| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.05.2015, 16:48
| #1 |
| |  Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf! Hallo Trojaner-Board, Ich habe seit gestern Abend ein Problem mit meinem PC: Wie ist mir der Fehler aufgefallen: Während dem Spielen von Minecraft hat es mich immer wieder auf den Desktop geworfen. Die Zeit betrug vllt gute 5 Minuten, kann aber auch sein, dass es auch weit aus weniger sind. Nach einiger Zeit ist mir dann aufgefallen, dass auch im Desktopbetrieb immer wieder ein Fenster auftaucht und sich sofort wieder selbst schließt. Ich kann es nicht genau erkennen, aber es sieht aus wie die Eingabeaufforderung von Windows. Ich habe mich dann hingesetzt und habe versucht selbst Herr über dieses Problem zu werden. Folgendes habe ich gemacht: 1. Im Taskmanager das Programm zu finden -> Nichts außergewöhnliches erkannt. 2. Schnelle Untersuchung von Kaspersky machen lassen -> keine Auffälligkeiten 3. Malwarebytes runtergeladen, installiert und Suchlauf durchlaufen lassen Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 06.05.2015 Suchlauf-Zeit: 23:00:11 Logdatei: Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.05.06.05 Rootkit Datenbank: v2015.04.21.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: ******* Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 383924 Verstrichene Zeit: 6 Min, 51 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 9 PUP.Optional.Vosteran.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, In Quarantäne, [2845c8c86327f4426989a838f3105fa1], PUP.Optional.Infonaut.A, HKLM\SOFTWARE\WOW6432NODE\Infonaut_1.10.0.13, In Quarantäne, [fc71dab67f0b6acc5f6e07c7768df808], PUP.Optional.Vosteran.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, In Quarantäne, [ed80dab6d5b55adcd1214f9121e260a0], PUP.Optional.Infonaut.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\innfd_1_10_0_13, In Quarantäne, [600d761afd8ddb5b2aa11faf6e95f010], PUP.Optional.Gameo.C, HKU\S-1-5-21-1745351314-3532001228-714929071-1000\SOFTWARE\Gameo, In Quarantäne, [c7a69ff1612905313e39d8f5d52ec43c], PUP.Optional.StormWatchApp.A, HKU\S-1-5-21-1745351314-3532001228-714929071-1000\SOFTWARE\StormWatchApp, In Quarantäne, [2746f19f206ab48278a5f5f41de620e0], PUP.Optional.Vosteran.A, HKU\S-1-5-21-1745351314-3532001228-714929071-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, In Quarantäne, [de8f8a06d7b3ff3700f3ce1217ec23dd], PUP.Optional.InstallCore.A, HKU\S-1-5-21-1745351314-3532001228-714929071-1000\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [6a0396fac1c942f4df7e63b9669ee11f], PUP.Optional.InstallCore.A, HKU\S-1-5-21-1745351314-3532001228-714929071-1000\SOFTWARE\INSTALLCORE, In Quarantäne, [1d5037597713082e77b060d235d0fb05], Registrierungswerte: 12 PUP.Optional.Vosteran.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggbc_14_50_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzyyD0B0Fzy0DtByEtAtD0BtN0D0Tzu0StCtDyBtBtN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyDtB0EtDyDyB0AtGyDtCtBtBtGzyyB0CzytG0BtByC0FtGyD0FtAzzyB0DzyzzyCtAyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByDtCyD0CyE0FyEtG0EyC0DtBtGyE0FtDyBtG0AtA0CyEtG0ByB0E0EyEyByB0D0AzytCyB2Q&cr=2137088293&ir=, In Quarantäne, [313c563a54361b1b99f5d7886a9b4ab6] PUP.Optional.Vosteran.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggbc_14_50_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzyyD0B0Fzy0DtByEtAtD0BtN0D0Tzu0StCtDyBtBtN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyDtB0EtDyDyB0AtGyDtCtBtBtGzyyB0CzytG0BtByC0FtGyD0FtAzzyB0DzyzzyCtAyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByDtCyD0CyE0FyEtG0EyC0DtBtGyE0FtDyBtG0AtA0CyEtG0ByB0E0EyEyByB0D0AzytCyB2Q&cr=2137088293&ir=, In Quarantäne, [59149000721871c58905abb4cb3a41bf] PUP.Optional.Vosteran.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Program Files (x86)\WSE_Vosteran\\FavIcon.ico, In Quarantäne, [35388d030d7dd3630985ca95e520758b] PUP.Optional.Vosteran.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Vosteran, In Quarantäne, [0a63741cf199fb3b6b23c39c2cd9e21e] PUP.Optional.Vosteran.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Vosteran, In Quarantäne, [29441878a3e71e18b0de3c230cf957a9] PUP.Optional.Vosteran.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, In Quarantäne, [c1acff917b0ff93dd2e5626bd3307090] PUP.Optional.InstallCore.A, HKU\S-1-5-21-1745351314-3532001228-714929071-1000\SOFTWARE\INSTALLCORE|tb, 0H1N1M, In Quarantäne, [1d5037597713082e77b060d235d0fb05] PUP.Optional.Vosteran.A, HKU\S-1-5-21-1745351314-3532001228-714929071-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggbc_14_50_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzyyD0B0Fzy0DtByEtAtD0BtN0D0Tzu0StCtDyBtBtN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyDtB0EtDyDyB0AtGyDtCtBtBtGzyyB0CzytG0BtByC0FtGyD0FtAzzyB0DzyzzyCtAyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByDtCyD0CyE0FyEtG0EyC0DtBtGyE0FtDyBtG0AtA0CyEtG0ByB0E0EyEyByB0D0AzytCyB2Q&cr=2137088293&ir=, In Quarantäne, [5f0ef49c0a80a78fe2ab89d6818432ce] PUP.Optional.Vosteran.A, HKU\S-1-5-21-1745351314-3532001228-714929071-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggbc_14_50_ch&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzyyD0B0Fzy0DtByEtAtD0BtN0D0Tzu0StCtDyBtBtN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyDtB0EtDyDyB0AtGyDtCtBtBtGzyyB0CzytG0BtByC0FtGyD0FtAzzyB0DzyzzyCtAyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByDtCyD0CyE0FyEtG0EyC0DtBtGyE0FtDyBtG0AtA0CyEtG0ByB0E0EyEyByB0D0AzytCyB2Q&cr=2137088293&ir=, In Quarantäne, [a6c71080fe8c7eb8d4b9e37cdb2ae917] PUP.Optional.Vosteran.A, HKU\S-1-5-21-1745351314-3532001228-714929071-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Program Files (x86)\WSE_Vosteran\\FavIcon.ico, In Quarantäne, [c0ad513f7a10e551a6e7dc8341c415eb] PUP.Optional.Vosteran.A, HKU\S-1-5-21-1745351314-3532001228-714929071-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Vosteran, In Quarantäne, [24490a8621698aacf29b2e313cc949b7] PUP.Optional.Vosteran.A, HKU\S-1-5-21-1745351314-3532001228-714929071-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Vosteran, In Quarantäne, [2e3f59376723bd79e6a7acb327de50b0] Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 11 PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\index-dir, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\databases, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\GPUCache, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\IndexedDB, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Local Storage, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], Rogue.Multiple, C:\ProgramData\600440862, In Quarantäne, [caa3543cc6c482b4ad3c0d7e3ac914ec], PUP.Optional.OpenCandy, C:\Users\Sebastian\AppData\Roaming\OpenCandy, In Quarantäne, [a8c5e8a80486c076c3a6603bf50eb14f], PUP.Optional.OpenCandy, C:\Users\Sebastian\AppData\Roaming\OpenCandy\515A04B5FCAD4CFC9293947EFC02A6D5, In Quarantäne, [a8c5e8a80486c076c3a6603bf50eb14f], Dateien: 152 PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\QuotaManager-journal, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\cookies, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\cookies-journal, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\QuotaManager, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\website.ico, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\0181f24ab138af4a_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\06103210ae5eb92b_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\06c293754c3b581c_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\08080ddb8cc6a830_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\08bec7baf02dd388_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\1041015f9233625e_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\112cbbdaf998834d_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\16e4e44e45819f2c_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\1c8b9c6fb09b945f_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\1db2d19ba02a933a_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\5ff63e69bbe8fa3c_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\67b8233399ef3c0a_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\6a1306778361cdcd_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\6a46777b47d8863e_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\6ae1d26128daffd3_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\70b7b3fb919ae398_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\724344affef6866f_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\76dddbb58cb7031b_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\7b6e4d38894c7ce6_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\7cc07ed3c66ea2df_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\7d2489466e83623f_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\7d8223921aacb861_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\8518c67b42278061_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\a67a7318862561a7_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\a682a844981d4e40_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\a7d69d2352e5b650_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\a91ae8724de1eb0e_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\a9361e184c4cb72a_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\aa8bbc37287750f0_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\aaeefa4ab6eecc50_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\ad86d49ecca8b2df_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\b1ae56428a811f8b_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\bee954ef48d1eb8a_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\c1aad3e247c8b661_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\c2516288dc7fb6c4_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\c5eca86e916913fe_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\c63d8bbef1db0b75_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\c885daad00d6b866_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\c89f38f36e14b01c_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\c9e3c65f3db0687c_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\33a758edf6e6f8c8_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\342b17e7321f58a0_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\34c65f273f242ede_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\35319df97143e7dd_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\35476b7a4a2257c2_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\38628010c0fdbeaf_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\3ef6dd6fdd41d808_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\3f04d22beb7de77a_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\413a904ec7778c9a_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\4192a20d93c859f3_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\47cff2ba15008159_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\4a64dc399d81d89f_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\ded3ca9af009c6b8_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\e0ea107913adae0a_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\e41d2684381c57ce_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\e6fd271ff39b17ee_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\e73715e67bd00315_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\e979ac0a8060ab42_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\ea34829245485817_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\eb6c84d93c82f411_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\ecfb11388b7aa485_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\f1735b905ef6c2df_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\f3418edc49e42b97_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\f37690632146389e_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\86285c0e2a5ab7a8_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\86f0121a115e5765_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\87bf08b981fcf8bc_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\8a2abd4eed83e9d6_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\8b11b1076a37839e_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\8e9779c7b292c7c8_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\8f97d94817ebf17d_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\9244068709286f15_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\942137aed1e21a04_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\cc9af08102830f10_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\cd1acf2b56f07960_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\cd4a6910b7732866_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\cd8526001a03f575_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\cddbfc027eb9e487_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\d0366b73f7b2ed1e_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\d30322ef25cfe65d_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\d69b50e26a4bd299_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\d71ebf43ce50c9a1_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\d9a56f39095d6987_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\dcc9d6cc6035d8ca_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\de3ec9ddc2b44a14_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\4b33b964997d748a_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\4b62fe917181ed62_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\4b8c022b478c47f9_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\4b9ea12fb2a3ce9e_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\4c09fa52ede2b43d_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\4c7b043df68ee6e0_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\4db1658c95d0b594_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\4fc1d6c2f5c967dd_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\5026166983212afa_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\56c9c0f8166a5117_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\58569553b691f61b_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\5899b8e104cc99fb_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\59f8199c46c0ac72_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\5c200e49ac7f47ac_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\5dc01be35679268f_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\5f77e03b68ff68b0_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\f504df7338998295_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\f7844bd1c4e244db_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\f7a72a7b132e4405_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\f99abff03768e681_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\facf0c91fb53984a_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\fb35cf784be698c4_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\fb9e96a5026356b2_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\fbfe6185ad14c857_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\fd9f88284a20e112_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\index, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\94615c9a6099d7d2_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\95ddd53adf512dbc_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\97c560348efcb873_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\97f3fd588819587c_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\9873f2673c3d8526_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\9b2d4542638c8d16_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\9c7627e2abfdccd9_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\a1628db2a5cd88af_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\a1e6112dc77a22e9_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\a6274ea93cd45247_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\1e4159023af8b86f_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\1ffec81be6d70b5b_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\20d08ebe23d790a4_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\2385d6bca304945e_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\2bf0c90887e3307d_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\2d5e1e7a317b7939_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\301d4b5b179b4c27_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\315a39b606bc4359_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\327e2f346370c855_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Cache\index-dir\the-real-index, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\databases\Databases.db, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\databases\Databases.db-journal, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\GPUCache\data_0, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\GPUCache\data_1, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\GPUCache\data_2, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\GPUCache\data_3, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\GPUCache\index, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\000003.log, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\CURRENT, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\LOCK, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\LOG, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\MANIFEST-000002, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Local Storage\file__0.localstorage, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], PUP.Optional.Gameo.A, C:\Users\Sebastian\AppData\Local\Gameo\Local Storage\file__0.localstorage-journal, In Quarantäne, [eb8279177a10bd79afaa25286f9653ad], Rogue.Multiple, C:\ProgramData\600440862\BIT1E53.tmp, In Quarantäne, [caa3543cc6c482b4ad3c0d7e3ac914ec], PUP.Optional.OpenCandy, C:\Users\Sebastian\AppData\Roaming\OpenCandy\515A04B5FCAD4CFC9293947EFC02A6D5\TuneUp2014GER15day-de-DE-p4v1.exe, In Quarantäne, [a8c5e8a80486c076c3a6603bf50eb14f], Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) 4. PC neugestart -> Problem immer noch vorhanden 5. benutzen eines Wiederherstellungspunktes brachte auch keine Verbesserung Zu meinem System: Windows 7 Professional 64 Bit Virenschutz Kaspersky Ich hoffe Ihr könnt mir weiterhelfen. Der Fehler ist erst seit Gestern da und habe eigentlich nichts geändert. MfG Seppell Geändert von Seppell (07.05.2015 um 16:52 Uhr) Grund: versehentlich abgeschickt |
