055 _____ () C:\Users\Public\Desktop\DayZLauncher.lnk
2015-02-15 18:29 - 2014-12-21 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DayZLauncher
2015-02-15 15:33 - 2014-12-15 21:10 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-13 22:34 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-13 22:14 - 2014-09-27 10:05 - 00000000 ___RD () C:\Users\Name\Desktop\Alles
2015-02-13 22:01 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-13 19:34 - 2014-12-30 01:23 - 00000000 ____D () C:\Users\Name\.gimp-2.8
2015-02-12 22:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-11 16:45 - 2009-07-14 05:45 - 00295360 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 16:16 - 2014-12-11 16:26 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-11 16:14 - 2014-12-12 19:31 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 16:11 - 2014-12-12 19:31 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-07 23:56 - 2014-12-11 15:50 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 23:56 - 2014-12-11 15:50 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-07 19:42 - 2014-12-22 11:59 - 00000000 ____D () C:\Users\Name\Documents\my games
2015-02-06 21:56 - 2014-12-11 15:51 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-05 18:47 - 2015-01-02 23:29 - 00000000 ____D () C:\Users\Name\AppData\Roaming\Apple Computer
2015-02-05 18:47 - 2015-01-02 23:29 - 00000000 ____D () C:\Users\Name\AppData\Local\Apple Computer
2015-02-03 19:32 - 2014-12-30 01:24 - 00000000 ____D () C:\Users\Name\AppData\Local\gtk-2.0
2015-02-02 17:39 - 2014-12-11 15:11 - 00000000 ____D () C:\Windows\Panther
2015-02-02 15:22 - 2014-12-11 15:49 - 00064416 _____ () C:\Users\Name\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-31 22:01 - 2014-12-12 17:36 - 00001241 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-01-31 22:01 - 2014-12-12 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-01-31 22:01 - 2014-12-12 17:35 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-01-31 22:01 - 2014-12-12 17:34 - 00000000 ____D () C:\Users\Name\AppData\Roaming\DVDVideoSoft
2015-01-29 21:26 - 2014-12-17 13:19 - 00000000 ____D () C:\Users\Name\AppData\Roaming\Sony
2015-01-25 18:53 - 2014-12-20 15:05 - 00000000 ____D () C:\Program Files (x86)\DSPRobotics
2015-01-25 18:52 - 2014-12-20 15:07 - 00000000 ____D () C:\Program Files (x86)\VstPlugins
2015-01-25 18:52 - 2014-12-20 15:05 - 00000000 ____D () C:\Users\Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2015-01-24 18:53 - 2014-12-11 16:01 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-24 18:52 - 2014-12-11 16:01 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-24 18:51 - 2014-12-11 16:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-23 20:48 - 2014-12-20 15:16 - 00000000 ____D () C:\Users\Name\AppData\Roaming\SongManager
2015-01-20 18:24 - 2014-12-17 13:18 - 00008344 _____ () C:\Users\Name\Downloads\detekt.log
==================== Files in the root of some directories =======
2015-02-03 19:44 - 2015-02-03 19:44 - 0003864 _____ () C:\Users\Name\AppData\Local\recently-used.xbel
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-14 21:37
==================== End Of Log ============================
Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015
Ran by Eugen at 2015-02-16 17:22:53
Running from C:\Users\Name\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AirMech (HKLM-x32\...\Steam App 206500) (Version: - Carbon Games)
Archeage (HKLM-x32\...\Glyph Archeage) (Version: - Trion Worlds, Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.9.0 - Asmedia Technology)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DayZLauncher version 0.0.0.13 (HKLM-x32\...\{E31045B4-9DB5-9EBD-44DF-BD4E6CFD40DF}_is1) (Version: 0.0.0.13 - Maca134)
DayZLauncher version 0.0.0.7 (HKLM-x32\...\{E31045B4-9DB5-44DF-9EBD-BD4CFDE640FD}_is1) (Version: 0.0.0.7 - Maca134)
Destination Sol (HKLM-x32\...\Steam App 342980) (Version: - Milosh Petrov)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.2 - Bloodshed Software)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
DYNASTY WARRIORS 8: Xtreme Legends Complete Edition (HKLM-x32\...\Steam App 278080) (Version: - KOEI TECMO GAMES CO., LTD.)
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Audio Converter version 5.0.56.128 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.56.128 - DVDVideoSoft Ltd.)
Free Studio version 6.4.1.1215 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.1.1215 - DVDVideoSoft Ltd.)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2013 Sprachpaket (DEU) - v1.3 (x32 Version: 1.3.21014.1603 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GRAV (HKLM-x32\...\Steam App 332500) (Version: - BitMonster, Inc.)
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version: - Muse Games)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LEGO MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version: - Traveller's Tales)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.41012.0) (HKLM-x32\...\{79AB8378-D661-4021-9941-FE5F4AEB57BB}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU mit Update 4 (HKLM-x32\...\{74d92646-2565-4a60-8008-448470da91db}) (Version: 12.0.31101.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{9408684F-E1CC-4D2E-AE15-886023557682}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{B9A7B46F-0120-406B-9A12-3AD1DCC94D97}) (Version: 12.0.2000.8 - Microsoft Corporation)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
Planet Explorers (HKLM-x32\...\Steam App 237870) (Version: - Pathea Games)
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6516 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version: - Trion Worlds)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3996372732-1842978374-798520949-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version: - Gas Powered Games)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version: 4.6.2f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3996372732-1842978374-798520949-1000\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D2FD5391-6A9B-11E4-BBC6-F04DA23A5C58}) (Version: 13.0.428 - Sony)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wireshark 1.12.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.3 - The Wireshark developer community, hxxp://www.wireshark.org)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
14-02-2015 21:44:34 Geplanter Prüfpunkt
15-02-2015 15:32:56 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
15-02-2015 15:33:17 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-01-14 16:35 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {6BA58FF6-914B-4E19-A31E-26C48262BD2C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {71BD768F-7D2B-4FD3-9479-8B01896FD169} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-11] (Google Inc.)
Task: {76626273-9D1A-45F0-8B8E-62182A6EF2E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-11] (Google Inc.)
Task: {E198D5DD-FDA1-43D2-A185-28A75839A94B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-12-11 16:28 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-21 03:06 - 2015-01-21 03:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-02-16 17:17 - 2015-02-16 17:17 - 00050477 _____ () C:\Users\Eugen\Desktop\Defogger.exe
2015-02-06 21:56 - 2015-02-04 10:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-06 21:56 - 2015-02-04 10:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-06 21:56 - 2015-02-04 10:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
2014-12-13 17:15 - 2014-12-13 17:15 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2014-12-11 15:44 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-12-11 15:43 - 2012-01-20 04:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3996372732-1842978374-798520949-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Name\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3996372732-1842978374-798520949-500 - Administrator - Disabled)
Eugen (S-1-5-21-3996372732-1842978374-798520949-1000 - Administrator - Enabled) => C:\Users\Name
Gast (S-1-5-21-3996372732-1842978374-798520949-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/13/2015 07:34:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm gimp-2.8.exe, Version 2.8.14.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2550
Startzeit: 01d047bba5c053b0
Endzeit: 1
Anwendungspfad: C:\Program Files\GIMP 2\bin\gimp-2.8.exe
Berichts-ID: edf772fe-b3ae-11e4-88b2-8c89a5c734ab
Error: (02/13/2015 04:10:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ts3client_win64.exe, Version 3.0.16.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 32c
Startzeit: 01d0479ef610e357
Endzeit: 2
Anwendungspfad: C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
Berichts-ID: 64269f20-b392-11e4-88b2-8c89a5c734ab
Error: (02/08/2015 00:57:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (02/08/2015 00:20:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpotifyWebHelper.exe, Version: 0.9.15.27, Zeitstempel: 0x54803b75
Name des fehlerhaften Moduls: SpotifyWebHelper.exe, Version: 0.9.15.27, Zeitstempel: 0x54803b75
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012397
ID des fehlerhaften Prozesses: 0x964
Startzeit der fehlerhaften Anwendung: 0xSpotifyWebHelper.exe0
Pfad der fehlerhaften Anwendung: SpotifyWebHelper.exe1
Pfad des fehlerhaften Moduls: SpotifyWebHelper.exe2
Berichtskennung: SpotifyWebHelper.exe3
Error: (02/07/2015 02:02:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (02/06/2015 09:57:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpotifyWebHelper.exe, Version: 0.9.15.27, Zeitstempel: 0x54803b75
Name des fehlerhaften Moduls: SpotifyWebHelper.exe, Version: 0.9.15.27, Zeitstempel: 0x54803b75
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000063c3
ID des fehlerhaften Prozesses: 0xc6c
Startzeit der fehlerhaften Anwendung: 0xSpotifyWebHelper.exe0
Pfad der fehlerhaften Anwendung: SpotifyWebHelper.exe1
Pfad des fehlerhaften Moduls: SpotifyWebHelper.exe2
Berichtskennung: SpotifyWebHelper.exe3
Error: (02/06/2015 04:52:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (02/05/2015 02:34:31 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (02/04/2015 03:00:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (02/04/2015 01:55:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
System errors:
=============
Error: (02/13/2015 10:24:34 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (02/13/2015 07:34:05 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {6E993643-8FBC-44FE-BC85-D318495C4D96}
Error: (02/12/2015 08:17:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (02/09/2015 03:22:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (02/02/2015 03:21:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MaxMerger" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/02/2015 03:21:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MaxWatchDogService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/24/2015 01:16:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/24/2015 01:16:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (01/20/2015 02:12:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/20/2015 02:12:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Microsoft Office Sessions:
=========================
Error: (02/13/2015 07:34:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: gimp-2.8.exe2.8.14.0255001d047bba5c053b01C:\Program Files\GIMP 2\bin\gimp-2.8.exeedf772fe-b3ae-11e4-88b2-8c89a5c734ab
Error: (02/13/2015 04:10:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ts3client_win64.exe3.0.16.032c01d0479ef610e3572C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe64269f20-b392-11e4-88b2-8c89a5c734ab
Error: (02/08/2015 00:57:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe
Error: (02/08/2015 00:20:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpotifyWebHelper.exe0.9.15.2754803b75SpotifyWebHelper.exe0.9.15.2754803b75c00000050001239796401d0438f6e4424ffC:\Users\Eugen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Users\Eugen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe810ad5a5-af84-11e4-986b-8c89a5c734ab
Error: (02/07/2015 02:02:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe
Error: (02/06/2015 09:57:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpotifyWebHelper.exe0.9.15.2754803b75SpotifyWebHelper.exe0.9.15.2754803b75c0000005000063c3c6c01d0424e7fcb7aaaC:\Users\Eugen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Users\Eugen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeb28b1317-ae42-11e4-a635-8c89a5c734ab
Error: (02/06/2015 04:52:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe
Error: (02/05/2015 02:34:31 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe
Error: (02/04/2015 03:00:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe
Error: (02/04/2015 01:55:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files\CCleaner\CCleaner.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 29%
Total physical RAM: 8158.89 MB
Available physical RAM: 5722.48 MB
Total Pagefile: 16315.98 MB
Available Pagefile: 13575.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:880.41 GB) (Free:482.48 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1FE9121A)
Partition 1: (Active) - (Size=880.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1 GB) - (Type=12)
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-02-16 17:35:14
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.MS2O 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Name\AppData\Local\Temp\agloapow.sys
---- User code sections - GMER 2.1 ----
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000077031401 2 bytes JMP 772eb21b C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000077031419 2 bytes JMP 772eb346 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000077031431 2 bytes JMP 77368ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007703144a 2 bytes CALL 772c48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000770314dd 2 bytes JMP 773687a2 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000770314f5 2 bytes JMP 77368978 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007703150d 2 bytes JMP 77368698 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000077031525 2 bytes JMP 77368a62 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007703153d 2 bytes JMP 772dfca8 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000077031555 2 bytes JMP 772e68ef C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007703156d 2 bytes JMP 77368f61 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000077031585 2 bytes JMP 77368ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007703159d 2 bytes JMP 7736865c C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000770315b5 2 bytes JMP 772dfd41 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000770315cd 2 bytes JMP 772eb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000770316b2 2 bytes JMP 77368e24 C:\Windows\syswow64\kernel32.dll
.text C:\Users\Name\Desktop\Defogger.exe[6952] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000770316bd 2 bytes JMP 773685f1 C:\Windows\syswow64\kernel32.dll
---- Processes - GMER 2.1 ----
Library C:\Users\Name\Downloads\FRST64.exe (*** suspicious ***) @ C:\Users\Name\Downloads\FRST64.exe [6628] 000000013f690000
---- EOF - GMER 2.1 ----
 |
|
17.02.2015, 08:29
| #4 | |
| /// the machine /// TB-Ausbilder | Verdacht das ein Kollege auf mein Pc zugreift + Schädling(e)Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.02.2015, 13:53
| #5 |
| | Verdacht das ein Kollege auf mein Pc zugreift + Schädling(e) Ich habe diese deinstalliert Dazu nochmal FRST rüber fahren lassen. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by Eugen (administrator) on NAME-PC on 17-02-2015 13:40:25
Running from C:\Users\NAME\Desktop
Loaded Profiles: NAME (Available profiles: NAME)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Spotify Ltd) C:\Users\NAME\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-11-29] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1679360 2012-02-28] (Wondershare)
HKU\S-1-5-21-3996372732-1842978374-798520949-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3996372732-1842978374-798520949-1000\...\Run: [Spotify] => C:\Users\NAME\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-02-06] (Spotify Ltd)
HKU\S-1-5-21-3996372732-1842978374-798520949-1000\...\Run: [Spotify Web Helper] => C:\Users\NAME\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-02-06] (Spotify Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-12] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3996372732-1842978374-798520949-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3996372732-1842978374-798520949-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\NAME\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-12]
FF HKU\S-1-5-21-3996372732-1842978374-798520949-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-12-12]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-11]
CHR Extension: (Google Docs) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-11]
CHR Extension: (Google Drive) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-11]
CHR Extension: (Fast Proxy) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkjcdfmmpdfjohenejbkaaafkoeknjnh [2014-12-11]
CHR Extension: (YouTube) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-11]
CHR Extension: (Google-Suche) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-11]
CHR Extension: (Google Tabellen) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-11]
CHR Extension: (Stylish) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2015-02-09]
CHR Extension: (AdBlock) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-11]
CHR Extension: (Drive Notepad) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpgjomejfimnbmobcocilppikhncegaj [2014-12-11]
CHR Extension: (Stealthy) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2014-12-31]
CHR Extension: (Build with Chrome) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf [2014-12-11]
CHR Extension: (Google Wallet) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-11]
CHR Extension: (WorkFlowy Bookmark) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknfkolnjpnnnnmafomkfieledeepfdo [2014-12-11]
CHR Extension: (Google Mail) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-11]
CHR Extension: (Writer) - C:\Users\NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnengefjfhgcceajaepbjhanoojifmog [2014-12-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [814464 2015-02-06] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-01-20] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2015-02-02] (Wondershare)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-17 13:28 - 2015-02-17 13:28 - 00000168 _____ () C:\Windows\setupact.log
2015-02-17 13:28 - 2015-02-17 13:28 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-16 18:34 - 2015-02-16 18:34 - 00041050 _____ () C:\Users\NAME\Downloads\FRST.txt
2015-02-16 18:34 - 2015-02-16 18:34 - 00003738 _____ () C:\Users\NAME\Downloads\Gmer.txt
2015-02-16 18:34 - 2015-02-16 18:34 - 00000472 _____ () C:\Users\NAME\Downloads\defogger_disable.log
2015-02-16 17:44 - 2015-02-16 21:14 - 00000000 ____D () C:\Windows\Minidump
2015-02-16 17:42 - 2015-02-16 18:02 - 00000244 _____ () C:\Users\NAME\Desktop\defogger_enable.log
2015-02-16 17:35 - 2015-02-16 17:46 - 00003738 _____ () C:\Users\NAME\Desktop\Gmer.txt
2015-02-16 17:25 - 2015-02-16 17:25 - 00380416 _____ () C:\Users\NAME\Desktop\Gmer-19357.exe
2015-02-16 17:22 - 2015-02-17 13:40 - 00013452 _____ () C:\Users\NAME\Desktop\FRST.txt
2015-02-16 17:22 - 2015-02-16 18:01 - 00036475 _____ () C:\Users\NAME\Desktop\Addition.txt
2015-02-16 17:21 - 2015-02-17 13:40 - 00000000 ____D () C:\FRST
2015-02-16 17:21 - 2015-02-16 17:21 - 02085888 _____ (Farbar) C:\Users\NAME\Desktop\FRST64.exe
2015-02-16 17:19 - 2015-02-16 18:02 - 00000472 _____ () C:\Users\NAME\Desktop\defogger_disable.log
2015-02-16 17:17 - 2015-02-16 17:17 - 00050477 _____ () C:\Users\NAME\Desktop\Defogger.exe
2015-02-15 22:28 - 2015-02-15 22:28 - 00050477 _____ () C:\Users\NAME\Downloads\Defogger (1).exe
2015-02-15 22:24 - 2015-02-15 22:24 - 00304857 _____ () C:\Users\NAME\Downloads\HijackThis_205.zip
2015-02-15 18:28 - 2015-02-15 18:29 - 15001961 _____ (Maca134 ) C:\Users\NAME\Downloads\setup_dzlauncher.exe
2015-02-15 15:34 - 2015-02-15 15:39 - 00000000 ____D () C:\Users\NAME\Documents\DayZ
2015-02-15 15:34 - 2015-02-15 15:39 - 00000000 ____D () C:\Users\NAME\AppData\Local\DayZ
2015-02-13 20:19 - 2015-02-13 20:19 - 00728300 _____ () C:\Users\NAME\Documents\Wireshark.pcapng
2015-02-13 20:05 - 2015-02-13 20:05 - 00001543 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2015-02-13 20:05 - 2015-02-13 20:05 - 00000000 ____D () C:\Program Files\Wireshark
2015-02-12 18:14 - 2015-02-12 18:14 - 00002035 _____ () C:\Users\NAME\Documents\Systemanalyse Protokoll.txt
2015-02-12 17:49 - 2015-02-12 17:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE
2015-02-12 17:48 - 2015-02-12 17:48 - 10995296 _____ (Deutsche Telekom AG, Marmiko IT-Solutions GmbH ) C:\Users\NAME\Downloads\netzmanager_setup.exe
2015-02-12 17:48 - 2015-02-12 17:48 - 00000000 ____D () C:\Users\NAME\AppData\Local\PackageAware
2015-02-12 17:43 - 2015-02-12 17:43 - 01203488 _____ () C:\Users\NAME\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-02-12 14:43 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 14:43 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 14:43 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 14:43 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 14:56 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:56 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:56 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:56 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 14:56 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 14:56 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 14:56 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:56 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:56 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 14:56 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:56 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 14:56 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 14:56 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 14:56 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 14:56 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 14:56 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:56 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 14:56 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 14:56 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:56 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 14:56 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:56 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 14:56 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:56 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 14:56 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 14:56 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:56 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 14:56 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:56 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 14:56 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 14:56 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 14:56 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 14:56 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:56 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:56 