|
07.05.2015, 17:03
| #2 |
| /// the machine /// TB-Ausbilder    | Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf! hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
07.05.2015, 17:12
| #3 |
| | Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf! Hi,
__________________Und danke für deine schnelle Antwort: FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01 Ran by Sebastian (administrator) on SEBASTIAN-PC on 07-05-2015 18:08:11 Running from C:\Users\Sebastian\Desktop Loaded Profiles: Sebastian (Available profiles: Sebastian) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\AppVShNotify.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\System32\calc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes Corporation) E:\ Malwarebytes Anti-Malware \mbam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1745351314-3532001228-714929071-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2197288 2014-09-19] (Palit Microsystems Ltd.) HKU\S-1-5-21-1745351314-3532001228-714929071-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1745351314-3532001228-714929071-1000\...\Run: [\\SPEEDPORT\USB2.0 MFP(Hi-Speed)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE [221696 2007-12-17] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-1745351314-3532001228-714929071-1000\...\Policies\Explorer: [] HKU\S-1-5-21-1745351314-3532001228-714929071-1000\...\MountPoints2: {3c0ad6c8-669c-11e4-ba18-50e5495bf9d2} - I:\autorun.exe HKU\S-1-5-21-1745351314-3532001228-714929071-1000\...\MountPoints2: {3c0ade66-669c-11e4-ba18-50e5495bf9d2} - K:\Autorun.exe HKU\S-1-5-21-1745351314-3532001228-714929071-1000\...\MountPoints2: {ecf0ab53-6680-11e4-b608-806e6f6e6963} - H:\Run.exe HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-05-01] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: [S-1-5-21-1745351314-3532001228-714929071-1000] => proxy1.hswt.de:8080 HKU\S-1-5-21-1745351314-3532001228-714929071-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKU\S-1-5-21-1745351314-3532001228-714929071-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1745351314-3532001228-714929071-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1745351314-3532001228-714929071-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java\bin\ssv.dll [2014-11-12] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-03-10] (Microsoft Corporation) BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java\bin\jp2ssv.dll [2014-11-12] (Oracle Corporation) BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-03-10] (Microsoft Corporation) BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation) BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-17] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{FE069612-7581-4713-9246-B43BAB6FDE31}: [NameServer] 10.156.33.53,129.187.5.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-24] () FF Plugin: @java.com/DTPlugin,version=11.25.2 -> D:\Java\bin\dtplugin\npDeployJava1.dll [2014-11-12] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> D:\Java\bin\plugin2\npjp2.dll [2014-11-12] (Oracle Corporation) FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-24] () FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-11-19] () FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-11-19] () FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-11-19] () FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-17] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1745351314-3532001228-714929071-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll No File FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-11-07] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-11-07] FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-11-07] Chrome: ======= CHR HomePage: Profile 2 -> hxxp://www.google.com/ CHR StartupUrls: Profile 2 -> "hxxp://www.google.de/" CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-07] CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-07] CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-07] CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-27] CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-11-20] CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-07] CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-11-13] CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-07] CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2 CHR Extension: (Google Slides) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-06] CHR Extension: (Angry Birds) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-05-06] CHR Extension: (Google Docs) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-06] CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-06] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-05-06] CHR Extension: (Tribal Wars) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bfcoihkppmlaldchalnpmolekhkmdoej [2015-05-06] CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-06] CHR Extension: (Adblock Plus) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-06] CHR Extension: (Google Search) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-06] CHR Extension: (Kaspersky Protection) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-05-06] CHR Extension: (Google Sheets) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-06] CHR Extension: (Click&Clean) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2015-05-06] CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-06] CHR Extension: (Gmail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-06] CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.) S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.) R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation) S2 MBAMService; E:\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation) S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation) S4 Origin Client Service; E:\Origin\OriginClientService.exe [1931632 2015-04-14] (Electronic Arts) S4 ss_conn_service; E:\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S4 TeamViewer9; E:\TeamViewer9\TeamViewer_Service.exe [5261584 2015-04-09] (TeamViewer GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-11-07] () R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-11-19] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-10] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-11-19] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-11-07] () S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-07] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-06-16] (Intel Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-12-20] (RapidSolution Software AG) R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-11-19] (Audials AG) R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-12-20] (RapidSolution Software AG) R3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.) S3 cpuz138; \??\C:\Users\SEBAST~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-07 18:08 - 2015-05-07 18:08 - 00021933 _____ () C:\Users\Sebastian\Desktop\FRST.txt 2015-05-07 18:08 - 2015-05-07 18:08 - 00000000 ____D () C:\FRST 2015-05-07 18:06 - 2015-05-07 18:06 - 02102272 _____ (Farbar) C:\Users\Sebastian\Desktop\FRST64.exe 2015-05-07 18:03 - 2015-05-07 18:07 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-05-07 18:02 - 2015-05-07 18:07 - 00000000 ____D () C:\Users\Sebastian\Desktop\mbar 2015-05-07 18:02 - 2015-05-07 18:02 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Sebastian\Desktop\mbar-1.09.1.1004.exe 2015-05-07 17:54 - 2015-05-07 18:02 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-05-07 17:54 - 2015-05-07 17:55 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-05-07 17:54 - 2015-05-07 17:54 - 00000622 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-05-07 17:54 - 2015-05-07 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-05-07 17:54 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-05-07 17:54 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-05-07 16:25 - 2015-05-07 16:25 - 00030287 _____ () C:\Users\Sebastian\Desktop\Trojaner-borad.txt 2015-05-06 22:59 - 2015-05-06 22:59 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-05-06 22:36 - 2015-05-06 22:36 - 00000162 ____H () C:\Users\Sebastian\Desktop\~$benslauf-2.odt 2015-05-05 15:28 - 2015-05-05 15:30 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\AdvertismentImages 2015-04-30 21:29 - 2015-05-07 16:27 - 00000280 _____ () C:\Windows\setupact.log 2015-04-30 21:29 - 2015-04-30 21:29 - 00000000 _____ () C:\Windows\setuperr.log 2015-04-29 22:22 - 2015-05-07 17:47 - 00128569 _____ () C:\Windows\WindowsUpdate.log 2015-04-29 19:30 - 2015-04-29 19:30 - 00000000 ____D () C:\ProgramData\LogiShrd 2015-04-29 19:30 - 2015-04-29 19:30 - 00000000 ____D () C:\ProgramData\Apple 2015-04-29 19:30 - 2015-04-29 19:30 - 00000000 ____D () C:\Program Files\Bonjour 2015-04-29 19:30 - 2015-04-29 19:30 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2015-04-29 19:29 - 2015-04-29 19:30 - 00000000 ____D () C:\Program Files\Logitech Gaming Software 2015-04-29 15:57 - 2015-04-29 15:57 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Logitech 2015-04-29 15:57 - 2015-04-29 15:57 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Logishrd 2015-04-28 16:07 - 2015-04-28 16:13 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2015-04-15 08:37 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-04-15 08:37 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-04-15 08:37 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-04-15 08:37 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-04-15 08:37 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-04-15 08:37 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-04-15 08:37 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-04-15 08:37 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-04-15 08:37 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-04-15 08:37 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-04-15 08:37 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-04-15 08:37 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-04-15 08:37 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-04-15 08:37 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-04-15 08:37 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-04-15 08:37 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-04-15 08:37 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-04-15 08:37 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-04-15 08:37 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-04-15 08:37 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-04-15 08:37 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-04-15 08:37 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-04-15 08:37 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-04-15 08:37 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-04-15 08:37 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-04-15 08:37 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-04-15 08:37 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-04-15 08:37 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-04-15 08:37 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-04-15 08:37 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-04-15 08:37 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-04-15 08:37 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-04-15 08:37 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-04-15 08:37 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-04-15 08:37 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-04-15 08:37 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-04-15 08:37 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-04-15 08:37 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-04-15 08:37 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-04-15 08:37 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-04-15 08:37 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-04-15 08:37 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-04-15 08:37 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-04-15 08:37 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-04-15 08:37 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-04-15 08:37 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-04-15 08:37 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-04-15 08:37 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-04-15 08:37 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-04-15 08:37 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-04-15 08:37 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-04-15 08:37 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-04-15 08:37 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-04-15 08:37 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-04-15 08:37 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-04-15 08:37 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-04-15 08:37 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-04-15 08:37 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-04-15 08:33 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-04-15 08:33 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-04-15 08:33 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-04-15 08:33 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-04-15 08:33 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-04-15 08:33 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-04-15 08:33 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-04-15 08:33 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-04-15 08:33 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-04-15 08:33 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-04-15 08:33 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-04-15 08:33 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-04-15 08:33 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-04-15 08:33 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-04-15 08:33 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-04-15 08:33 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-04-15 08:32 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-04-15 08:32 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-04-15 08:32 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-04-15 08:32 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-04-15 08:32 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-04-15 08:32 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-04-15 08:32 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-04-15 08:32 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-04-15 08:32 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-04-15 08:32 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-04-15 08:32 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-04-15 08:32 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-04-15 08:32 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-04-15 08:32 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-04-15 08:32 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-04-15 08:32 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-04-15 08:32 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-04-15 08:32 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-04-15 08:32 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-04-15 08:32 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-04-15 08:32 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-04-15 08:32 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-04-15 08:32 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-04-15 08:32 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-04-15 08:32 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-04-15 08:32 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-04-15 08:32 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-04-15 08:32 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-04-15 08:32 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-04-15 08:32 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-04-15 08:32 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-04-15 08:32 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-04-15 08:32 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-04-15 08:32 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-04-15 08:32 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-04-15 08:32 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-04-15 08:32 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-04-15 08:32 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-04-15 08:32 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-04-15 08:32 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-04-15 08:32 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-04-15 08:32 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-04-15 08:32 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-04-15 08:32 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-04-15 08:32 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-04-15 08:32 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-04-15 08:32 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-04-15 08:32 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-04-15 08:32 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-04-15 08:32 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-04-15 08:32 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-04-15 08:32 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-04-15 08:32 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2015-04-15 08:27 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2015-04-15 08:27 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2015-04-15 08:27 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll 2015-04-14 14:00 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-04-14 13:59 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-04-14 13:59 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-04-14 13:59 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-04-14 13:41 - 2015-04-19 20:36 - 00000000 ____D () C:\Program Files\Rockstar Games 2015-04-14 13:41 - 2015-04-19 20:36 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games 2015-04-14 13:38 - 2015-04-14 13:38 - 00000577 _____ () C:\Users\Public\Desktop\Grand Theft Auto V.lnk 2015-04-09 22:09 - 2015-05-07 16:26 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\SketchUp 2015-04-09 18:11 - 2015-04-09 18:11 - 00000000 ____D () C:\ProgramData\SketchUp 2015-04-09 18:11 - 2015-04-09 18:11 - 00000000 ____D () C:\ProgramData\Reprise 2015-04-09 17:54 - 2015-04-09 18:18 - 00905216 _____ () C:\Users\Sebastian\Documents\Photovoltaik-Klemens.accdb ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-07 18:03 - 2014-11-09 15:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-07 17:54 - 2014-11-07 17:54 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2015-05-07 17:51 - 2014-11-07 17:23 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-07 16:41 - 2015-03-17 14:17 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2015-05-07 16:35 - 2009-07-14 06:45 - 00028688 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-07 16:35 - 2009-07-14 06:45 - 00028688 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-07 16:31 - 2009-07-14 19:58 - 00702954 _____ () C:\Windows\system32\perfh007.dat 2015-05-07 16:31 - 2009-07-14 19:58 - 00150612 _____ () C:\Windows\system32\perfc007.dat 2015-05-07 16:31 - 2009-07-14 07:13 - 01629434 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-07 16:30 - 2014-12-08 13:41 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\uTorrent 2015-05-07 16:27 - 2014-11-07 17:23 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-07 16:27 - 2014-11-07 16:57 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\NVIDIA 2015-05-07 16:27 - 2014-11-07 15:25 - 00000000 ____D () C:\Users\Sebastian 2015-05-07 16:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-07 16:26 - 2015-04-04 23:29 - 00000000 ___SD () C:\Windows\system32\GWX 2015-05-07 16:26 - 2015-03-17 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-05-07 16:26 - 2015-02-25 14:57 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\.minecraft 2015-05-07 16:26 - 2014-12-26 17:39 - 00000000 ____D () C:\Users\Sebastian\Desktop\Landwirtschafts-Simulator 2015 (PC Download) 2015-05-07 16:26 - 2014-12-08 22:14 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory 2015-05-07 16:26 - 2014-12-08 11:40 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Gameo 2015-05-07 16:26 - 2014-11-30 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2015-05-07 16:26 - 2014-11-30 18:49 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Battle.net 2015-05-07 16:26 - 2014-11-12 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-05-07 16:26 - 2014-11-07 23:33 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\vlc 2015-05-07 16:26 - 2014-11-07 18:29 - 00000000 ____D () C:\Users\Sebastian\Desktop\Programme 2015-05-07 16:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2015-05-07 16:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-05-06 22:31 - 2014-11-13 19:12 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TeamViewer 2015-05-06 21:18 - 2014-11-30 18:49 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Battle.net 2015-05-05 21:01 - 2014-12-01 21:47 - 00002244 ____H () C:\Users\Sebastian\Documents\Default.rdp 2015-04-30 21:31 - 2014-11-13 23:03 - 00000000 ____D () C:\Users\Sebastian\Documents\Assassin's Creed Unity 2015-04-30 21:29 - 2009-07-14 06:45 - 05127464 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-04-29 22:28 - 2014-11-07 16:59 - 00141520 _____ () C:\Users\Sebastian\AppData\Local\GDIPFONTCACHEV1.DAT 2015-04-29 22:25 - 2014-11-07 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts 2015-04-29 22:22 - 2014-11-07 15:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-04-29 22:19 - 2014-11-12 13:25 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-04-29 19:30 - 2014-11-30 18:58 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Logitech 2015-04-28 18:50 - 2014-11-07 17:55 - 00000000 ____D () C:\ProgramData\Origin 2015-04-26 16:52 - 2014-11-07 19:13 - 00000574 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2015-04-22 19:58 - 2015-04-06 19:39 - 00000000 ____D () C:\Users\Sebastian\.freemind 2015-04-22 17:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2015-04-19 14:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2015-04-16 18:35 - 2014-12-11 11:51 - 00000000 ____D () C:\Windows\system32\appraiser 2015-04-16 18:35 - 2014-11-07 16:42 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-04-15 22:32 - 2014-11-07 17:18 - 01602778 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2015-04-15 22:31 - 2014-11-07 15:46 - 00000000 ____D () C:\Windows\system32\MRT 2015-04-15 22:29 - 2014-11-07 15:46 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-04-15 18:18 - 2015-03-11 19:52 - 00000000 ____D () C:\Windows\system32\appmgmt 2015-04-15 18:18 - 2009-07-14 20:18 - 00000000 ____D () C:\Windows\ShellNew 2015-04-15 18:18 - 2009-07-14 04:34 - 00000387 _____ () C:\Windows\win.ini 2015-04-15 08:13 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-04-14 14:00 - 2014-11-07 21:42 - 00000000 ____D () C:\temp 2015-04-14 14:00 - 2014-11-07 15:47 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-04-14 14:00 - 2014-11-07 15:47 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2015-04-14 13:44 - 2014-11-12 14:58 - 00000000 ____D () C:\Users\Sebastian\Documents\Rockstar Games 2015-04-14 13:42 - 2014-11-07 22:50 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Rockstar Games 2015-04-14 13:38 - 2014-11-07 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2015-04-11 15:22 - 2015-02-25 14:52 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\ftblauncher 2015-04-09 02:58 - 2015-02-18 16:34 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-04-09 02:58 - 2014-11-12 13:24 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-04-09 02:58 - 2014-11-12 13:24 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-04-09 02:58 - 2014-11-12 13:21 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-04-09 02:58 - 2014-11-12 13:21 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-04-09 02:58 - 2014-11-12 13:21 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-04-09 02:58 - 2014-11-12 13:21 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-04-09 02:58 - 2014-11-12 13:21 - 00029329 _____ () C:\Windows\system32\nvinfo.pb 2015-04-08 23:30 - 2014-11-12 13:25 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-04-08 23:30 - 2014-11-12 13:25 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-04-08 23:30 - 2014-11-12 13:25 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-04-08 23:30 - 2014-11-12 13:25 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-04-08 23:30 - 2014-11-12 13:25 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-04-08 23:30 - 2014-11-12 13:25 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-04-08 19:52 - 2014-11-12 13:25 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin ==================== Files in the root of some directories ======= 2015-01-23 01:02 - 2015-01-23 01:02 - 0000132 _____ () C:\Users\Sebastian\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen 2014-12-01 16:23 - 2014-12-28 01:24 - 0007598 _____ () C:\Users\Sebastian\AppData\Local\Resmon.ResmonCfg 2014-11-07 20:44 - 2014-12-11 20:38 - 0000041 ___SH () C:\ProgramData\.zreglib 2014-11-12 00:33 - 2014-11-12 00:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-02-03 15:07 - 2015-02-03 15:07 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc Some content of TEMP: ==================== C:\Users\Sebastian\AppData\Local\Temp\GTA_V_Launcher_1_0_350_1.exe C:\Users\Sebastian\AppData\Local\Temp\i4jdel0.exe C:\Users\Sebastian\AppData\Local\Temp\proxy_vole4934949912009155957.dll C:\Users\Sebastian\AppData\Local\Temp\sfamcc00001.dll C:\Users\Sebastian\AppData\Local\Temp\sfareca00001.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-05 11:58 ==================== End Of Log ============================ |
|
07.05.2015, 17:12
| #4 |
| | Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf! Leider hat beides nicht in einen Post gepasst Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by Sebastian at 2015-05-07 18:08:28
Running from C:\Users\Sebastian\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1745351314-3532001228-714929071-500 - Administrator - Disabled)
Gast (S-1-5-21-1745351314-3532001228-714929071-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1745351314-3532001228-714929071-1009 - Limited - Enabled)
Sebastian (S-1-5-21-1745351314-3532001228-714929071-1000 - Administrator - Enabled) => C:\Users\Sebastian
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
ANNO 1404 - Venedig (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version: - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Audials (HKLM-x32\...\{A7207DE0-6320-4585-8335-63B24247EE7D}) (Version: 12.0.55701.100 - Audials AG)
Audials (HKLM-x32\...\{DBA5239C-921A-41CC-8A65-FFF45986372B}) (Version: 9.0.57911.1100 - RapidSolution Software AG)
AutoCAD 2015 - Deutsch (German) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - Deutsch (German) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.1.2.1000 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk AutoCAD 2015 - Deutsch (German) (HKLM\...\AutoCAD 2015 - Deutsch (German)) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Maya 2015 (HKLM\...\Autodesk Maya 2015) (Version: 15.2.1633.0 - Autodesk)
Autodesk Maya 2015 (Version: 15.2.1633.0 - Autodesk) Hidden
Autodesk Maya 2015 SP2 (HKLM\...\Autodesk Maya 2015 SP2) (Version: 15.2.1633.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk ReCap (Version: 1.3.1.39 - Autodesk) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
BioShock (HKLM-x32\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.62.0000 - 2K Games)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Breitbildfix (HKLM-x32\...\Breitbildfix) (Version: 0.5.0 - davied)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.6 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.6 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
CPUID CPU-Z 1.71 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crysis (HKLM-x32\...\{E70E73B2-DABD-40E4-AE50-81B22567F418}) (Version: 1.1.1.6115 - Electronic Arts)
Crysis WARHEAD(R) (HKLM-x32\...\Crysis WARHEAD(R)) (Version: - Electronic Arts)
Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek) Hidden
CrystalDiskInfo 6.2.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.2.1 - Crystal Dew World)
DDS Thumbnail Viewer (HKLM-x32\...\{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}) (Version: 1.00.000 - )
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DIE SIEDLER - Das Erbe der Könige (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
Die Siedler III Gold Edition (HKLM-x32\...\S3) (Version: - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.5.149.1020 - Electronic Arts Inc.)
Druckerdeinstallation für EPSON Stylus SX400 Series (HKLM\...\EPSON Stylus SX400 Series) (Version: - SEIKO EPSON Corporation)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.101 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.101 - Etron Technology) Hidden
FormatFactory 3.5.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.5.1.0 - Format Factory)
GIANTS Editor 6.0.3 64-bit (HKLM-x32\...\giants_editor_6.0.3_win64_is1) (Version: 6.0.3 - GIANTS Software GmbH)
GII_Win7_Nvidia_Workaround (HKLM-x32\...\GII_Win7_Nvidia_Workaround) (Version: 1.0 - Diverse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gothic (HKLM-x32\...\{BD56DFBF-110C-4CC2-910A-80C0759397AA}) (Version: 1.0.0 - JoWooD)
Gothic 2 Gold (HKLM-x32\...\{3A5FB407-4499-4514-BE05-A4BCADD87163}) (Version: 1.0.0 - JoWooD )
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
Gothic: Gothic I Breitbildkamera-Patch (HKLM-x32\...\Breitbild_Patch) (Version: 1.2 - davied)
Gothic_Patch (HKLM-x32\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version: - )
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.2.0.0 - GIANTS Software)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Rock Raiders (HKLM-x32\...\LEGO Rock Raiders) (Version: - )
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.1.0.6 - Marvell)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4711.1003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
Patrician IV Gold (HKLM-x32\...\{CDD92071-5688-493D-9980-540D006B375C}) (Version: 1.0.0.0 - Gaming Minds Studios GmbH)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Risen (HKLM-x32\...\Steam App 40300) (Version: - Piranha – Bytes)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14123.5 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14123.5 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimCity 4 (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version: 1.1.0.3 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Star Wars Jedi Knight Jedi Academy (HKLM-x32\...\{0D994CC5-819F-4657-84DD-397B8FE1EA80}) (Version: - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Supreme Commander (HKLM-x32\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
Thunder Master v2.6 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 2.6.0.0 - Palit Microsystems Ltd.)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Tomb Raider II (HKLM-x32\...\Tomb Raider II) (Version: - )
Tomb Raider III (HKLM-x32\...\Tomb Raider III) (Version: - )
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version: - )
Tomb Raider: Legend 1.2 (HKLM-x32\...\Tomb Raider: Legend) (Version: - )
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WORLD IN CONFLICT: SOVIET ASSAULT (HKLM-x32\...\{F11ADC64-C89E-47F4-A0B3-3665FF859397}) (Version: 1.0.1.0 - Ubisoft Entertainment)
Worms Forts Under Siege (HKLM-x32\...\{917E73C2-C7DA-4C12-9774-A6A2730BCAAB}) (Version: 1.00.0001 - Ihr Firmenname)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1745351314-3532001228-714929071-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> E:\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1745351314-3532001228-714929071-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> E:\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1745351314-3532001228-714929071-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> E:\AutoCAD 2015\de-DE\acadficn.dll (Autodesk, Inc.)