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:56 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 14:56 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:56 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:56 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 14:56 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 14:56 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 14:56 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 14:56 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:56 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:56 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:56 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 14:56 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:56 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:56 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:56 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:56 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:56 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 14:56 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 14:55 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:55 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 14:55 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:55 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 14:55 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 14:55 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 14:55 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 14:55 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 14:55 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:55 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 14:55 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:55 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:55 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:55 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 14:55 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:55 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 14:55 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:55 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:55 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:55 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 14:55 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 14:55 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 14:55 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 14:55 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 14:55 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 14:55 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:55 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:55 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 14:55 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:55 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:55 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:55 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 14:55 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:55 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:55 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 14:55 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 14:55 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 14:55 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-09 22:05 - 2015-02-09 22:05 - 05325208 _____ (Piriform Ltd) C:\Users\NAME\Downloads\ccsetup502.exe
2015-02-08 12:14 - 2015-02-13 19:40 - 00000000 ____D () C:\Users\NAME\AppData\Roaming\Wondershare
2015-02-08 12:14 - 2015-02-13 19:40 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2015-02-08 12:14 - 2015-02-08 12:14 - 00000000 ____D () C:\Users\NAME\AppData\Local\Wondershare
2015-02-08 12:14 - 2015-02-02 14:45 - 00029288 _____ (Wondershare) C:\Windows\system32\Drivers\WsAudioDevice_383S(1).sys
2015-02-08 12:13 - 2015-02-08 12:13 - 16116400 _____ (Wondershare ) C:\Users\NAME\Downloads\streaming-audio-recorder_full1306.exe
2015-02-06 17:01 - 2015-02-16 18:03 - 00000000 ____D () C:\Users\NAME\AppData\Local\Spotify
2015-02-06 17:01 - 2015-02-06 17:01 - 00001767 _____ () C:\Users\NAME\Desktop\Spotify.lnk
2015-02-06 17:01 - 2015-02-06 17:01 - 00001753 _____ () C:\Users\NAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-02-06 17:00 - 2015-02-17 13:30 - 00000000 ____D () C:\Users\NAME\AppData\Roaming\Spotify
2015-02-06 17:00 - 2015-02-06 17:00 - 00137888 _____ (Spotify Ltd) C:\Users\NAME\Downloads\SpotifySetup.exe
2015-02-05 18:47 - 2015-02-05 18:47 - 00000000 ____D () C:\ProgramData\Unity
2015-02-05 18:42 - 2015-02-05 18:47 - 00000000 ____D () C:\Users\NAME\AppData\Local\Unity
2015-02-05 18:41 - 2015-02-05 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2015-02-05 18:41 - 2015-02-05 18:41 - 00001120 _____ () C:\Users\Public\Desktop\Unity.lnk
2015-02-05 18:41 - 2015-02-05 18:41 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2015-02-05 18:37 - 2015-02-05 18:42 - 00000000 ____D () C:\Program Files (x86)\Unity
2015-02-05 17:17 - 2015-02-05 17:59 - 1548453856 _____ (Unity Technologies ApS) C:\Users\NAME\Downloads\UnitySetup-4.6.2.exe
2015-02-03 19:44 - 2015-02-03 19:44 - 00003864 _____ () C:\Users\NAME\AppData\Local\recently-used.xbel
2015-02-03 19:24 - 2015-02-03 19:32 - 00000000 ____D () C:\Users\NAME\AppData\Roaming\Wireshark
2015-02-03 19:24 - 2015-02-03 19:24 - 00001809 _____ () C:\Users\NAME\Desktop\Wireshark.lnk
2015-02-03 19:23 - 2015-02-13 20:05 - 00000000 ____D () C:\Program Files (x86)\WinPcap
2015-02-03 19:23 - 2015-02-03 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-02-03 19:22 - 2015-02-03 19:23 - 00000000 ____D () C:\Users\NAME\Desktop\geo
2015-02-03 19:15 - 2015-02-16 20:15 - 00000000 ____D () C:\Users\NAME\Desktop\desktop müll
2015-02-03 19:12 - 2015-02-03 19:20 - 29826488 _____ (Wireshark development team) C:\Users\NAME\Downloads\Wireshark-win64-1.12.3.exe
2015-02-03 18:11 - 2015-02-03 18:12 - 524288000 _____ () C:\Users\NAME\Downloads\gtasa.part01.rar
2015-02-03 17:48 - 2015-02-03 17:48 - 04767211 _____ () C:\Users\NAME\Downloads\gta sa crack 1.01.rar
2015-02-02 17:37 - 2015-02-02 17:37 - 00056486 _____ () C:\Users\NAME\Documents\cc_20150202_173715.reg
2015-02-02 17:32 - 2015-02-09 22:07 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-02 17:32 - 2015-02-09 22:07 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-02 17:32 - 2015-02-02 17:32 - 04188536 _____ (Piriform Ltd) C:\Users\NAME\Downloads\ccsetup501_slim.exe
2015-02-02 17:32 - 2015-02-02 17:32 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-02-02 17:32 - 2015-02-02 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-02 14:09 - 2015-02-02 14:11 - 00000000 ____D () C:\ProgramData\Max Secure
2015-02-01 20:42 - 2015-02-01 20:42 - 00523720 _____ (Max Secure Software) C:\Users\NAME\Downloads\maxspywaredetectordm.exe
2015-02-01 20:42 - 2015-02-01 20:42 - 00000000 ____D () C:\Users\NAME\AppData\Local\Max Secure Software
2015-02-01 20:26 - 2015-02-01 20:26 - 02696840 _____ () C:\Users\NAME\Documents\Panorama.veg
2015-01-31 22:01 - 2015-01-31 22:01 - 30653552 _____ (DVDVideoSoft Ltd. ) C:\Users\NAME\Downloads\FreeAudioConverter.exe
2015-01-31 18:57 - 2015-01-31 18:57 - 00000000 ____D () C:\Users\NAME\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-01-30 21:10 - 2015-01-30 21:10 - 00000000 ____D () C:\Users\NAME\AppData\Local\Doctor Entertainment AB
2015-01-29 21:26 - 2015-01-29 21:26 - 00236092 _____ () C:\Users\NAME\Documents\gillette.mxf
2015-01-29 21:26 - 2015-01-29 21:26 - 00000082 _____ () C:\Users\NAME\Documents\gillette.mxf.sfl
2015-01-29 20:44 - 2015-01-29 20:44 - 00384413 _____ () C:\Users\NAME\Documents\hqdefault.xcf
2015-01-29 20:18 - 2015-02-01 20:18 - 00170224 _____ () C:\Users\NAME\Documents\gillette.veg
2015-01-29 20:18 - 2015-01-31 23:14 - 00170224 _____ () C:\Users\NAME\Documents\gillette.veg.bak
2015-01-26 13:19 - 2015-01-26 13:19 - 00639400 _____ (Oracle Corporation) C:\Users\NAME\Downloads\chromeinstall-8u31.exe
2015-01-26 11:56 - 2015-01-26 11:56 - 01188194 _____ () C:\Users\NAME\Downloads\ProcessExplorer_1604.zip
2015-01-26 11:50 - 2009-07-14 05:54 - 00001280 _____ () C:\Users\NAME\Desktop\Command Prompt.lnk
2015-01-25 19:50 - 2015-01-25 19:50 - 00000000 ____D () C:\Users\NAME\AppData\Roaming\.minecraft
2015-01-25 18:55 - 2015-01-25 20:21 - 262144000 _____ () C:\Users\NAME\Downloads\Image11.0.3.part1.rar
2015-01-22 14:00 - 2015-01-22 14:00 - 00000000 ____D () C:\Users\NAME\AppData\Roaming\.StarMade
2015-01-21 15:23 - 2015-01-21 15:23 - 00000000 ____D () C:\Users\NAME\AppData\Local\DCS
2015-01-20 18:21 - 2015-01-24 18:52 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-20 18:21 - 2015-01-24 18:52 - 00000000 ____D () C:\Program Files\Java
2015-01-20 14:53 - 2015-01-20 14:54 - 92658088 _____ (Oracle Corporation) C:\Users\NAME\Downloads\jre-8u25-windows-x64.exe
2015-01-20 14:23 - 2015-02-16 20:48 - 00000000 ____D () C:\Users\NAME\Documents\FTB
2015-01-20 14:22 - 2015-02-16 20:56 - 00000000 ____D () C:\Users\NAME\AppData\Local\ftblauncher
2015-01-20 14:22 - 2015-01-20 14:23 - 00000000 ____D () C:\Users\NAME\AppData\Roaming\ftblauncher
2015-01-20 14:21 - 2015-01-20 14:22 - 06619054 _____ () C:\Users\NAME\Desktop\FTB_Launcher.exe
2015-01-18 16:47 - 2015-01-18 16:48 - 00000000 ____D () C:\Users\NAME\Documents\PlanetExplorers
2015-01-18 14:24 - 2015-01-18 14:24 - 00000000 ____D () C:\Users\NAME\AppData\Local\Targem
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-17 13:35 - 2009-07-14 05:45 - 00014912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-17 13:35 - 2009-07-14 05:45 - 00014912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-17 13:34 - 2015-01-14 16:33 - 00000000 ____D () C:\Program Files\Adobe
2015-02-17 13:34 - 2009-07-14 18:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-02-17 13:34 - 2009-07-14 18:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-02-17 13:34 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-17 13:33 - 2014-12-11 15:18 - 01416212 _____ () C:\Windows\WindowsUpdate.log
2015-02-17 13:28 - 2014-12-11 16:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-17 13:28 - 2014-12-11 15:50 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-17 13:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-16 21:21 - 2015-01-10 14:21 - 00000000 ____D () C:\Users\NAME\AppData\Roaming\TS3Client
2015-02-16 21:21 - 2014-12-11 16:49 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-16 21:01 - 2014-12-11 15:50 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-16 20:44 - 2014-12-11 15:54 - 00000000 ____D () C:\Users\NAME\AppData\Roaming\Skype
2015-02-16 17:42 - 2014-12-11 15:36 - 00000000 ____D () C:\Users\NAME
2015-02-16 17:36 - 2014-12-11 15:39 - 00000000 ____D () C:\Users\NAME\Documents\Apowersoft Free Audio Recorder
2015-02-15 22:25 - 2014-12-11 15:37 - 00000000 ____D () C:\Users\NAME\AppData\Local\VirtualStore
2015-02-15 18:30 - 2014-12-21 17:53 - 00000000 ____D () C:\Program Files (x86)\DayZLauncher
2015-02-15 18:29 - 2014-12-21 17:53 - 00001055 _____ () C:\Users\Public\Desktop\DayZLauncher.lnk
2015-02-15 18:29 - 2014-12-21 17:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DayZLauncher
2015-02-15 15:33 - 2014-12-15 21:10 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-13 22:34 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-13 22:14 - 2014-09-27 10:05 - 00000000 ___RD () C:\Users\NAME\Desktop\Alles
2015-02-13 22:01 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-13 19:34 - 2014-12-30 01:23 - 00000000 ____D () C:\Users\NAME\.gimp-2.8
2015-02-12 22:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-11 16:45 - 2009-07-14 05:45 - 00295360 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 16:16 - 2014-12-11 16:26 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-11 16:14 - 2014-12-12 19:31 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 16:11 - 2014-12-12 19:31 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-07 23:56 - 2014-12-11 15:50 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 23:56 - 2014-12-11 15:50 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-07 19:42 - 2014-12-22 11:59 - 00000000 ____D () C:\Users\NAME\Documents\my games
2015-02-06 21:56 - 2014-12-11 15:51 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-05 18:47 - 2015-01-02 23:29 - 00000000 ____D () C:\Users\NAME\AppData\Roaming\Apple Computer
2015-02-05 18:47 - 2015-01-02 23:29 - 00000000 ____D () C:\Users\NAME\AppData\Local\Apple Computer
2015-02-03 19:32 - 2014-12-30 01:24 - 00000000 ____D () C:\Users\NAME\AppData\Local\gtk-2.0
2015-02-02 17:39 - 2014-12-11 15:11 - 00000000 ____D () C:\Windows\Panther
2015-02-02 15:22 - 2014-12-11 15:49 - 00064416 _____ () C:\Users\NAME\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-31 22:01 - 2014-12-12 17:36 - 00001241 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-01-31 22:01 - 2014-12-12 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-01-31 22:01 - 2014-12-12 17:35 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-01-31 22:01 - 2014-12-12 17:34 - 00000000 ____D () C:\Users\NAME\AppData\Roaming\DVDVideoSoft
2015-01-29 21:26 - 2014-12-17 13:19 - 00000000 ____D () C:\Users\NAME\AppData\Roaming\Sony
2015-01-25 18:53 - 2014-12-20 15:05 - 00000000 ____D () C:\Program Files (x86)\DSPRobotics
2015-01-25 18:52 - 2014-12-20 15:07 - 00000000 ____D () C:\Program Files (x86)\VstPlugins
2015-01-25 18:52 - 2014-12-20 15:05 - 00000000 ____D () C:\Users\NAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2015-01-24 18:53 - 2014-12-11 16:01 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-24 18:52 - 2014-12-11 16:01 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-24 18:51 - 2014-12-11 16:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-23 20:48 - 2014-12-20 15:16 - 00000000 ____D () C:\Users\NAME\AppData\Roaming\SongManager
2015-01-20 18:24 - 2014-12-17 13:18 - 00008344 _____ () C:\Users\NAME\Downloads\detekt.log
==================== Files in the root of some directories =======
2015-02-03 19:44 - 2015-02-03 19:44 - 0003864 _____ () C:\Users\NAME\AppData\Local\recently-used.xbel
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-14 21:37
==================== End Of Log ============================
|
|
17.02.2015, 20:21
| #6 |
| /// the machine /// TB-Ausbilder | Verdacht das ein Kollege auf mein Pc zugreift + Schädling(e) hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> Verdacht das ein Kollege auf mein Pc zugreift + Schädling(e) |
|
17.02.2015, 22:53
| #7 |
| | Verdacht das ein Kollege auf mein Pc zugreift + Schädling(e) Kaspersky - keine Funde Code:
ATTFilter 22:32:15.0129 0x080c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
22:32:19.0009 0x080c ============================================================
22:32:19.0009 0x080c Current date / time: 2015/02/17 22:32:19.0009
22:32:19.0009 0x080c SystemInfo:
22:32:19.0009 0x080c
22:32:19.0009 0x080c OS Version: 6.1.7601 ServicePack: 1.0
22:32:19.0009 0x080c Product type: Workstation
22:32:19.0009 0x080c ComputerName: EUGEN-PC
22:32:19.0009 0x080c UserName: Eugen
22:32:19.0009 0x080c Windows directory: C:\Windows
22:32:19.0009 0x080c System windows directory: C:\Windows
22:32:19.0009 0x080c Running under WOW64
22:32:19.0009 0x080c Processor architecture: Intel x64
22:32:19.0009 0x080c Number of processors: 8
22:32:19.0009 0x080c Page size: 0x1000
22:32:19.0009 0x080c Boot type: Normal boot
22:32:19.0009 0x080c ============================================================
22:32:19.0059 0x080c KLMD registered as C:\Windows\system32\drivers\08559965.sys
22:32:19.0369 0x080c System UUID: {65AD726C-8621-65BC-378B-EDE716CB2B87}
22:32:19.0699 0x080c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:32:19.0709 0x080c ============================================================
22:32:19.0709 0x080c \Device\Harddisk0\DR0:
22:32:19.0709 0x080c MBR partitions:
22:32:19.0709 0x080c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6E0D3800
22:32:19.0709 0x080c ============================================================
22:32:19.0749 0x080c C: <-> \Device\Harddisk0\DR0\Partition1
22:32:19.0749 0x080c ============================================================
22:32:19.0749 0x080c Initialize success
22:32:19.0749 0x080c ============================================================
22:33:17.0899 0x1428 ============================================================
22:33:17.0899 0x1428 Scan started
22:33:17.0899 0x1428 Mode: Manual; SigCheck; TDLFS;
22:33:17.0899 0x1428 ============================================================
22:33:17.0899 0x1428 KSN ping started
22:33:20.0289 0x1428 KSN ping finished: true
22:33:21.0009 0x1428 ================ Scan system memory ========================
22:33:21.0009 0x1428 System memory - ok
22:33:21.0009 0x1428 ================ Scan services =============================
22:33:21.0139 0x1428 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:33:21.0199 0x1428 1394ohci - ok
22:33:21.0219 0x1428 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:33:21.0229 0x1428 ACPI - ok
22:33:21.0259 0x1428 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:33:21.0299 0x1428 AcpiPmi - ok
22:33:21.0419 0x1428 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:33:21.0419 0x1428 AdobeARMservice - ok
22:33:21.0469 0x1428 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:33:21.0479 0x1428 adp94xx - ok
22:33:21.0529 0x1428 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:33:21.0539 0x1428 adpahci - ok
22:33:21.0549 0x1428 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:33:21.0559 0x1428 adpu320 - ok
22:33:21.0589 0x1428 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:33:21.0689 0x1428 AeLookupSvc - ok
22:33:21.0719 0x1428 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
22:33:21.0779 0x1428 AFD - ok
22:33:21.0809 0x1428 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
22:33:21.0809 0x1428 agp440 - ok
22:33:21.0839 0x1428 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
22:33:21.0909 0x1428 ALG - ok
22:33:21.0929 0x1428 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
22:33:21.0939 0x1428 aliide - ok
22:33:21.0959 0x1428 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
22:33:21.0969 0x1428 amdide - ok
22:33:22.0009 0x1428 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:33:22.0059 0x1428 AmdK8 - ok
22:33:22.0079 0x1428 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:33:22.0099 0x1428 AmdPPM - ok
22:33:22.0139 0x1428 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:33:22.0149 0x1428 amdsata - ok
22:33:22.0169 0x1428 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:33:22.0179 0x1428 amdsbs - ok
22:33:22.0189 0x1428 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:33:22.0189 0x1428 amdxata - ok
22:33:22.0239 0x1428 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
22:33:22.0279 0x1428 AppID - ok
22:33:22.0309 0x1428 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:33:22.0369 0x1428 AppIDSvc - ok
22:33:22.0419 0x1428 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
22:33:22.0429 0x1428 Appinfo - ok
22:33:22.0469 0x1428 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
22:33:22.0479 0x1428 arc - ok
22:33:22.0499 0x1428 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:33:22.0499 0x1428 arcsas - ok
22:33:22.0529 0x1428 [ D6D2BB2F4F5868549DDE75F3146BC84E, FE2965649FF62696D30A4A7C377064EA2A27F03511DAF781913AA055A5FED323 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
22:33:22.0549 0x1428 asmthub3 - ok
22:33:22.0579 0x1428 [ 1E758172367DC2A3653F16586D62A3F0, 5395781F2B71CD9050F6CF75779D661F98E816A263ABA51153D14E21B73D4BC4 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
22:33:22.0639 0x1428 asmtxhci - ok
22:33:22.0709 0x1428 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:33:22.0709 0x1428 aspnet_state - ok
22:33:22.0739 0x1428 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:33:22.0779 0x1428 AsyncMac - ok
22:33:22.0819 0x1428 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
22:33:22.0829 0x1428 atapi - ok
22:33:22.0859 0x1428 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:33:22.0929 0x1428 AudioEndpointBuilder - ok
22:33:22.0949 0x1428 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:33:22.0959 0x1428 AudioSrv - ok
22:33:22.0999 0x1428 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:33:23.0059 0x1428 AxInstSV - ok
22:33:23.0109 0x1428 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:33:23.0159 0x1428 b06bdrv - ok
22:33:23.0179 0x1428 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:33:23.0219 0x1428 b57nd60a - ok
22:33:23.0279 0x1428 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
22:33:23.0289 0x1428 BDESVC - ok
22:33:23.0299 0x1428 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
22:33:23.0339 0x1428 Beep - ok
22:33:23.0429 0x1428 [ 34C68197B2A3214B6200036D4E9D2653, 5DE050FF33D41A32CC77246A441ED47D5E8202237E7608A1141CD97CFBF9DE56 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
22:33:23.0449 0x1428 BEService - ok
22:33:23.0509 0x1428 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
22:33:23.0579 0x1428 BFE - ok
22:33:23.0599 0x1428 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
22:33:23.0679 0x1428 BITS - ok
22:33:23.0729 0x1428 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:33:23.0759 0x1428 blbdrive - ok
22:33:23.0819 0x1428 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:33:23.0839 0x1428 Bonjour Service - ok
22:33:23.0859 0x1428 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:33:23.0899 0x1428 bowser - ok
22:33:23.0939 0x1428 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:33:23.0989 0x1428 BrFiltLo - ok
22:33:24.0009 0x1428 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:33:24.0029 0x1428 BrFiltUp - ok
22:33:24.0059 0x1428 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
22:33:24.0099 0x1428 Browser - ok
22:33:24.0139 0x1428 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:33:24.0169 0x1428 Brserid - ok
22:33:24.0189 0x1428 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:33:24.0219 0x1428 BrSerWdm - ok
22:33:24.0239 0x1428 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:33:24.0259 0x1428 BrUsbMdm - ok
22:33:24.0259 0x1428 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:33:24.0279 0x1428 BrUsbSer - ok
22:33:24.0299 0x1428 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:33:24.0329 0x1428 BTHMODEM - ok
22:33:24.0379 0x1428 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
22:33:24.0419 0x1428 bthserv - ok
22:33:24.0439 0x1428 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:33:24.0459 0x1428 cdfs - ok
22:33:24.0489 0x1428 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
22:33:24.0499 0x1428 cdrom - ok
22:33:24.0539 0x1428 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
22:33:24.0569 0x1428 CertPropSvc - ok
22:33:24.0619 0x1428 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:33:24.0649 0x1428 circlass - ok
22:33:24.0689 0x1428 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
22:33:24.0699 0x1428 CLFS - ok
22:33:24.0749 0x1428 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:33:24.0759 0x1428 clr_optimization_v2.0.50727_32 - ok
22:33:24.0809 0x1428 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:33:24.0809 0x1428 clr_optimization_v2.0.50727_64 - ok
22:33:24.0859 0x1428 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:33:24.0869 0x1428 clr_optimization_v4.0.30319_32 - ok
22:33:24.0889 0x1428 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:33:24.0889 0x1428 clr_optimization_v4.0.30319_64 - ok
22:33:24.0919 0x1428 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:33:24.0949 0x1428 CmBatt - ok