==================== Restore Points =========================
28-04-2015 15:57:34 Windows Update
28-04-2015 16:07:59 Installed @BIOS
29-04-2015 19:29:45 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
29-04-2015 22:22:07 Removed @BIOS
29-04-2015 22:23:33 Removed LibreOffice 4.2.7.2
29-04-2015 22:26:36 SketchUp 2015 wurde entfernt
01-05-2015 17:44:14 Windows Update
05-05-2015 11:56:55 Windows Update
05-05-2015 15:32:48 Removed Bonjour
07-05-2015 16:26:03 Wiederherstellungsvorgang
07-05-2015 16:30:55 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {21C673CA-E0B7-4641-B1DF-46298ED4A02D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-04-22] (Microsoft Corporation)
Task: {65B6CACD-22D9-4917-A00A-907D3CFB0555} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {69E61C9E-75B6-4FF8-AEEE-3B1E7C3D4F66} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7156B3A2-E0D7-47AA-87B5-E8C7E135F195} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7489857D-C08E-4815-B678-C4913FBE3FFF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {7774FF98-89DD-4943-9CBF-ED1659BD71C9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-03-17] (Microsoft Corporation)
Task: {7D88B625-6F80-45C9-81CE-90E6313D40A2} - System32\Tasks\CCleanerSkipUAC => E:\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {87ADA57C-280B-4B83-95EB-CB573EDC4A09} - System32\Tasks\ThunderMaster => C:\Program Files (x86)\Thunder Master\THPanel.exe [2014-09-19] (Palit Microsystems Ltd.)
Task: {898AF7D6-635A-461D-B1FC-43A30396982C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: {8B0246BC-AB4F-481E-8FC9-8E88E0AE1A19} - System32\Tasks\{87C913E4-7D02-4EBA-A350-DFC73BB88F81} => H:\S3\AUTORUN.EXE
Task: {9F85A9DB-0B92-4A17-8B44-1DD4C8B337C3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {B2D6CE86-5F3E-4591-994F-CD4965E032CB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-24] (Adobe Systems Incorporated)
Task: {BDA909DB-CC17-417B-92C0-852A2F2E757D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: {C796F6C6-F3EF-4C3D-A5E3-15EAB5AD7F66} - System32\Tasks\SamsungMagician => MagPath
Task: {E9D4F055-C648-46F0-AEB9-6E0C01B93B72} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {EC87E435-F411-4CC8-B1CF-AB49CBF46A41} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-03-17] (Microsoft Corporation)
Task: {FC988F41-4EB7-46E9-AF44-3A0195EF2AAD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-11-12 13:25 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-17 14:17 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () E:\Notepad++\NppShell_06.dll
2015-02-20 21:53 - 2015-02-18 03:34 - 01450312 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-20 21:53 - 2015-02-18 03:34 - 00205128 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-20 21:53 - 2015-02-18 03:34 - 10864456 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2015-02-20 21:53 - 2015-02-18 03:34 - 26771784 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2015-04-13 15:52 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-11-09 22:57 - 2014-11-09 22:57 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b2363cf94faf59386ab4778a39c16e2b\IsdiInterop.ni.dll
2014-11-07 17:26 - 2011-05-20 11:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Sebastian\.DS_Store:AFP_AfpInfo
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1745351314-3532001228-714929071-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Autodesk Content Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: nkdytjtjsw32 => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: vpnagent => 2
MSCONFIG\startupfolder: C:^Users^Sebastian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Sebastian\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AudialsNotifier => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: CCleaner Monitoring => "E:\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: CloneCDTray => "E:\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: KiesPDLR.exe => E:\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesTrayAgent => E:\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: VirtualCloneDrive => "E:\VirtualCloneDrive\VCDDaemon.exe" /s
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [{F390D810-B362-4EDE-90DA-D03AB63FDF5B}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{5DE60864-663F-4450-9290-F509FFD698F1}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{7F16188A-BA77-487C-A7CE-3684F4BC08B6}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{418E1FB0-0F49-4A63-BF97-A86BC7040320}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{FE5A6ACE-019A-4EF1-883E-AF26E9F3209E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{64E301F9-6C61-4A9C-A6FA-813A40AD5AF7}] => (Allow) F:\Origin\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{BE5F4635-EA09-420C-8561-CDC10DF63ECB}] => (Allow) F:\Origin\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{E2606C35-7658-4D9A-AF10-1BB187C20786}] => (Allow) F:\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{63C1195C-4843-42FE-8A58-F2E151599314}] => (Allow) F:\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{CE2EEB3D-40FE-41E2-B28B-BAA87B79CF91}] => (Allow) F:\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{0011770B-CC87-49B0-9586-0D160E6C2551}] => (Allow) F:\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{4B5FD04B-41BB-427B-9E13-F67C8C9F0062}] => (Allow) F:\ANNO 1404\Anno4.exe
FirewallRules: [{3B12C34E-C56D-4B75-BAFD-A6802020C8D9}] => (Allow) F:\ANNO 1404\Anno4.exe
FirewallRules: [{F48434DF-A0C1-4511-B50F-1F82B7F165EB}] => (Allow) F:\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{FD77CB45-B51F-468C-95CE-12B20A721421}] => (Allow) F:\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{5BB46788-CD62-4C31-AFC0-C1E189ED3552}] => (Allow) C:\Program Files (x86)\Kalypso Media\Patrician IV Gold\Patrician4Gold.exe
FirewallRules: [{4BDA0EA9-6211-448F-8611-5FA50F94763D}] => (Allow) F:\GTA4\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{CA840FE1-867A-4BA1-9779-C8CE3E8092F3}] => (Allow) F:\GTA4\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{BF5A931E-2C44-42E1-AA35-14B856911468}] => (Allow) F:\Assassins Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{D3E114E4-10AE-4D43-A99B-8F9A8F65B99F}] => (Allow) F:\Assassins Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{5F2E98BE-0A9C-4128-A4D9-9AED8D5D2C41}] => (Allow) F:\Assassins Creed 2\AssassinsCreedII.exe
FirewallRules: [{6EA208AB-C50B-4B7E-837E-8D58F94E711F}] => (Allow) F:\Assassins Creed 2\AssassinsCreedII.exe
FirewallRules: [{419ABBE1-5BEA-4B93-8EAA-2BF7D80E0041}] => (Allow) F:\Assassins Creed 2\UPlayBrowser.exe
FirewallRules: [{A5547E3B-18A9-4B13-ACBC-832857119CBD}] => (Allow) F:\Assassins Creed 2\UPlayBrowser.exe
FirewallRules: [{F77B3049-1A99-4CB0-9A79-E566026E9072}] => (Allow) F:\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{B91BA33E-A628-4755-96AC-9C2AAAF0DEEA}] => (Allow) F:\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{2310B58C-5D56-4940-BFDF-8C283A241CB6}] => (Allow) F:\Assassins Creed Brotherhood\ACBMP.exe
FirewallRules: [{A2EB0B5E-97D9-4603-AEBE-C42F22C9C26A}] => (Allow) F:\Assassins Creed Brotherhood\ACBMP.exe
FirewallRules: [{80605B5C-B73C-4C68-BF25-CFE7A5ACA2E8}] => (Allow) F:\Assassins Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{82CD1AB4-EE13-42CB-8955-D2CE54F3BEF4}] => (Allow) F:\Assassins Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{8FFD8714-A4DC-44E8-B799-6D893263E73E}] => (Allow) F:\Assassins Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{5A323FA0-CB1B-4F44-9871-19788F1E6074}] => (Allow) F:\Assassins Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{9AC38C70-B523-4333-A81E-752A477F5062}] => (Allow) F:\Assassins Creed Revelations\ACRSP.exe
FirewallRules: [{5456D2F8-526E-4BA5-ACB8-7AA9F041269D}] => (Allow) F:\Assassins Creed Revelations\ACRSP.exe
FirewallRules: [{7583B2E8-D2E0-413E-A210-E59BD07D5D1E}] => (Allow) F:\Assassins Creed Revelations\ACRMP.exe
FirewallRules: [{B24A932D-8DE3-45BA-A9AE-C6BB01F67585}] => (Allow) F:\Assassins Creed Revelations\ACRMP.exe
FirewallRules: [{5860B4C9-FA47-4600-9FD0-B70AA5345747}] => (Allow) F:\Assassins Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{8A40A1A0-D50F-4CAA-8B66-DF29B649EA76}] => (Allow) F:\Assassins Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{D0F9D2D5-814E-48AF-9975-3D6A07B8EAD0}] => (Allow) F:\Assassins Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{88EDDF7C-F2FF-4DA2-B47E-A3A226703457}] => (Allow) F:\Assassins Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{F42AC2AA-7C31-4DEC-8EDA-14CF163D1E1D}] => (Allow) F:\Assassins Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{4C53D78A-C41A-4BD3-A7AF-1B28F0CB28ED}] => (Allow) F:\Assassins Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{A3B12DD2-B2C2-4695-B9C0-A23738A3BC8E}] => (Allow) F:\Assassins Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{8F3BA1F4-A4BD-4AC2-92D1-F9F86FC28F7A}] => (Allow) F:\Assassins Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{DD3012CC-E3EB-4F5D-8286-E96C7190C71F}] => (Allow) F:\SimCity\SimCity\SimCity\SimCity.exe
FirewallRules: [{92B551DA-989B-4B0F-B544-23F7B7B6A241}] => (Allow) F:\SimCity\SimCity\SimCity\SimCity.exe
FirewallRules: [{54E27879-8A3C-4D6B-8D65-10D4FA379780}] => (Allow) F:\World in Conflikt\wic.exe
FirewallRules: [{C0595994-2F95-4501-A7D6-D4432A451DC0}] => (Allow) F:\World in Conflikt\wic.exe
FirewallRules: [{33692EBC-2135-4525-A0AB-2929E1228E8B}] => (Allow) F:\World in Conflikt\wic_online.exe
FirewallRules: [{BEB31215-0E86-4B4B-9FD4-9CA1B76B044E}] => (Allow) F:\World in Conflikt\wic_online.exe
FirewallRules: [{50512174-FE5A-4397-93D6-BA2C9DE44816}] => (Allow) F:\World in Conflikt\wic_ds.exe
FirewallRules: [{CF2ACB93-25E2-4E9A-8635-C0CA4A41860D}] => (Allow) F:\World in Conflikt\wic_ds.exe
FirewallRules: [{B7751D01-D184-4C70-9E72-8179DA3BFE1D}] => (Allow) F:\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{35005F13-897E-401F-B6C7-FB9FFBD11102}] => (Allow) F:\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{01D72F0F-6ADF-4A55-B04A-73120924D805}] => (Allow) F:\ANNO 1404\Addon.exe
FirewallRules: [{1C59F7AD-AFB1-4452-A9EC-0F837BACAC4F}] => (Allow) F:\ANNO 1404\Addon.exe
FirewallRules: [{8DF4EE42-31BD-49C1-8D93-577D2B192F66}] => (Allow) F:\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{929AA978-CC66-4133-A04A-596BCFC49FBE}] => (Allow) F:\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{A6EC23A7-453A-4198-80B3-AFC528E9C6E3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0980D154-F9F8-4482-A29D-D9400CE97E8A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{051E90F1-615B-4C43-980E-805AC76CD22E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FF2711F7-D7C0-4A62-BA67-16D4C3FC6BB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8CEF5C64-8659-4C50-A352-23072D9210C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DDAB1FF3-B1D2-4D3F-A4A0-1491C46AE53A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{828D492C-5D94-4C6A-9BA8-956A39D201F5}] => (Allow) F:\Assassin's Creed Unity\ACU.exe
FirewallRules: [{397F08C8-BDF4-4BCD-B1C3-AD98D6035459}] => (Allow) F:\Assassin's Creed Unity\ACU.exe
FirewallRules: [{1DD8A585-D5FD-448B-8C3A-B0D18E47F39A}] => (Allow) F:\SimCity\SimCity 4 Deluxe Edition\Apps\SimCity 4.exe
FirewallRules: [{1F62EBB6-4825-4C4F-A3E5-EA2E3CC283C0}] => (Allow) F:\SimCity\SimCity 4 Deluxe Edition\Apps\SimCity 4.exe