22:33:24.0979 0x1428 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:33:24.0979 0x1428 cmdide - ok
22:33:25.0029 0x1428 [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG C:\Windows\system32\Drivers\cng.sys
22:33:25.0039 0x1428 CNG - ok
22:33:25.0059 0x1428 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:33:25.0059 0x1428 Compbatt - ok
22:33:25.0089 0x1428 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:33:25.0119 0x1428 CompositeBus - ok
22:33:25.0119 0x1428 COMSysApp - ok
22:33:25.0119 0x1428 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:33:25.0119 0x1428 crcdisk - ok
22:33:25.0159 0x1428 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:33:25.0189 0x1428 CryptSvc - ok
22:33:25.0229 0x1428 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:33:25.0279 0x1428 DcomLaunch - ok
22:33:25.0339 0x1428 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
22:33:25.0389 0x1428 defragsvc - ok
22:33:25.0449 0x1428 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:33:25.0489 0x1428 DfsC - ok
22:33:25.0529 0x1428 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:33:25.0579 0x1428 Dhcp - ok
22:33:25.0609 0x1428 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
22:33:25.0649 0x1428 discache - ok
22:33:25.0689 0x1428 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:33:25.0689 0x1428 Disk - ok
22:33:25.0709 0x1428 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:33:25.0779 0x1428 Dnscache - ok
22:33:25.0809 0x1428 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
22:33:25.0859 0x1428 dot3svc - ok
22:33:25.0889 0x1428 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
22:33:25.0929 0x1428 DPS - ok
22:33:25.0989 0x1428 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:33:26.0019 0x1428 drmkaud - ok
22:33:26.0059 0x1428 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:33:26.0079 0x1428 DXGKrnl - ok
22:33:26.0099 0x1428 EagleX64 - ok
22:33:26.0129 0x1428 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
22:33:26.0149 0x1428 EapHost - ok
22:33:26.0229 0x1428 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:33:26.0309 0x1428 ebdrv - ok
22:33:26.0359 0x1428 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS C:\Windows\System32\lsass.exe
22:33:26.0419 0x1428 EFS - ok
22:33:26.0489 0x1428 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:33:26.0519 0x1428 ehRecvr - ok
22:33:26.0539 0x1428 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
22:33:26.0599 0x1428 ehSched - ok
22:33:26.0639 0x1428 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:33:26.0649 0x1428 elxstor - ok
22:33:26.0669 0x1428 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:33:26.0699 0x1428 ErrDev - ok
22:33:26.0739 0x1428 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
22:33:26.0779 0x1428 EventSystem - ok
22:33:26.0809 0x1428 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
22:33:26.0839 0x1428 exfat - ok
22:33:26.0869 0x1428 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:33:26.0909 0x1428 fastfat - ok
22:33:26.0969 0x1428 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
22:33:26.0999 0x1428 Fax - ok
22:33:27.0019 0x1428 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:33:27.0049 0x1428 fdc - ok
22:33:27.0099 0x1428 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
22:33:27.0119 0x1428 fdPHost - ok
22:33:27.0119 0x1428 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
22:33:27.0159 0x1428 FDResPub - ok
22:33:27.0189 0x1428 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:33:27.0189 0x1428 FileInfo - ok
22:33:27.0199 0x1428 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:33:27.0239 0x1428 Filetrace - ok
22:33:27.0279 0x1428 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:33:27.0299 0x1428 flpydisk - ok
22:33:27.0359 0x1428 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:33:27.0369 0x1428 FltMgr - ok
22:33:27.0409 0x1428 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
22:33:27.0449 0x1428 FontCache - ok
22:33:27.0499 0x1428 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:33:27.0499 0x1428 FontCache3.0.0.0 - ok
22:33:27.0529 0x1428 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:33:27.0539 0x1428 FsDepends - ok
22:33:27.0569 0x1428 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:33:27.0579 0x1428 Fs_Rec - ok
22:33:27.0619 0x1428 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:33:27.0629 0x1428 fvevol - ok
22:33:27.0649 0x1428 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:33:27.0649 0x1428 gagp30kx - ok
22:33:27.0729 0x1428 [ 0C52567F023D0F05F4EFC26F607D415B, 168D2AAB2F9CF8DE4A894DE3B2A5C67F1DAD758DBEC95FCFF4D752645BB37C38 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
22:33:27.0749 0x1428 GfExperienceService - ok
22:33:27.0799 0x1428 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
22:33:27.0849 0x1428 gpsvc - ok
22:33:27.0899 0x1428 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:33:27.0899 0x1428 gupdate - ok
22:33:27.0899 0x1428 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:33:27.0909 0x1428 gupdatem - ok
22:33:27.0949 0x1428 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:33:27.0989 0x1428 hcw85cir - ok
22:33:28.0019 0x1428 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:33:28.0059 0x1428 HdAudAddService - ok
22:33:28.0089 0x1428 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:33:28.0119 0x1428 HDAudBus - ok
22:33:28.0149 0x1428 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:33:28.0169 0x1428 HidBatt - ok
22:33:28.0189 0x1428 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:33:28.0219 0x1428 HidBth - ok
22:33:28.0269 0x1428 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:33:28.0269 0x1428 HidIr - ok
22:33:28.0299 0x1428 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
22:33:28.0319 0x1428 hidserv - ok
22:33:28.0349 0x1428 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
22:33:28.0379 0x1428 HidUsb - ok
22:33:28.0399 0x1428 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:33:28.0429 0x1428 hkmsvc - ok
22:33:28.0459 0x1428 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:33:28.0479 0x1428 HomeGroupListener - ok
22:33:28.0509 0x1428 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:33:28.0539 0x1428 HomeGroupProvider - ok
22:33:28.0579 0x1428 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:33:28.0579 0x1428 HpSAMD - ok
22:33:28.0629 0x1428 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:33:28.0689 0x1428 HTTP - ok
22:33:28.0739 0x1428 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:33:28.0739 0x1428 hwpolicy - ok
22:33:28.0759 0x1428 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:33:28.0759 0x1428 i8042prt - ok
22:33:28.0799 0x1428 [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:33:28.0809 0x1428 iaStor - ok
22:33:28.0849 0x1428 [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:33:28.0859 0x1428 IAStorDataMgrSvc - ok
22:33:28.0889 0x1428 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:33:28.0899 0x1428 iaStorV - ok
22:33:28.0959 0x1428 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:33:28.0979 0x1428 idsvc - ok
22:33:28.0989 0x1428 IEEtwCollectorService - ok
22:33:29.0019 0x1428 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:33:29.0029 0x1428 iirsp - ok
22:33:29.0059 0x1428 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
22:33:29.0079 0x1428 IKEEXT - ok
22:33:29.0189 0x1428 [ 483987354C1C2C2E67B82EA4A58C23A7, 7429C993DB67EDB48F16ACAA013E2D2AB5B934E94FD90273A50583201BD6E932 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:33:29.0279 0x1428 IntcAzAudAddService - ok
22:33:29.0329 0x1428 [ 7C76466F4E0F76CE259C6005D161E9E8, 19F3CCC3A86B68DB70B7608F9ED33746518F5B2450E5BAF9581127CE7A9AA5D2 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:33:29.0349 0x1428 Intel(R) Capability Licensing Service Interface - ok
22:33:29.0369 0x1428 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
22:33:29.0369 0x1428 intelide - ok
22:33:29.0409 0x1428 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:33:29.0439 0x1428 intelppm - ok
22:33:29.0489 0x1428 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:33:29.0529 0x1428 IPBusEnum - ok
22:33:29.0559 0x1428 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:33:29.0579 0x1428 IpFilterDriver - ok
22:33:29.0649 0x1428 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:33:29.0699 0x1428 iphlpsvc - ok
22:33:29.0729 0x1428 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:33:29.0729 0x1428 IPMIDRV - ok
22:33:29.0759 0x1428 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:33:29.0799 0x1428 IPNAT - ok
22:33:29.0829 0x1428 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:33:29.0859 0x1428 IRENUM - ok
22:33:29.0879 0x1428 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:33:29.0889 0x1428 isapnp - ok
22:33:29.0909 0x1428 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:33:29.0919 0x1428 iScsiPrt - ok
22:33:29.0969 0x1428 [ D22982C269775BCBDDA8A0F82A9ADE9E, 26C19369F5F2B42C37F23842C5795FECEF21BC290968AABC9984502F0FD921DF ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:33:29.0979 0x1428 jhi_service - ok
22:33:29.0999 0x1428 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:33:29.0999 0x1428 kbdclass - ok
22:33:30.0009 0x1428 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:33:30.0039 0x1428 kbdhid - ok
22:33:30.0069 0x1428 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso C:\Windows\system32\lsass.exe
22:33:30.0079 0x1428 KeyIso - ok
22:33:30.0109 0x1428 [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:33:30.0119 0x1428 KSecDD - ok
22:33:30.0129 0x1428 [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:33:30.0139 0x1428 KSecPkg - ok
22:33:30.0169 0x1428 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:33:30.0189 0x1428 ksthunk - ok
22:33:30.0219 0x1428 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
22:33:30.0259 0x1428 KtmRm - ok
22:33:30.0319 0x1428 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:33:30.0359 0x1428 LanmanServer - ok
22:33:30.0389 0x1428 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:33:30.0439 0x1428 LanmanWorkstation - ok
22:33:30.0479 0x1428 [ 95B3CEAF06A2DF96FE28CD0755D319C4, 4BFA65F9786AB80FF321A1D21C243DCCDA168FCD35394B1066BE9379A811F135 ] lbvrsfgs C:\Windows\system32\drivers\grvne.sys
22:33:30.0479 0x1428 lbvrsfgs - ok
22:33:30.0499 0x1428 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:33:30.0539 0x1428 lltdio - ok
22:33:30.0569 0x1428 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:33:30.0609 0x1428 lltdsvc - ok
22:33:30.0639 0x1428 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:33:30.0669 0x1428 lmhosts - ok
22:33:30.0739 0x1428 [ 5C08357C65F658E29B5DDC2EF18D575C, 80802787D7CD07BFB4F2EEE463837FB0CBB3626A2D5451B32794DB66A3CC3D98 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:33:30.0739 0x1428 LMS - ok
22:33:30.0789 0x1428 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:33:30.0799 0x1428 LSI_FC - ok
22:33:30.0799 0x1428 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:33:30.0809 0x1428 LSI_SAS - ok
22:33:30.0819 0x1428 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:33:30.0829 0x1428 LSI_SAS2 - ok
22:33:30.0839 0x1428 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:33:30.0839 0x1428 LSI_SCSI - ok
22:33:30.0859 0x1428 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
22:33:30.0889 0x1428 luafv - ok
22:33:30.0919 0x1428 MBAMSwissArmy - ok
22:33:30.0949 0x1428 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:33:30.0949 0x1428 Mcx2Svc - ok
22:33:30.0969 0x1428 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:33:30.0979 0x1428 megasas - ok
22:33:30.0989 0x1428 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:33:30.0999 0x1428 MegaSR - ok
22:33:31.0009 0x1428 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:33:31.0009 0x1428 MEIx64 - ok