FirewallRules: [{52BDCCE5-FE06-4A7F-B396-8ECB49685CA3}] => (Allow) F:\Spiele Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{3522A447-45DF-48E7-9065-DC5C54B4A6D8}] => (Allow) F:\Spiele Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{70CAD1BB-28BE-4BA8-9496-03F7C78C992E}] => (Allow) F:\Spiele Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{A887B6CD-4F2E-438F-A8B9-FFEE677F8E18}] => (Allow) F:\Spiele Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{0FBD8DD9-B2A7-4BF6-A8DC-40F37E4FE2C5}] => (Allow) F:\Spiele Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{843AB26F-80CE-4DFC-A50D-050A0DB459A7}] => (Allow) F:\Spiele Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{7F52DA87-E71E-4AE5-B425-70F3A289816E}] => (Allow) F:\Spiele Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{2BC39502-3892-4D11-A2AC-BA84915D9DBF}] => (Allow) F:\Spiele Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{6C9EC92D-A0B3-44AB-AC9A-E42F182C392E}] => (Allow) F:\Spiele Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{70AD5A4B-2A25-4242-B7D6-A43DFB6624A9}] => (Allow) F:\Spiele Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{D78DBEEE-B603-48EC-8BC7-BE60C4D7DC4D}] => (Allow) F:\Spiele Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{CD5C3DE8-774D-49BD-B3BA-113E497DB6F5}] => (Allow) F:\Spiele Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{78D3D324-E07F-488F-8624-0E0E716A736F}] => (Allow) E:\Battle.net\Battle.net.exe
FirewallRules: [{D3212178-CB41-488D-B5A4-AC5380DA1C19}] => (Allow) E:\Battle.net\Battle.net.exe
FirewallRules: [{0F9A4C2F-3030-4915-82A6-113B937D2099}] => (Allow) F:\Spiele\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{389299B8-44A4-4612-9F9A-011E48215FFB}] => (Allow) F:\Spiele\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{F091B7CD-3EE4-490D-9429-5C39C595732E}] => (Allow) F:\Spiele Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{31F662A2-03D9-44ED-95D4-87651B7DE20B}] => (Allow) F:\Spiele Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{18AE4F37-84EB-4088-8AC0-BE33642E9456}] => (Allow) F:\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{B9618FA9-0761-46CD-A770-E49304224D8E}] => (Allow) F:\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{6CC99070-CABC-4AFE-9F08-D8C8DA9B8420}] => (Allow) F:\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{48F8FA50-E19B-414F-AE83-8716ABEC2B50}] => (Allow) F:\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{06DC03A3-DADB-4891-9AB8-0FB382E9CB0E}] => (Allow) F:\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{0403087E-F850-4C03-88D9-F118D409861A}] => (Allow) F:\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{1060483D-A8B5-4C4E-A51F-5CA4535270F8}] => (Allow) C:\Users\Sebastian\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{34B58678-DD87-430F-B2DF-26B47EBF2E71}] => (Allow) C:\Users\Sebastian\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3DE27141-6FBD-413A-9A7A-75B0044E5970}] => (Allow) C:\Program Files (x86)\Audials\Audials 12\Audials.exe
FirewallRules: [{E111C5F4-1DDA-4EDF-9842-C8BBE0295218}] => (Allow) LPort=12972
FirewallRules: [{FAC1FAF2-A0B5-40B5-A3FB-A576E6B46169}] => (Allow) LPort=14714
FirewallRules: [{7DC7862B-5066-4E0B-95EA-9DC34AFF0BE6}] => (Allow) LPort=31931
FirewallRules: [{102C8D8B-1301-4DB6-B231-5C9B952EDD8E}] => (Allow) F:\Spiele\Crysis\Bin32\Crysis.exe
FirewallRules: [{21F44B5B-7315-4802-8D0D-D595D4A3E9AD}] => (Allow) F:\Spiele\Crysis\Bin32\Crysis.exe
FirewallRules: [{04C62F58-D608-4BDE-9E75-E8AF4596C47C}] => (Allow) F:\Spiele\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{7B541178-7B29-420E-9DFE-88B55255510A}] => (Allow) F:\Spiele\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{F8D5D151-A7BC-4B33-824B-1B8B6571C751}] => (Allow) F:\Spiele\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{2737F06C-0256-4659-9BDD-9CBC68E5ABAA}] => (Allow) F:\Spiele\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{2089AD30-ACBC-4769-863F-95CC0348D3FE}] => (Allow) F:\Assassins Creed 3\AC3SP.exe
FirewallRules: [{A6F2A0B8-1518-4653-9100-BDA3A23866E6}] => (Allow) F:\Assassins Creed 3\AC3SP.exe
FirewallRules: [{01626260-0188-4A3F-8574-0EAF77A5C0B8}] => (Allow) F:\Assassins Creed 3\AC3MP.exe
FirewallRules: [{E3C30BC4-C3A5-49FE-99A7-1CA40C4DF7A1}] => (Allow) F:\Assassins Creed 3\AC3MP.exe
FirewallRules: [{27A71990-218B-4BE4-9837-2117316D2E78}] => (Allow) F:\Assassins Creed 3\AssassinsCreed3.exe
FirewallRules: [{EB0D1918-A5B2-4B76-A03D-8FBA243BCC7C}] => (Allow) F:\Assassins Creed 3\AssassinsCreed3.exe
FirewallRules: [{2F99D597-4164-4F7F-97A2-F261081A357D}] => (Allow) F:\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{949D1CC3-64D7-4633-9DD8-047078D3FFDF}] => (Allow) F:\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{E35BD06A-C27D-4FA5-8BB6-80F957B7BFD9}] => (Allow) F:\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{51702E89-8475-499E-8BD3-D9D5A2ED502D}] => (Allow) F:\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{184E459A-1AC8-4280-BA60-40E39D330C2B}] => (Allow) F:\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{1670F949-27E2-4A1F-B1AF-9C0341BD1E4D}] => (Allow) F:\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{A145C0C7-A4C1-494A-A3B8-8085D2A74567}] => (Allow) F:\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{0132F3C0-451D-41D1-AB15-75A255D5AFA7}] => (Allow) F:\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{BC8CD834-3702-4D63-AA7F-9122BF6E2B0E}] => (Allow) F:\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{62D1A47A-E9E8-4610-8724-E53E7C78DDF5}] => (Allow) F:\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{0B760F7F-E931-4AD8-8766-7DACFAEC5C53}] => (Allow) E:\Photoshop\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{1BDD44A7-30F7-49C6-8918-0439939BB5EF}] => (Allow) E:\Photoshop\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{C57A2A96-2927-424B-9135-C2724FFDE20D}] => (Allow) LPort=7935
FirewallRules: [{EC527781-115C-4982-9DCD-E602273A67C2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{C1CFA0C3-B3EB-44EC-B272-BA3715595C4A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{6F01B93C-A1A0-4ACD-97FD-72AFC76EC6DA}] => (Allow) F:\Spiele\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{79EBBFD1-EA9E-4E0A-A725-C7D84EC2797D}] => (Allow) F:\Spiele\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{9CE5E9C4-7395-411E-A4BD-1ED1A4D17133}] => (Allow) LPort=50248
FirewallRules: [{5EC09CAF-DF25-4B12-87B1-6EFF99FBE2DE}] => (Allow) F:\Spiele Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{593CE30F-5399-4068-8C5F-53F6DDD85BEB}] => (Allow) F:\Spiele Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{A642BCA7-98D9-48D0-93EE-301460424FA1}] => (Allow) F:\Spiele Steam\steamapps\common\Risen\bin\Risen.exe
FirewallRules: [{A2226266-DABB-4A70-9B66-5383293B8FA7}] => (Allow) F:\Spiele Steam\steamapps\common\Risen\bin\Risen.exe
FirewallRules: [{95999620-A57F-43A6-A766-C05BE49BFDA8}] => (Allow) F:\Spiele Steam\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{A6EA2B73-51C7-4FA5-8F66-6433861099ED}] => (Allow) F:\Spiele Steam\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{9CE50B14-78FE-49E0-A989-7EE3895C0160}] => (Allow) F:\Spiele Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{1C0DD5CD-A0F4-479D-8396-8E1834449998}] => (Allow) F:\Spiele Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{6F4B2631-B6E3-4E70-BE63-19307B2F3F25}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{C14D818B-6B09-4A10-9696-8289F6437AED}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{B6A2EEAA-096A-4A33-B144-B48CDD21D32D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{01D4C8D7-66DD-45ED-83AB-F14161A779C0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{04CEC879-8C0E-49E1-B60C-483B2F677A9E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{FBBFC95C-C5E8-4A30-A20B-803773CE0B26}] => (Allow) F:\Uplay Spiele\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{E9C28117-E99C-481F-B061-A778B658B0C4}] => (Allow) F:\Uplay Spiele\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{5195E5DB-CDEA-484A-9D4C-589EB4F0A478}] => (Allow) F:\Sims4\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{654AF412-C644-49AE-87F2-5E96C1245432}] => (Allow) F:\Sims4\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{F3C0FE26-F5FF-41AE-8F81-5AC767F86B23}] => (Allow) E:\TeamViewer9\TeamViewer.exe
FirewallRules: [{C54DE7CA-A5CC-48B9-8F5F-D67F16B47BA7}] => (Allow) E:\TeamViewer9\TeamViewer.exe
FirewallRules: [{4FEFC977-BEA3-4B76-837D-78CF0D638154}] => (Allow) E:\TeamViewer9\TeamViewer_Service.exe
FirewallRules: [{C5FD9C96-B8A6-47C2-A589-62DA28EA362B}] => (Allow) E:\TeamViewer9\TeamViewer_Service.exe
FirewallRules: [{BDB41329-A5F8-46B2-A6A1-AE342C48BB55}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{2023BC34-EEC2-4017-97BB-3ABF8028FEAC}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{45F6A168-3AF2-48DA-A19A-2DB82FB01E74}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C9EF20F0-0FA0-4FD3-9D76-B427720CDB35}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{38FC0218-526D-4792-86BA-5E7BF338BC2E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CDE5A3F1-8CF4-4C4F-872B-E7554BD0EAA9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4424A44B-949B-4683-9F99-FA9DFF48F8E6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7487CA95-6EB3-4D11-B545-F42377E7E3ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{785772B1-C2FD-4F0C-9B5F-E605FC981873}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
==================== Faulty Device Manager Devices =============
Name: Intel(R) HD Graphics
Description: Intel(R) HD Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/07/2015 04:24:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 14dc
Startzeit: 01d088d17b1a570d
Endzeit: 14
Anwendungspfad: C:\Windows\explorer.exe
Berichts-ID: c62190d6-f4c4-11e4-b5d1-50e5495bf9d2
Error: (05/07/2015 04:24:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 794
Startzeit: 01d088ce1289e623
Endzeit: 21
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: b6f2ee0d-f4c4-11e4-b5d1-50e5495bf9d2
Error: (05/06/2015 10:49:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.4.3.22 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1660
Startzeit: 01d0883d5b48fdb5
Endzeit: 51
Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
Berichts-ID:
Error: (05/06/2015 09:53:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GTA5.exe, Version 1.0.350.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f6c
Startzeit: 01d08831fc9adc65
Endzeit: 279
Anwendungspfad: F:\GTA 5\GTA5.exe
Berichts-ID:
Error: (05/06/2015 09:21:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GTA5.exe, Version 1.0.350.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c5c
Startzeit: 01d08826f95bc130
Endzeit: 165
Anwendungspfad: F:\GTA 5\GTA5.exe
Berichts-ID:
Error: (05/06/2015 06:39:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18798, Zeitstempel: 0x5507b864
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001883d
ID des fehlerhaften Prozesses: 0xc28
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Error: (05/05/2015 11:56:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18798, Zeitstempel: 0x5507b864
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001883d
ID des fehlerhaften Prozesses: 0x1ab8
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Error: (05/05/2015 11:44:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18798, Zeitstempel: 0x5507b864
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001883d
ID des fehlerhaften Prozesses: 0xe2c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Error: (05/05/2015 11:41:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18798, Zeitstempel: 0x5507b864
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005105c
ID des fehlerhaften Prozesses: 0x7e8
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (05/05/2015 11:59:30 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PPClientAssembly,processorArchitecture="x86",type="x64",version="2008.1.17012.4817"1".