22:33:31.0039 0x1428 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
22:33:31.0079 0x1428 MMCSS - ok
22:33:31.0099 0x1428 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
22:33:31.0139 0x1428 Modem - ok
22:33:31.0179 0x1428 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:33:31.0209 0x1428 monitor - ok
22:33:31.0239 0x1428 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
22:33:31.0249 0x1428 mouclass - ok
22:33:31.0279 0x1428 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:33:31.0289 0x1428 mouhid - ok
22:33:31.0319 0x1428 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:33:31.0329 0x1428 mountmgr - ok
22:33:31.0339 0x1428 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
22:33:31.0349 0x1428 mpio - ok
22:33:31.0359 0x1428 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:33:31.0369 0x1428 mpsdrv - ok
22:33:31.0419 0x1428 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:33:31.0459 0x1428 MpsSvc - ok
22:33:31.0499 0x1428 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:33:31.0529 0x1428 MRxDAV - ok
22:33:31.0569 0x1428 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:33:31.0579 0x1428 mrxsmb - ok
22:33:31.0619 0x1428 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:33:31.0649 0x1428 mrxsmb10 - ok
22:33:31.0669 0x1428 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:33:31.0699 0x1428 mrxsmb20 - ok
22:33:31.0719 0x1428 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
22:33:31.0729 0x1428 msahci - ok
22:33:31.0739 0x1428 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:33:31.0739 0x1428 msdsm - ok
22:33:31.0759 0x1428 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
22:33:31.0789 0x1428 MSDTC - ok
22:33:31.0829 0x1428 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:33:31.0869 0x1428 Msfs - ok
22:33:31.0889 0x1428 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:33:31.0909 0x1428 mshidkmdf - ok
22:33:31.0929 0x1428 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:33:31.0929 0x1428 msisadrv - ok
22:33:31.0949 0x1428 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:33:31.0999 0x1428 MSiSCSI - ok
22:33:31.0999 0x1428 msiserver - ok
22:33:32.0029 0x1428 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:33:32.0039 0x1428 MSKSSRV - ok
22:33:32.0059 0x1428 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:33:32.0099 0x1428 MSPCLOCK - ok
22:33:32.0129 0x1428 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:33:32.0159 0x1428 MSPQM - ok
22:33:32.0199 0x1428 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:33:32.0209 0x1428 MsRPC - ok
22:33:32.0219 0x1428 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:33:32.0229 0x1428 mssmbios - ok
22:33:32.0239 0x1428 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:33:32.0269 0x1428 MSTEE - ok
22:33:32.0289 0x1428 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:33:32.0319 0x1428 MTConfig - ok
22:33:32.0359 0x1428 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
22:33:32.0369 0x1428 Mup - ok
22:33:32.0409 0x1428 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
22:33:32.0439 0x1428 napagent - ok
22:33:32.0459 0x1428 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:33:32.0499 0x1428 NativeWifiP - ok
22:33:32.0549 0x1428 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
22:33:32.0569 0x1428 NDIS - ok
22:33:32.0589 0x1428 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:33:32.0629 0x1428 NdisCap - ok
22:33:32.0679 0x1428 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:33:32.0709 0x1428 NdisTapi - ok
22:33:32.0739 0x1428 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:33:32.0779 0x1428 Ndisuio - ok
22:33:32.0829 0x1428 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:33:32.0869 0x1428 NdisWan - ok
22:33:32.0909 0x1428 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:33:32.0949 0x1428 NDProxy - ok
22:33:32.0979 0x1428 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:33:33.0009 0x1428 NetBIOS - ok
22:33:33.0039 0x1428 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:33:33.0079 0x1428 NetBT - ok
22:33:33.0119 0x1428 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon C:\Windows\system32\lsass.exe
22:33:33.0119 0x1428 Netlogon - ok
22:33:33.0159 0x1428 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
22:33:33.0199 0x1428 Netman - ok
22:33:33.0239 0x1428 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:33:33.0239 0x1428 NetMsmqActivator - ok
22:33:33.0249 0x1428 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:33:33.0249 0x1428 NetPipeActivator - ok
22:33:33.0259 0x1428 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
22:33:33.0289 0x1428 netprofm - ok
22:33:33.0289 0x1428 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:33:33.0299 0x1428 NetTcpActivator - ok
22:33:33.0299 0x1428 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:33:33.0309 0x1428 NetTcpPortSharing - ok
22:33:33.0359 0x1428 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:33:33.0359 0x1428 nfrd960 - ok
22:33:33.0389 0x1428 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
22:33:33.0409 0x1428 NlaSvc - ok
22:33:33.0459 0x1428 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF C:\Windows\system32\drivers\npf.sys
22:33:33.0459 0x1428 NPF - ok
22:33:33.0469 0x1428 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:33:33.0489 0x1428 Npfs - ok
22:33:33.0509 0x1428 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
22:33:33.0559 0x1428 nsi - ok
22:33:33.0579 0x1428 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:33:33.0629 0x1428 nsiproxy - ok
22:33:33.0689 0x1428 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:33:33.0709 0x1428 Ntfs - ok
22:33:33.0749 0x1428 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
22:33:33.0759 0x1428 Null - ok
22:33:33.0799 0x1428 [ C87B11EB78428853F9E8495C47E53C10, FAE479DB0812967B3FF968773BA998591B4F50BE4329B8349BCA7E6EAB1B0474 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
22:33:33.0809 0x1428 NVHDA - ok
22:33:34.0039 0x1428 [ 185B4FFECD886A424B57B58AE173FBBE, 7CFD51694091035639B900EC64FAD62CC1E5F3DC520F59CC27540B170A957C60 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:33:34.0289 0x1428 nvlddmkm - ok
22:33:34.0359 0x1428 [ DDF6920EBE96B0304279834F2EE2193E, F631974EE3659EC01863C2502FD26A45A237A59B9B005E5B1F9F78357CCBB974 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
22:33:34.0399 0x1428 NvNetworkService - ok
22:33:34.0419 0x1428 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:33:34.0429 0x1428 nvraid - ok
22:33:34.0439 0x1428 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:33:34.0449 0x1428 nvstor - ok
22:33:34.0489 0x1428 [ 0C4A0D577A6EF1B9D353851668779944, 70E866AD50809CC80F167796C516190918A542F7767A8841948E656F36877AFE ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
22:33:34.0499 0x1428 NvStreamKms - ok
22:33:34.0839 0x1428 [ BC00A5B3A9F759F7B1DD0A5868C4492F, 23058E56016B836339AACDB0D42E074FB4EF560C27831F6228A455D70585D1EE ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
22:33:35.0109 0x1428 NvStreamSvc - ok
22:33:35.0169 0x1428 [ E1CE82592245B9E9621F17FBF457DB4E, 98B021623B10EBF7ED370BC2516D8377C09E9E2BB49BD96F492F55006B1B8CC4 ] nvsvc C:\Windows\system32\nvvsvc.exe
22:33:35.0189 0x1428 nvsvc - ok
22:33:35.0209 0x1428 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
22:33:35.0209 0x1428 nvvad_WaveExtensible - ok
22:33:35.0239 0x1428 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:33:35.0249 0x1428 nv_agp - ok
22:33:35.0269 0x1428 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:33:35.0279 0x1428 ohci1394 - ok
22:33:35.0309 0x1428 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:33:35.0369 0x1428 p2pimsvc - ok
22:33:35.0389 0x1428 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
22:33:35.0419 0x1428 p2psvc - ok
22:33:35.0449 0x1428 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:33:35.0459 0x1428 Parport - ok
22:33:35.0479 0x1428 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:33:35.0489 0x1428 partmgr - ok
22:33:35.0499 0x1428 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
22:33:35.0529 0x1428 PcaSvc - ok
22:33:35.0569 0x1428 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
22:33:35.0579 0x1428 pci - ok
22:33:35.0599 0x1428 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
22:33:35.0599 0x1428 pciide - ok
22:33:35.0609 0x1428 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:33:35.0619 0x1428 pcmcia - ok
22:33:35.0649 0x1428 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
22:33:35.0649 0x1428 pcw - ok
22:33:35.0669 0x1428 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:33:35.0719 0x1428 PEAUTH - ok
22:33:35.0799 0x1428 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:33:35.0799 0x1428 PerfHost - ok
22:33:35.0879 0x1428 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
22:33:35.0939 0x1428 pla - ok
22:33:35.0989 0x1428 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:33:36.0039 0x1428 PlugPlay - ok
22:33:36.0069 0x1428 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:33:36.0099 0x1428 PNRPAutoReg - ok
22:33:36.0129 0x1428 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:33:36.0139 0x1428 PNRPsvc - ok
22:33:36.0179 0x1428 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:33:36.0219 0x1428 PolicyAgent - ok
22:33:36.0259 0x1428 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
22:33:36.0279 0x1428 Power - ok
22:33:36.0309 0x1428 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:33:36.0349 0x1428 PptpMiniport - ok
22:33:36.0379 0x1428 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:33:36.0399 0x1428 Processor - ok
22:33:36.0429 0x1428 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
22:33:36.0449 0x1428 ProfSvc - ok
22:33:36.0469 0x1428 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:33:36.0469 0x1428 ProtectedStorage - ok
22:33:36.0509 0x1428 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:33:36.0549 0x1428 Psched - ok
22:33:36.0609 0x1428 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:33:36.0639 0x1428 ql2300 - ok
22:33:36.0679 0x1428 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:33:36.0679 0x1428 ql40xx - ok
22:33:36.0709 0x1428 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
22:33:36.0719 0x1428 QWAVE - ok
22:33:36.0739 0x1428 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:33:36.0769 0x1428 QWAVEdrv - ok
22:33:36.0789 0x1428 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:33:36.0809 0x1428 RasAcd - ok
22:33:36.0829 0x1428 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:33:36.0869 0x1428 RasAgileVpn - ok
22:33:36.0899 0x1428 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
22:33:36.0929 0x1428 RasAuto - ok
22:33:36.0959 0x1428 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:33:36.0999 0x1428 Rasl2tp - ok
22:33:37.0039 0x1428 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
22:33:37.0059 0x1428 RasMan - ok
22:33:37.0089 0x1428 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:33:37.0109 0x1428 RasPppoe - ok
22:33:37.0119 0x1428 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:33:37.0159 0x1428 RasSstp - ok
22:33:37.0199 0x1428 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:33:37.0249 0x1428 rdbss - ok
22:33:37.0279 0x1428 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:33:37.0309 0x1428 rdpbus - ok
22:33:37.0339 0x1428 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:33:37.0359 0x1428 RDPCDD - ok
22:33:37.0369 0x1428 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:33:37.0409 0x1428 RDPENCDD - ok
22:33:37.0439 0x1428 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:33:37.0459 0x1428 RDPREFMP - ok
22:33:37.0529 0x1428 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:33:37.0579 0x1428 RdpVideoMiniport - ok
22:33:37.0619 0x1428 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:33:37.0669 0x1428 RDPWD - ok