Die abhängige Assemblierung "PPClientAssembly,processorArchitecture="x86",type="x64",version="2008.1.17012.4817"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (05/07/2015 04:27:42 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
Error: (05/07/2015 04:27:33 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5.
Error: (05/06/2015 11:12:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/06/2015 10:33:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
innfd_1_10_0_13
Error: (05/06/2015 10:11:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
innfd_1_10_0_13
Error: (05/06/2015 05:02:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
innfd_1_10_0_13
Error: (05/06/2015 00:27:21 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{36B9C72E-FF0C-43A4-9485-5B4A6E1FF17C}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.
Error: (05/05/2015 11:24:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
innfd_1_10_0_13
Error: (05/05/2015 00:43:29 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{36B9C72E-FF0C-43A4-9485-5B4A6E1FF17C}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.
Error: (05/02/2015 09:46:37 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Microsoft Office Sessions:
=========================
Error: (05/07/2015 04:24:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.1.7601.1756714dc01d088d17b1a570d14C:\Windows\explorer.exec62190d6-f4c4-11e4-b5d1-50e5495bf9d2
Error: (05/07/2015 04:24:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.1756779401d088ce1289e62321C:\Windows\Explorer.EXEb6f2ee0d-f4c4-11e4-b5d1-50e5495bf9d2
Error: (05/06/2015 10:49:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GFExperience.exe2.4.3.22166001d0883d5b48fdb551C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
Error: (05/06/2015 09:53:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GTA5.exe1.0.350.2f6c01d08831fc9adc65279F:\GTA 5\GTA5.exe
Error: (05/06/2015 09:21:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GTA5.exe1.0.350.2c5c01d08826f95bc130165F:\GTA 5\GTA5.exe
Error: (05/06/2015 06:39:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.187985507b864c0000005000000000001883dc2801d0880efa4f0b41E:\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll82e37e58-f40e-11e4-bb70-50e5495bf9d2
Error: (05/05/2015 11:56:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.187985507b864c0000005000000000001883d1ab801d0877cb0201864E:\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll8bd0da4b-f371-11e4-bab0-50e5495bf9d2
Error: (05/05/2015 11:44:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.187985507b864c0000005000000000001883de2c01d0877c50e4e992E:\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dlld6519149-f36f-11e4-bab0-50e5495bf9d2
Error: (05/05/2015 11:41:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.187985507b864c0000005000000000005105c7e801d08779eb8fc25eC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll7f4e48f9-f36f-11e4-bab0-50e5495bf9d2
Error: (05/05/2015 11:59:30 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: PPClientAssembly,processorArchitecture="x86",type="x64",version="2008.1.17012.4817"e:\autocad 2015\autocad_2015_german_win_64bit_r1_dlm\x64\acad\program files\Root\Locked\acad.exe
CodeIntegrity Errors:
===================================
Date: 2015-02-13 13:32:49.951
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-13 13:32:49.951
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-13 13:30:00.784
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-13 13:30:00.722
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-14 19:08:24.950
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-14 19:08:24.934
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-14 19:05:18.505
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-14 19:05:18.450
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 21:32:51.751
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 21:32:51.751
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Percentage of memory in use: 20%
Total physical RAM: 16237.11 MB
Available physical RAM: 12948.38 MB
Total Pagefile: 16435.3 MB
Available Pagefile: 12868.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.47 GB) (Free:169.83 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten) (Fixed) (Total:341.8 GB) (Free:139.23 GB) NTFS
Drive e: (Programme) (Fixed) (Total:175.78 GB) (Free:119.79 GB) NTFS
Drive f: (Spiele) (Fixed) (Total:589.71 GB) (Free:118.91 GB) NTFS
Drive g: (Images) (Fixed) (Total:289.98 GB) (Free:224.39 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 7FCFFD77)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 65CB6360)
Partition 1: (Not Active) - (Size=341.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=589.7 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4761DDBE)
Partition 1: (Not Active) - (Size=175.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=290 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
08.05.2015, 16:28
| #5 |
| /// the machine /// TB-Ausbilder | Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf! hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.05.2015, 19:30
| #6 |
| | Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf!Code:
ATTFilter 20:26:33.0297 0x1344 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
20:26:41.0935 0x1344 ============================================================
20:26:41.0935 0x1344 Current date / time: 2015/05/08 20:26:41.0935
20:26:41.0935 0x1344 SystemInfo:
20:26:41.0935 0x1344
20:26:41.0935 0x1344 OS Version: 6.1.7601 ServicePack: 1.0
20:26:41.0935 0x1344 Product type: Workstation
20:26:41.0935 0x1344 ComputerName: ******
20:26:41.0935 0x1344 UserName: ******
20:26:41.0935 0x1344 Windows directory: C:\Windows
20:26:41.0935 0x1344 System windows directory: C:\Windows
20:26:41.0935 0x1344 Running under WOW64
20:26:41.0935 0x1344 Processor architecture: Intel x64
20:26:41.0935 0x1344 Number of processors: 4
20:26:41.0935 0x1344 Page size: 0x1000
20:26:41.0935 0x1344 Boot type: Normal boot
20:26:41.0935 0x1344 ============================================================
20:26:42.0138 0x1344 KLMD registered as C:\Windows\system32\drivers\14831853.sys
20:26:42.0233 0x1344 System UUID: {208F11A8-22B1-F148-90DD-83DBD8B36F0E}
20:26:42.0576 0x1344 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:26:42.0576 0x1344 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:26:42.0576 0x1344 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
20:26:42.0576 0x1344 ============================================================
20:26:42.0576 0x1344 \Device\Harddisk0\DR0:
20:26:42.0576 0x1344 MBR partitions:
20:26:42.0576 0x1344 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1DCEF11A
20:26:42.0576 0x1344 \Device\Harddisk1\DR1:
20:26:42.0576 0x1344 MBR partitions:
20:26:42.0576 0x1344 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2AB98000
20:26:42.0576 0x1344 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x2AB98800, BlocksNum 0x49B6D000
20:26:42.0576 0x1344 \Device\Harddisk2\DR2:
20:26:42.0576 0x1344 MBR partitions:
20:26:42.0576 0x1344 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x15F90000
20:26:42.0576 0x1344 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x15F90800, BlocksNum 0x243F4800
20:26:42.0576 0x1344 ============================================================
20:26:42.0576 0x1344 C: <-> \Device\Harddisk0\DR0\Partition1
20:26:42.0592 0x1344 D: <-> \Device\Harddisk1\DR1\Partition1
20:26:42.0623 0x1344 E: <-> \Device\Harddisk2\DR2\Partition1
20:26:42.0654 0x1344 F: <-> \Device\Harddisk1\DR1\Partition2
20:26:42.0685 0x1344 G: <-> \Device\Harddisk2\DR2\Partition2
20:26:42.0685 0x1344 ============================================================
20:26:42.0685 0x1344 Initialize success
20:26:42.0685 0x1344 ============================================================
20:27:10.0869 0x1374 ============================================================
20:27:10.0869 0x1374 Scan started
20:27:10.0869 0x1374 Mode: Manual; SigCheck; TDLFS;
20:27:10.0869 0x1374 ============================================================
20:27:10.0869 0x1374 KSN ping started
20:27:13.0326 0x1374 KSN ping finished: true
20:27:13.0497 0x1374 ================ Scan system memory ========================
20:27:13.0497 0x1374 System memory - ok
20:27:13.0497 0x1374 ================ Scan services =============================
20:27:13.0513 0x1374 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
20:27:13.0544 0x1374 1394ohci - ok
20:27:13.0561 0x1374 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:27:13.0561 0x1374 ACPI - ok
20:27:13.0576 0x1374 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:27:13.0592 0x1374 AcpiPmi - ok
20:27:13.0592 0x1374 [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
20:27:13.0607 0x1374 acsock - ok
20:27:13.0623 0x1374 [ CBDF353624D1744734F2FD13B4786F90, 615C695F842D2F777C7D0DAA19B3674AB903FDC401E22A130C04DB0D0C1486D2 ] AdAppMgrSvc C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
20:27:13.0654 0x1374 AdAppMgrSvc - ok
20:27:13.0654 0x1374 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:27:13.0685 0x1374 AdobeARMservice - ok
20:27:13.0701 0x1374 [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:27:13.0748 0x1374 AdobeFlashPlayerUpdateSvc - ok
20:27:13.0763 0x1374 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:27:13.0779 0x1374 adp94xx - ok
20:27:13.0795 0x1374 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:27:13.0810 0x1374 adpahci - ok
20:27:13.0810 0x1374 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:27:13.0826 0x1374 adpu320 - ok
20:27:13.0841 0x1374 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:27:13.0873 0x1374 AeLookupSvc - ok
20:27:13.0888 0x1374 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
20:27:13.0904 0x1374 AFD - ok
20:27:13.0904 0x1374 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:27:13.0919 0x1374 agp440 - ok
20:27:13.0919 0x1374 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:27:13.0935 0x1374 ALG - ok
20:27:13.0935 0x1374 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:27:13.0951 0x1374 aliide - ok
20:27:13.0951 0x1374 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:27:13.0966 0x1374 amdide - ok
20:27:13.0966 0x1374 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:27:13.0982 0x1374 AmdK8 - ok
20:27:13.0982 0x1374 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:27:13.0997 0x1374 AmdPPM - ok
20:27:14.0013 0x1374 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:27:14.0029 0x1374 amdsata - ok
20:27:14.0029 0x1374 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:27:14.0044 0x1374 amdsbs - ok
20:27:14.0044 0x1374 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:27:14.0060 0x1374 amdxata - ok
20:27:14.0060 0x1374 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
20:27:14.0075 0x1374 AppID - ok
20:27:14.0075 0x1374 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:27:14.0091 0x1374 AppIDSvc - ok
20:27:14.0091 0x1374 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
20:27:14.0122 0x1374 Appinfo - ok
20:27:14.0122 0x1374 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
20:27:14.0138 0x1374 AppMgmt - ok
20:27:14.0138 0x1374 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:27:14.0153 0x1374 arc - ok
20:27:14.0153 0x1374 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:27:14.0169 0x1374 arcsas - ok
20:27:14.0185 0x1374 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:27:14.0200 0x1374 aspnet_state - ok
20:27:14.0200 0x1374 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:27:14.0216 0x1374 AsyncMac - ok
20:27:14.0216 0x1374 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:27:14.0231 0x1374 atapi - ok
20:27:14.0231 0x1374 [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
20:27:14.0263 0x1374 atksgt - ok
20:27:14.0263 0x1374 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:27:14.0295 0x1374 AudioEndpointBuilder - ok
20:27:14.0296 0x1374 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:27:14.0311 0x1374 AudioSrv - ok
20:27:14.0327 0x1374 [ DE3FF859EDF66F5E0106B23B3A4B09CE, 9F6D735E32F340547D5FDA595E2A461083AC581AC0719913D4841C0C5D7A2998 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
20:27:14.0343 0x1374 Autodesk Content Service - ok
20:27:14.0343 0x1374 [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
20:27:14.0358 0x1374 AVP15.0.1 - ok
20:27:14.0358 0x1374 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:27:14.0389 0x1374 AxInstSV - ok
20:27:14.0389 0x1374 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:27:14.0421 0x1374 b06bdrv - ok
20:27:14.0421 0x1374 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:27:14.0436 0x1374 b57nd60a - ok
20:27:14.0452 0x1374 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:27:14.0467 0x1374 BDESVC - ok
20:27:14.0467 0x1374 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:27:14.0499 0x1374 Beep - ok
20:27:14.0499 0x1374 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:27:14.0530 0x1374 BFE - ok
20:27:14.0548 0x1374 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:27:14.0611 0x1374 BITS - ok
20:27:14.0611 0x1374 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:27:14.0626 0x1374 blbdrive - ok
20:27:14.0642 0x1374 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:27:14.0658 0x1374 Bonjour Service - ok
20:27:14.0673 0x1374 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:27:14.0689 0x1374 bowser - ok
20:27:14.0689 0x1374 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:27:14.0704 0x1374 BrFiltLo - ok
20:27:14.0704 0x1374 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:27:14.0720 0x1374 BrFiltUp - ok
20:27:14.0736 0x1374 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:27:14.0751 0x1374 Browser - ok
20:27:14.0751 0x1374 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:27:14.0767 0x1374 Brserid - ok
20:27:14.0782 0x1374 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:27:14.0798 0x1374 BrSerWdm - ok
20:27:14.0798 0x1374 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:27:14.0814 0x1374 BrUsbMdm - ok
20:27:14.0814 0x1374 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:27:14.0829 0x1374 BrUsbSer - ok
20:27:14.0829 0x1374 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:27:14.0845 0x1374 BTHMODEM - ok
20:27:14.0845 0x1374 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:27:14.0876 0x1374 bthserv - ok
20:27:14.0876 0x1374 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:27:14.0907 0x1374 cdfs - ok
20:27:14.0907 0x1374 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:27:14.0923 0x1374 cdrom - ok
20:27:14.0938 0x1374 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:27:14.0954 0x1374 CertPropSvc - ok
20:27:14.0954 0x1374 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:27:14.0970 0x1374 circlass - ok
20:27:14.0985 0x1374 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
20:27:15.0001 0x1374 CLFS - ok
20:27:15.0048 0x1374 [ 880A6DAC6E03871B37A782155D189A53, 93659BB67236F5EBC317FD73879EB79EFB195728A2C0BC997881D3622C6CF981 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
20:27:15.0094 0x1374 ClickToRunSvc - ok
20:27:15.0094 0x1374 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:27:15.0126 0x1374 clr_optimization_v2.0.50727_32 - ok
20:27:15.0126 0x1374 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:27:15.0141 0x1374 clr_optimization_v2.0.50727_64 - ok
20:27:15.0141 0x1374 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:27:15.0157 0x1374 clr_optimization_v4.0.30319_32 - ok
20:27:15.0172 0x1374 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:27:15.0172 0x1374 clr_optimization_v4.0.30319_64 - ok
20:27:15.0188 0x1374 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:27:15.0188 0x1374 CmBatt - ok
20:27:15.0204 0x1374 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:27:15.0204 0x1374 cmdide - ok
20:27:15.0219 0x1374 [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w C:\Windows\system32\DRIVERS\cm_km_w.sys
20:27:15.0235 0x1374 cm_km_w - ok
20:27:15.0235 0x1374 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
20:27:15.0282 0x1374 CNG - ok
20:27:15.0282 0x1374 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:27:15.0282 0x1374 Compbatt - ok
20:27:15.0298 0x1374 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:27:15.0314 0x1374 CompositeBus - ok
20:27:15.0314 0x1374 COMSysApp - ok
20:27:15.0329 0x1374 [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:27:15.0376 0x1374 cphs - ok
20:27:15.0376 0x1374 cpuz138 - ok
20:27:15.0392 0x1374 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:27:15.0392 0x1374 crcdisk - ok
20:27:15.0407 0x1374 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:27:15.0423 0x1374 CryptSvc - ok
20:27:15.0423 0x1374 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
20:27:15.0454 0x1374 CSC - ok
20:27:15.0470 0x1374 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
20:27:15.0485 0x1374 CscService - ok
20:27:15.0501 0x1374 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:27:15.0532 0x1374 DcomLaunch - ok
20:27:15.0532 0x1374 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:27:15.0563 0x1374 defragsvc - ok
20:27:15.0579 0x1374 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:27:15.0595 0x1374 DfsC - ok
20:27:15.0610 0x1374 [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
20:27:15.0626 0x1374 dg_ssudbus - ok
20:27:15.0626 0x1374 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:27:15.0641 0x1374 Dhcp - ok
20:27:15.0641 0x1374 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:27:15.0673 0x1374 discache - ok
20:27:15.0673 0x1374 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:27:15.0688 0x1374 Disk - ok
20:27:15.0688 0x1374 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:27:15.0704 0x1374 Dnscache - ok
20:27:15.0719 0x1374 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:27:15.0751 0x1374 dot3svc - ok
20:27:15.0751 0x1374 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:27:15.0782 0x1374 DPS - ok
20:27:15.0782 0x1374 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:27:15.0797 0x1374 drmkaud - ok
20:27:15.0813 0x1374 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:27:15.0844 0x1374 DXGKrnl - ok
20:27:15.0844 0x1374 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:27:15.0875 0x1374 EapHost - ok
20:27:15.0922 0x1374 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:27:16.0000 0x1374 ebdrv - ok
20:27:16.0000 0x1374 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] EFS C:\Windows\System32\lsass.exe
20:27:16.0016 0x1374 EFS - ok
20:27:16.0016 0x1374 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:27:16.0063 0x1374 ehRecvr - ok
20:27:16.0063 0x1374 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:27:16.0078 0x1374 ehSched - ok
20:27:16.0078 0x1374 [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
20:27:16.0094 0x1374 ElbyCDFL - ok
20:27:16.0094 0x1374 [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
20:27:16.0109 0x1374 ElbyCDIO - ok
20:27:16.0109 0x1374 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:27:16.0141 0x1374 elxstor - ok
20:27:16.0141 0x1374 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:27:16.0156 0x1374 ErrDev - ok
20:27:16.0156 0x1374 [ 72ECCB2F5C9CFC32A9B2A60933832501, BDEA5B00DB05B9A594E2B9798B96EB7FC3A8B894869F19A8DE105AD12F3A623E ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
20:27:16.0172 0x1374 EtronHub3 - ok
20:27:16.0172 0x1374 [ 7BB310F6FB9E1B9D21DD2CE7EB0D5464, 23E6E1388757A8ACCE83A01475EEE47B5C4304B2BDB543956E95349890150F88 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
20:27:16.0187 0x1374 EtronXHCI - ok
20:27:16.0187 0x1374 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:27:16.0219 0x1374 EventSystem - ok
20:27:16.0234 0x1374 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:27:16.0265 0x1374 exfat - ok
20:27:16.0265 0x1374 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:27:16.0298 0x1374 fastfat - ok
20:27:16.0313 0x1374 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:27:16.0329 0x1374 Fax - ok
20:27:16.0329 0x1374 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:27:16.0344 0x1374 fdc - ok
20:27:16.0344 0x1374 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:27:16.0376 0x1374 fdPHost - ok
20:27:16.0376 0x1374 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:27:16.0391 0x1374 FDResPub - ok
20:27:16.0391 0x1374 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:27:16.0407 0x1374 FileInfo - ok
20:27:16.0407 0x1374 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:27:16.0438 0x1374 Filetrace - ok
20:27:16.0469 0x1374 [ 8645F91F40B8D022C9AC3DABDF360A6B, 4F83080B1273C92470EB90D80B32056C913240DCC9C4C50B7BE85254066D654D ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
20:27:16.0500 0x1374 FlexNet Licensing Service 64 - ok
20:27:16.0516 0x1374 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:27:16.0532 0x1374 flpydisk - ok
20:27:16.0532 0x1374 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:27:16.0547 0x1374 FltMgr - ok
20:27:16.0578 0x1374 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
20:27:16.0611 0x1374 FontCache - ok
20:27:16.0611 0x1374 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:27:16.0627 0x1374 FontCache3.0.0.0 - ok
20:27:16.0627 0x1374 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:27:16.0642 0x1374 FsDepends - ok
20:27:16.0642 0x1374 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:27:16.0658 0x1374 Fs_Rec - ok
20:27:16.0658 0x1374 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:27:16.0673 0x1374 fvevol - ok
20:27:16.0673 0x1374 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:27:16.0689 0x1374 gagp30kx - ok
20:27:16.0689 0x1374 [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys
20:27:16.0705 0x1374 gdrv - ok
20:27:16.0720 0x1374 [ EBF714703106C1D5BC3E7B4C389A5828, D09472BCF71B58CF8F463131AD778F4D2E189047EE6B9AF088BCDE7B25398682 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:27:16.0751 0x1374 GfExperienceService - ok
20:27:16.0767 0x1374 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:27:16.0798 0x1374 gpsvc - ok
20:27:16.0798 0x1374 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:27:16.0814 0x1374 gupdate - ok
20:27:16.0814 0x1374 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:27:16.0814 0x1374 gupdatem - ok
20:27:16.0829 0x1374 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:27:16.0845 0x1374 hcw85cir - ok
20:27:16.0845 0x1374 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:27:16.0876 0x1374 HdAudAddService - ok
20:27:16.0876 0x1374 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:27:16.0876 0x1374 HDAudBus - ok
20:27:16.0892 0x1374 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:27:16.0907 0x1374 HidBatt - ok
20:27:16.0907 0x1374 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:27:16.0923 0x1374 HidBth - ok
20:27:16.0923 0x1374 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:27:16.0939 0x1374 HidIr - ok
20:27:16.0939 0x1374 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:27:16.0970 0x1374 hidserv - ok
20:27:16.0970 0x1374 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:27:16.0985 0x1374 HidUsb - ok
20:27:16.0985 0x1374 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:27:17.0017 0x1374 hkmsvc - ok
20:27:17.0017 0x1374 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:27:17.0032 0x1374 HomeGroupListener - ok
20:27:17.0048 0x1374 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:27:17.0048 0x1374 HomeGroupProvider - ok
20:27:17.0048 0x1374 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:27:17.0063 0x1374 HpSAMD - ok
20:27:17.0079 0x1374 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:27:17.0110 0x1374 HTTP - ok
20:27:17.0110 0x1374 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:27:17.0110 0x1374 hwpolicy - ok
20:27:17.0110 0x1374 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:27:17.0126 0x1374 i8042prt - ok
20:27:17.0141 0x1374 [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:27:17.0157 0x1374 iaStor - ok
20:27:17.0157 0x1374 [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:27:17.0173 0x1374 IAStorDataMgrSvc - ok
20:27:17.0173 0x1374 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:27:17.0188 0x1374 iaStorV - ok
20:27:17.0204 0x1374 [ B9187F0E4F990357B9A5372066A40B57, BF9535335DAD8E26A3841FA07CFA937F9645AE4B1914C08C8029EDB020E8C694 ] ICCWDT C:\Windows\system32\DRIVERS\ICCWDT.sys
20:27:17.0204 0x1374 ICCWDT - ok
20:27:17.0219 0x1374 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:27:17.0266 0x1374 idsvc - ok
20:27:17.0266 0x1374 IEEtwCollectorService - ok
20:27:17.0362 0x1374 [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:27:17.0471 0x1374 igfx - ok
20:27:17.0471 0x1374 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:27:17.0487 0x1374 iirsp - ok
20:27:17.0502 0x1374 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
20:27:17.0533 0x1374 IKEEXT - ok
20:27:17.0596 0x1374 [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:27:17.0674 0x1374 IntcAzAudAddService - ok
20:27:17.0674 0x1374 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:27:17.0689 0x1374 intelide - ok
20:27:17.0689 0x1374 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:27:17.0705 0x1374 intelppm - ok
20:27:17.0705 0x1374 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:27:17.0736 0x1374 IPBusEnum - ok