22:33:37.0699 0x1428 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:33:37.0709 0x1428 rdyboost - ok
22:33:37.0739 0x1428 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:33:37.0769 0x1428 RemoteAccess - ok
22:33:37.0819 0x1428 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:33:37.0839 0x1428 RemoteRegistry - ok
22:33:37.0879 0x1428 [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
22:33:37.0889 0x1428 rpcapd - ok
22:33:37.0899 0x1428 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:33:37.0939 0x1428 RpcEptMapper - ok
22:33:37.0959 0x1428 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
22:33:37.0989 0x1428 RpcLocator - ok
22:33:38.0019 0x1428 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
22:33:38.0049 0x1428 RpcSs - ok
22:33:38.0079 0x1428 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:33:38.0119 0x1428 rspndr - ok
22:33:38.0169 0x1428 [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:33:38.0189 0x1428 RTL8167 - ok
22:33:38.0199 0x1428 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs C:\Windows\system32\lsass.exe
22:33:38.0199 0x1428 SamSs - ok
22:33:38.0229 0x1428 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:33:38.0239 0x1428 sbp2port - ok
22:33:38.0269 0x1428 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:33:38.0289 0x1428 SCardSvr - ok
22:33:38.0319 0x1428 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:33:38.0369 0x1428 scfilter - ok
22:33:38.0429 0x1428 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
22:33:38.0479 0x1428 Schedule - ok
22:33:38.0519 0x1428 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:33:38.0539 0x1428 SCPolicySvc - ok
22:33:38.0549 0x1428 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:33:38.0589 0x1428 SDRSVC - ok
22:33:38.0619 0x1428 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:33:38.0639 0x1428 secdrv - ok
22:33:38.0649 0x1428 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
22:33:38.0659 0x1428 seclogon - ok
22:33:38.0679 0x1428 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
22:33:38.0719 0x1428 SENS - ok
22:33:38.0739 0x1428 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:33:38.0789 0x1428 SensrSvc - ok
22:33:38.0809 0x1428 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:33:38.0839 0x1428 Serenum - ok
22:33:38.0859 0x1428 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:33:38.0889 0x1428 Serial - ok
22:33:38.0939 0x1428 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:33:38.0959 0x1428 sermouse - ok
22:33:38.0999 0x1428 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
22:33:39.0039 0x1428 SessionEnv - ok
22:33:39.0059 0x1428 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:33:39.0069 0x1428 sffdisk - ok
22:33:39.0079 0x1428 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:33:39.0109 0x1428 sffp_mmc - ok
22:33:39.0139 0x1428 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:33:39.0139 0x1428 sffp_sd - ok
22:33:39.0169 0x1428 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:33:39.0179 0x1428 sfloppy - ok
22:33:39.0219 0x1428 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:33:39.0239 0x1428 SharedAccess - ok
22:33:39.0279 0x1428 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:33:39.0299 0x1428 ShellHWDetection - ok
22:33:39.0319 0x1428 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:33:39.0319 0x1428 SiSRaid2 - ok
22:33:39.0329 0x1428 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:33:39.0329 0x1428 SiSRaid4 - ok
22:33:39.0379 0x1428 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:33:39.0389 0x1428 SkypeUpdate - ok
22:33:39.0409 0x1428 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:33:39.0429 0x1428 Smb - ok
22:33:39.0459 0x1428 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:33:39.0479 0x1428 SNMPTRAP - ok
22:33:39.0519 0x1428 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
22:33:39.0519 0x1428 spldr - ok
22:33:39.0549 0x1428 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
22:33:39.0609 0x1428 Spooler - ok
22:33:39.0689 0x1428 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
22:33:39.0769 0x1428 sppsvc - ok
22:33:39.0809 0x1428 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:33:39.0849 0x1428 sppuinotify - ok
22:33:39.0939 0x1428 [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:33:39.0949 0x1428 SQLWriter - ok
22:33:39.0979 0x1428 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:33:40.0009 0x1428 srv - ok
22:33:40.0029 0x1428 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:33:40.0039 0x1428 srv2 - ok
22:33:40.0069 0x1428 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:33:40.0069 0x1428 srvnet - ok
22:33:40.0109 0x1428 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:33:40.0159 0x1428 SSDPSRV - ok
22:33:40.0179 0x1428 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:33:40.0219 0x1428 SstpSvc - ok
22:33:40.0269 0x1428 [ AC8B882D658AF3070167F59AE92E5CA3, 7781475B6A49DCE239FEE2B32767A7E58188EF04BC4BB29E04B40DAFD8214E85 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:33:40.0289 0x1428 Steam Client Service - ok
22:33:40.0319 0x1428 [ A9425CB7D5A698EA49BE0DF55A448E68, 2DB5B00D6AAB6D0D60EFE5FE26C50FD1AB3D4F9E2BA2EAD8A0BE1F1AF9082C12 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:33:40.0329 0x1428 Stereo Service - ok
22:33:40.0359 0x1428 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:33:40.0369 0x1428 stexstor - ok
22:33:40.0409 0x1428 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
22:33:40.0439 0x1428 stisvc - ok
22:33:40.0459 0x1428 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
22:33:40.0469 0x1428 swenum - ok
22:33:40.0509 0x1428 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
22:33:40.0539 0x1428 swprv - ok
22:33:40.0599 0x1428 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
22:33:40.0639 0x1428 SysMain - ok
22:33:40.0669 0x1428 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:33:40.0699 0x1428 TabletInputService - ok
22:33:40.0729 0x1428 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
22:33:40.0769 0x1428 TapiSrv - ok
22:33:40.0809 0x1428 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
22:33:40.0849 0x1428 TBS - ok
22:33:40.0919 0x1428 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:33:40.0949 0x1428 Tcpip - ok
22:33:40.0979 0x1428 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:33:41.0009 0x1428 TCPIP6 - ok
22:33:41.0039 0x1428 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:33:41.0049 0x1428 tcpipreg - ok
22:33:41.0079 0x1428 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:33:41.0119 0x1428 TDPIPE - ok
22:33:41.0139 0x1428 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:33:41.0149 0x1428 TDTCP - ok
22:33:41.0169 0x1428 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:33:41.0219 0x1428 tdx - ok
22:33:41.0249 0x1428 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
22:33:41.0259 0x1428 TermDD - ok
22:33:41.0299 0x1428 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
22:33:41.0349 0x1428 TermService - ok
22:33:41.0379 0x1428 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
22:33:41.0409 0x1428 Themes - ok
22:33:41.0449 0x1428 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
22:33:41.0469 0x1428 THREADORDER - ok
22:33:41.0479 0x1428 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
22:33:41.0519 0x1428 TrkWks - ok
22:33:41.0589 0x1428 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:33:41.0629 0x1428 TrustedInstaller - ok
22:33:41.0649 0x1428 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:33:41.0659 0x1428 tssecsrv - ok
22:33:41.0699 0x1428 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:33:41.0719 0x1428 TsUsbFlt - ok
22:33:41.0769 0x1428 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:33:41.0809 0x1428 tunnel - ok
22:33:41.0839 0x1428 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:33:41.0849 0x1428 uagp35 - ok
22:33:41.0869 0x1428 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:33:41.0919 0x1428 udfs - ok
22:33:41.0949 0x1428 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:33:41.0979 0x1428 UI0Detect - ok
22:33:42.0019 0x1428 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:33:42.0019 0x1428 uliagpkx - ok
22:33:42.0039 0x1428 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
22:33:42.0049 0x1428 umbus - ok
22:33:42.0069 0x1428 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:33:42.0089 0x1428 UmPass - ok
22:33:42.0179 0x1428 [ 0DFC9713D117B349E41A2A477448107A, 0C7B2162C2FA0BA46C2D3D9986CB542926C1802532E0785A49AC9B18284267AC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:33:42.0189 0x1428 UNS - ok
22:33:42.0209 0x1428 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
22:33:42.0229 0x1428 upnphost - ok
22:33:42.0259 0x1428 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
22:33:42.0269 0x1428 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
22:33:44.0649 0x1428 Detect skipped due to KSN trusted
22:33:44.0649 0x1428 USBAAPL64 - ok
22:33:44.0679 0x1428 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:33:44.0689 0x1428 usbaudio - ok
22:33:44.0729 0x1428 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:33:44.0749 0x1428 usbccgp - ok
22:33:44.0779 0x1428 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:33:44.0789 0x1428 usbcir - ok
22:33:44.0809 0x1428 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:33:44.0839 0x1428 usbehci - ok
22:33:44.0879 0x1428 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:33:44.0909 0x1428 usbhub - ok
22:33:44.0939 0x1428 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:33:44.0949 0x1428 usbohci - ok
22:33:44.0979 0x1428 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:33:45.0009 0x1428 usbprint - ok
22:33:45.0039 0x1428 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:33:45.0049 0x1428 USBSTOR - ok
22:33:45.0079 0x1428 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:33:45.0079 0x1428 usbuhci - ok
22:33:45.0089 0x1428 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:33:45.0099 0x1428 usbvideo - ok
22:33:45.0139 0x1428 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
22:33:45.0189 0x1428 usb_rndisx - ok
22:33:45.0209 0x1428 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
22:33:45.0249 0x1428 UxSms - ok
22:33:45.0259 0x1428 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc C:\Windows\system32\lsass.exe
22:33:45.0269 0x1428 VaultSvc - ok
22:33:45.0289 0x1428 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:33:45.0299 0x1428 vdrvroot - ok
22:33:45.0339 0x1428 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
22:33:45.0389 0x1428 vds - ok
22:33:45.0419 0x1428 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:33:45.0429 0x1428 vga - ok
22:33:45.0439 0x1428 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:33:45.0479 0x1428 VgaSave - ok
22:33:45.0519 0x1428 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:33:45.0529 0x1428 vhdmp - ok
22:33:45.0549 0x1428 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
22:33:45.0559 0x1428 viaide - ok
22:33:45.0569 0x1428 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:33:45.0579 0x1428 volmgr - ok
22:33:45.0619 0x1428 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:33:45.0629 0x1428 volmgrx - ok
22:33:45.0639 0x1428 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:33:45.0649 0x1428 volsnap - ok
22:33:45.0759 0x1428 [ ED1F4BDF68C649C6F79A02502BB6C9BC, 3D2830822D4A2C7B3676100B27DEC7B1C2EF640DA36C6543365A9CF2A61BF68E ] VsEtwService120 C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
22:33:45.0759 0x1428 VsEtwService120 - ok
22:33:45.0819 0x1428 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:33:45.0829 0x1428 vsmraid - ok
22:33:45.0879 0x1428 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
22:33:45.0919 0x1428 VSS - ok
22:33:45.0929 0x1428 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:33:45.0939 0x1428 vwifibus - ok
22:33:45.0989 0x1428 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
22:33:46.0009 0x1428 W32Time - ok
22:33:46.0039 0x1428 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:33:46.0039 0x1428 WacomPen - ok
22:33:46.0099 0x1428 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:33:46.0139 0x1428 WANARP - ok
22:33:46.0149 0x1428 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:33:46.0159 0x1428 Wanarpv6 - ok
22:33:46.0219 0x1428 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
22:33:46.0289 0x1428 wbengine - ok
22:33:46.0329 0x1428 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:33:46.0359 0x1428 WbioSrvc - ok
22:33:46.0399 0x1428 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:33:46.0439 0x1428 wcncsvc - ok
22:33:46.0469 0x1428 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:33:46.0509 0x1428 WcsPlugInService - ok
22:33:46.0539 0x1428 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:33:46.0549 0x1428 Wd - ok
22:33:46.0569 0x1428 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:33:46.0589 0x1428 Wdf01000 - ok
22:33:46.0599 0x1428 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:33:46.0639 0x1428 WdiServiceHost - ok
22:33:46.0639 0x1428 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:33:46.0649 0x1428 WdiSystemHost - ok
22:33:46.0679 0x1428 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
22:33:46.0699 0x1428 WebClient - ok
22:33:46.0749 0x1428 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:33:46.0769 0x1428 Wecsvc - ok
22:33:46.0779 0x1428 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:33:46.0819 0x1428 wercplsupport - ok
22:33:46.0839 0x1428 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
22:33:46.0879 0x1428 WerSvc - ok
22:33:46.0909 0x1428 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:33:46.0929 0x1428 WfpLwf - ok
22:33:46.0939 0x1428 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:33:46.0949 0x1428 WIMMount - ok
22:33:46.0969 0x1428 WinDefend - ok
22:33:46.0969 0x1428 WinHttpAutoProxySvc - ok
22:33:47.0019 0x1428 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:33:47.0049 0x1428 Winmgmt - ok
22:33:47.0089 0x1428 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
22:33:47.0139 0x1428 WinRM - ok
22:33:47.0179 0x1428 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:33:47.0189 0x1428 WinUsb - ok
22:33:47.0229 0x1428 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:33:47.0279 0x1428 Wlansvc - ok
22:33:47.0309 0x1428 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:33:47.0329 0x1428 WmiAcpi - ok
22:33:47.0369 0x1428 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:33:47.0399 0x1428 wmiApSrv - ok
22:33:47.0439 0x1428 WMPNetworkSvc - ok
22:33:47.0449 0x1428 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:33:47.0469 0x1428 WPCSvc - ok
22:33:47.0499 0x1428 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:33:47.0509 0x1428 WPDBusEnum - ok
22:33:47.0529 0x1428 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:33:47.0549 0x1428 ws2ifsl - ok
22:33:47.0589 0x1428 [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudioDevice_383S(1) C:\Windows\system32\drivers\WsAudioDevice_383S(1).sys
22:33:47.0599 0x1428 WsAudioDevice_383S(1) - ok
22:33:47.0639 0x1428 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
22:33:47.0649 0x1428 wscsvc - ok
22:33:47.0649 0x1428 WSearch - ok
22:33:47.0709 0x1428 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
22:33:47.0739 0x1428 wuauserv - ok
22:33:47.0769 0x1428 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:33:47.0819 0x1428 WudfPf - ok
22:33:47.0839 0x1428 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:33:47.0849 0x1428 WUDFRd - ok
22:33:47.0849 0x1428 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:33:47.0879 0x1428 wudfsvc - ok
22:33:47.0919 0x1428 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
22:33:47.0969 0x1428 WwanSvc - ok
22:33:47.0979 0x1428 ================ Scan global ===============================
22:33:48.0019 0x1428 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:33:48.0039 0x1428 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:33:48.0049 0x1428 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:33:48.0069 0x1428 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:33:48.0089 0x1428 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:33:48.0089 0x1428 [ Global ] - ok
22:33:48.0089 0x1428 ================ Scan MBR ==================================
22:33:48.0109 0x1428 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:33:48.0299 0x1af8 Object required for P2P: [ 7F4F11527AF5A7E4526CB6A146B3E40C ] RTL8167
22:33:48.0399 0x1428 \Device\Harddisk0\DR0 - ok
22:33:48.0399 0x1428 ================ Scan VBR ==================================
22:33:48.0399 0x1428 [ 3A1CADDCC0A9EE28922C9CA514BFADB5 ] \Device\Harddisk0\DR0\Partition1
22:33:48.0439 0x1428 \Device\Harddisk0\DR0\Partition1 - ok
22:33:48.0439 0x1428 ================ Scan generic autorun ======================
22:33:48.0699 0x1428 [ 757F4F07D8156868655C6A90A65A133F, 4EE9FFA154EBE6A6C884A56AFA7E9FC6C944CBEE387F86FF89D971B5C0946017 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:33:48.0949 0x1428 RTHDVCPL - ok
22:33:49.0009 0x1428 [ 7304E21B92E538E2CC793EDF478AC034, 39992D4541E100E5D8199B2FB5B7C7DD7213F8BC84AEA1924C6EC46E8711BF28 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
22:33:49.0049 0x1428 NvBackend - ok
22:33:49.0079 0x1428 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
22:33:49.0089 0x1428 ShadowPlay - ok
22:33:49.0119 0x1428 [ 766AE515B1749F2141E418CC6C08515B, 02DDB5A7DB8278AA47A951604818E73DB69155DBF1ECD06B6E11926204EADAE7 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
22:33:49.0129 0x1428 IAStorIcon - ok
22:33:49.0179 0x1428 [ 9C2078437D6FC541BD268BA903F6AEB4, CB622E82C65E0E4E9E52381BEAAB784AB6A3893BE34476D69B89F012CC1AC3C9 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
22:33:49.0209 0x1428 Wondershare Helper Compact.exe - detected UnsignedFile.Multi.Generic ( 1 )
22:33:50.0769 0x1af8 Object send P2P result: true
22:33:51.0589 0x1428 Detect skipped due to KSN trusted
22:33:51.0589 0x1428 Wondershare Helper Compact.exe - ok
22:33:51.0689 0x1428 [ 7BDA05509585396989E523BEDE832E9B, 27590FF2A468F977FC834FF30AA7C39C9062173A6B4B14671D1FFB84DCF2042F ] C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe
22:33:51.0689 0x1428 Malwarebytes Anti-Malware (cleanup) - ok
22:33:51.0759 0x1428 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:33:51.0819 0x1428 Sidebar - ok
22:33:51.0849 0x1428 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:33:51.0859 0x1428 mctadmin - ok
22:33:51.0869 0x1428 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:33:51.0899 0x1428 Sidebar - ok
22:33:51.0899 0x1428 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:33:51.0909 0x1428 mctadmin - ok
22:33:52.0059 0x1428 [ 14EF06B1EA531D681B5738F37388B99C, AB74735A3569B7995572FD7B0D026919CADA27C43A6AD0503659CE7CA3FF6B84 ] C:\Program Files\CCleaner\CCleaner64.exe
22:33:52.0149 0x1428 CCleaner Monitoring - ok
22:33:52.0359 0x1428 [ 0431B48CF752D88C33C4BA39BA64CCB2, 4D65608DB7B460E4797285D8FE305E407C6FA57663AF54500E1A730BBBC433FF ] C:\Users\Eugen\AppData\Roaming\Spotify\Spotify.exe
22:33:52.0469 0x1428 Spotify - ok
22:33:52.0539 0x1428 [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Eugen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
22:33:52.0569 0x1428 Spotify Web Helper - ok
22:33:52.0569 0x1428 Waiting for KSN requests completion. In queue: 49
22:33:53.0569 0x1428 Waiting for KSN requests completion. In queue: 49
22:33:54.0569 0x1428 Waiting for KSN requests completion. In queue: 8
22:33:55.0609 0x1428 Win FW state via NFP2: enabled
22:33:58.0009 0x1428 ============================================================
22:33:58.0009 0x1428 Scan finished
22:33:58.0009 0x1428 ============================================================
22:33:58.0009 0x0828 Detected object count: 0
22:33:58.0009 0x0828 Actual detected object count: 0
Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.3.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.17633
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.392000 GHz
Memory total: 8555220992, free: 6152466432
Downloaded database version: v2015.02.17.10
Downloaded database version: v2015.02.03.01
Downloaded database version: v2014.12.06.01
Initializing...
======================
------------ Kernel report ------------
02/17/2015 22:37:59
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\asmtxhci.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\drivers\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\asmthub3.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\system32\drivers\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\shlwapi.dll
\Windows\System32\kernel32.dll
\Windows\System32\wininet.dll
\Windows\System32\lpk.dll
\Windows\System32\usp10.dll
\Windows\System32\psapi.dll
\Windows\System32\user32.dll
\Windows\System32\gdi32.dll
\Windows\System32\advapi32.dll
\Windows\System32\shell32.dll
\Windows\System32\iertutil.dll
\Windows\System32\nsi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\sechost.dll
\Windows\System32\oleaut32.dll
\Windows\System32\urlmon.dll
\Windows\System32\clbcatq.dll
\Windows\System32\imm32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\setupapi.dll
\Windows\System32\normaliz.dll
\Windows\System32\msvcrt.dll
\Windows\System32\difxapi.dll
\Windows\System32\ole32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\msctf.dll
\Windows\System32\imagehlp.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\devobj.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\KernelBase.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\System32\profapi.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.02.17.10
rootkit: v2015.02.03.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800773e790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800773e2c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800773e790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800729c5b0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80072a2050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1FE9121A
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 206848 Numsec = 1846360064
Partition file system is NTFS
Partition is bootable
Partition 1 type is Other (0x12)
Partition is NOT ACTIVE.
Partition starts at LBA: 1951424512 Numsec = 2098608
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xfffffa800b302630, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800b487b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800b302630, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800b485b60, DeviceName: \Device\00000089\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-206848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
|
|
18.02.2015, 12:42
| #8 |
| /// the machine /// TB-Ausbilder | Verdacht das ein Kollege auf mein Pc zugreift + Schädling(e) Also ich seh nix.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.02.2015, 12:55
| #9 |
| | Verdacht das ein Kollege auf mein Pc zugreift + Schädling(e) Dann hat sich möglicherweise der Fall erledigt. Vielen herzlichen Dank! |
|
18.02.2015, 19:30
| #10 |
| /// the machine /// TB-Ausbilder | Verdacht das ein Kollege auf mein Pc zugreift + Schädling(e) Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Verdacht das ein Kollege auf mein Pc zugreift + Schädling(e) |
| bluescreen, fertig, frage, fragen, gmer, griff, großes, guten, hacker-angriff, hackerangriff, hoffe, interne, internet, lustig, monate, mögliche, nichts, nötig, schule, schädling, seltsam, sprechen, theme, themen, unternehmen, verdacht, wiederholt, zusätzlich |
Linear-Darstellung