20:27:17.0736 0x1374 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:27:17.0767 0x1374 IpFilterDriver - ok
20:27:17.0783 0x1374 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:27:17.0799 0x1374 iphlpsvc - ok
20:27:17.0799 0x1374 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:27:17.0814 0x1374 IPMIDRV - ok
20:27:17.0814 0x1374 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:27:17.0845 0x1374 IPNAT - ok
20:27:17.0845 0x1374 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:27:17.0877 0x1374 IRENUM - ok
20:27:17.0877 0x1374 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:27:17.0892 0x1374 isapnp - ok
20:27:17.0892 0x1374 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:27:17.0908 0x1374 iScsiPrt - ok
20:27:17.0908 0x1374 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:27:17.0923 0x1374 kbdclass - ok
20:27:17.0923 0x1374 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:27:17.0939 0x1374 kbdhid - ok
20:27:17.0939 0x1374 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] KeyIso C:\Windows\system32\lsass.exe
20:27:17.0955 0x1374 KeyIso - ok
20:27:17.0970 0x1374 [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
20:27:17.0986 0x1374 kl1 - ok
20:27:17.0986 0x1374 [ CEF0410B784E8CEB0175103CDE52E7FA, 729A45D76D1886E5ECDF23F96925CEBB90A31EFA5A798D69D9C5A684380B6E36 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
20:27:18.0001 0x1374 kldisk - ok
20:27:18.0001 0x1374 [ 09F851161CB4B3D92CDE85B3845DCECC, C86EE26F13DB904CD0CB92BEE282188D5E56ECE071F4D6E53F9AAB6D911C5DE0 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
20:27:18.0017 0x1374 klflt - ok
20:27:18.0017 0x1374 [ 7A64190934B66C17F41D3921353BAEDD, D212A6ECB1CBCC665336DF982B5061A72CD88CB5BF6B2EB14B11B8BE756A670E ] klhk C:\Windows\system32\DRIVERS\klhk.sys
20:27:18.0033 0x1374 klhk - ok
20:27:18.0048 0x1374 [ B8B20727DD8B9753614E089682473563, CA39E9A517CC8B1E04860E0AFB03B0CD7FBDE66143B6CA26FB9DC0EBF80F8F48 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
20:27:18.0079 0x1374 KLIF - ok
20:27:18.0079 0x1374 [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
20:27:18.0095 0x1374 KLIM6 - ok
20:27:18.0095 0x1374 [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
20:27:18.0111 0x1374 klkbdflt - ok
20:27:18.0111 0x1374 klkbdflt2 - ok
20:27:18.0111 0x1374 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
20:27:18.0126 0x1374 klmouflt - ok
20:27:18.0126 0x1374 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
20:27:18.0126 0x1374 klpd - ok
20:27:18.0142 0x1374 [ 43957361D346A4263873932D572613F2, 719E61CADF6FB49C24370899329BDE198E55DEB175F5701382EE16311D8576D9 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
20:27:18.0142 0x1374 kltdi - ok
20:27:18.0157 0x1374 [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
20:27:18.0157 0x1374 Klwtp - ok
20:27:18.0173 0x1374 [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps C:\Windows\system32\DRIVERS\kneps.sys
20:27:18.0189 0x1374 kneps - ok
20:27:18.0189 0x1374 [ 063C09DB965E3DFD6F4F08416F6DB8F5, 0BE015C59288397536B3941BA55EFE0CF06714BC43FF3A33A1D844B4E0F16097 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:27:18.0204 0x1374 KSecDD - ok
20:27:18.0204 0x1374 [ 1FA627E63195BF3BF636BFEF0D7190D4, 794456605303F4916E81BE899E0B05CB070094E719ADA8BE8072A761E35CA8E9 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:27:18.0220 0x1374 KSecPkg - ok
20:27:18.0220 0x1374 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:27:18.0251 0x1374 ksthunk - ok
20:27:18.0267 0x1374 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:27:18.0298 0x1374 KtmRm - ok
20:27:18.0313 0x1374 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:27:18.0345 0x1374 LanmanServer - ok
20:27:18.0345 0x1374 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:27:18.0376 0x1374 LanmanWorkstation - ok
20:27:18.0376 0x1374 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
20:27:18.0391 0x1374 LGBusEnum - ok
20:27:18.0391 0x1374 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
20:27:18.0407 0x1374 LGVirHid - ok
20:27:18.0407 0x1374 [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
20:27:18.0407 0x1374 lirsgt - ok
20:27:18.0423 0x1374 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:27:18.0438 0x1374 lltdio - ok
20:27:18.0454 0x1374 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:27:18.0485 0x1374 lltdsvc - ok
20:27:18.0485 0x1374 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:27:18.0516 0x1374 lmhosts - ok
20:27:18.0516 0x1374 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:27:18.0532 0x1374 LSI_FC - ok
20:27:18.0532 0x1374 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:27:18.0547 0x1374 LSI_SAS - ok
20:27:18.0547 0x1374 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:27:18.0563 0x1374 LSI_SAS2 - ok
20:27:18.0563 0x1374 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:27:18.0579 0x1374 LSI_SCSI - ok
20:27:18.0595 0x1374 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:27:18.0611 0x1374 luafv - ok
20:27:18.0626 0x1374 [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:27:18.0626 0x1374 MBAMProtector - ok
20:27:18.0704 0x1374 [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService E:\ Malwarebytes Anti-Malware \mbamservice.exe
20:27:18.0751 0x1374 MBAMService - ok
20:27:18.0751 0x1374 [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
20:27:18.0767 0x1374 MBAMWebAccessControl - ok
20:27:18.0767 0x1374 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:27:18.0782 0x1374 Mcx2Svc - ok
20:27:18.0798 0x1374 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
20:27:18.0814 0x1374 MDM - ok
20:27:18.0814 0x1374 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:27:18.0814 0x1374 megasas - ok
20:27:18.0829 0x1374 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:27:18.0845 0x1374 MegaSR - ok
20:27:18.0845 0x1374 [ 9042E630FE102F1A2436EE05857CD139, 96C855824E46E2863EBC4A70FC195A14BD9FDD35107358B83D6C3CD01C522F3C ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
20:27:18.0860 0x1374 MEIx64 - ok
20:27:18.0860 0x1374 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:27:18.0892 0x1374 MMCSS - ok
20:27:18.0892 0x1374 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:27:18.0923 0x1374 Modem - ok
20:27:18.0923 0x1374 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:27:18.0938 0x1374 monitor - ok
20:27:18.0938 0x1374 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:27:18.0954 0x1374 mouclass - ok
20:27:18.0954 0x1374 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:27:18.0970 0x1374 mouhid - ok
20:27:18.0970 0x1374 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:27:18.0985 0x1374 mountmgr - ok
20:27:18.0985 0x1374 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:27:19.0001 0x1374 mpio - ok
20:27:19.0001 0x1374 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:27:19.0032 0x1374 mpsdrv - ok
20:27:19.0048 0x1374 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:27:19.0094 0x1374 MpsSvc - ok
20:27:19.0094 0x1374 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:27:19.0110 0x1374 MRxDAV - ok
20:27:19.0126 0x1374 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:27:19.0141 0x1374 mrxsmb - ok
20:27:19.0141 0x1374 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:27:19.0157 0x1374 mrxsmb10 - ok
20:27:19.0172 0x1374 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:27:19.0188 0x1374 mrxsmb20 - ok
20:27:19.0188 0x1374 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:27:19.0204 0x1374 msahci - ok
20:27:19.0204 0x1374 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:27:19.0219 0x1374 msdsm - ok
20:27:19.0219 0x1374 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:27:19.0235 0x1374 MSDTC - ok
20:27:19.0235 0x1374 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:27:19.0266 0x1374 Msfs - ok
20:27:19.0266 0x1374 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:27:19.0297 0x1374 mshidkmdf - ok
20:27:19.0297 0x1374 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:27:19.0313 0x1374 msisadrv - ok
20:27:19.0313 0x1374 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:27:19.0345 0x1374 MSiSCSI - ok
20:27:19.0345 0x1374 msiserver - ok
20:27:19.0345 0x1374 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:27:19.0376 0x1374 MSKSSRV - ok
20:27:19.0376 0x1374 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:27:19.0407 0x1374 MSPCLOCK - ok
20:27:19.0407 0x1374 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:27:19.0439 0x1374 MSPQM - ok
20:27:19.0439 0x1374 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:27:19.0454 0x1374 MsRPC - ok
20:27:19.0470 0x1374 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:27:19.0470 0x1374 mssmbios - ok
20:27:19.0470 0x1374 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:27:19.0501 0x1374 MSTEE - ok
20:27:19.0501 0x1374 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:27:19.0517 0x1374 MTConfig - ok
20:27:19.0517 0x1374 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:27:19.0532 0x1374 Mup - ok
20:27:19.0532 0x1374 [ A986DC81534582FA478C286E8F57A877, E4605C0F95474C9CEB7630A1DB4D62D810A4D4797FFFAC2D175693DA5C76DEC5 ] mvs91xx C:\Windows\system32\DRIVERS\mvs91xx.sys
20:27:19.0548 0x1374 mvs91xx - ok
20:27:19.0563 0x1374 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:27:19.0595 0x1374 napagent - ok
20:27:19.0595 0x1374 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:27:19.0626 0x1374 NativeWifiP - ok
20:27:19.0641 0x1374 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:27:19.0657 0x1374 NDIS - ok
20:27:19.0673 0x1374 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:27:19.0688 0x1374 NdisCap - ok
20:27:19.0688 0x1374 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:27:19.0719 0x1374 NdisTapi - ok
20:27:19.0719 0x1374 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:27:19.0751 0x1374 Ndisuio - ok
20:27:19.0751 0x1374 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:27:19.0782 0x1374 NdisWan - ok
20:27:19.0797 0x1374 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:27:19.0813 0x1374 NDProxy - ok
20:27:19.0813 0x1374 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:27:19.0844 0x1374 NetBIOS - ok
20:27:19.0860 0x1374 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:27:19.0875 0x1374 NetBT - ok
20:27:19.0875 0x1374 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] Netlogon C:\Windows\system32\lsass.exe
20:27:19.0891 0x1374 Netlogon - ok
20:27:19.0891 0x1374 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:27:19.0922 0x1374 Netman - ok
20:27:19.0922 0x1374 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:27:19.0953 0x1374 NetMsmqActivator - ok
20:27:19.0953 0x1374 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:27:19.0953 0x1374 NetPipeActivator - ok
20:27:19.0969 0x1374 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:27:20.0000 0x1374 netprofm - ok
20:27:20.0000 0x1374 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:27:20.0016 0x1374 NetTcpActivator - ok
20:27:20.0016 0x1374 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:27:20.0031 0x1374 NetTcpPortSharing - ok
20:27:20.0031 0x1374 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:27:20.0047 0x1374 nfrd960 - ok
20:27:20.0047 0x1374 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:27:20.0063 0x1374 NlaSvc - ok
20:27:20.0063 0x1374 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:27:20.0094 0x1374 Npfs - ok
20:27:20.0094 0x1374 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:27:20.0125 0x1374 nsi - ok
20:27:20.0125 0x1374 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:27:20.0141 0x1374 nsiproxy - ok
20:27:20.0172 0x1374 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:27:20.0203 0x1374 Ntfs - ok
20:27:20.0219 0x1374 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:27:20.0234 0x1374 Null - ok
20:27:20.0250 0x1374 [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
20:27:20.0265 0x1374 NVHDA - ok
20:27:20.0422 0x1374 [ 7C28BA74B766F3470128107DA764F711, 43738B3B7F7A493D2B0102B889612A1E91545F38BA82CD911D63361F08048314 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:27:20.0594 0x1374 nvlddmkm - ok
20:27:20.0643 0x1374 [ F758A5752CA282925CE3324FDBBADBED, E9DE21AE4509BC401FE7BD717E1585BDEAF2E016A4DC8BB829DD43F54101923F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:27:20.0677 0x1374 NvNetworkService - ok
20:27:20.0677 0x1374 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:27:20.0693 0x1374 nvraid - ok
20:27:20.0693 0x1374 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:27:20.0708 0x1374 nvstor - ok
20:27:20.0708 0x1374 [ 0772513BF441995A61A6C6F87BE12174, 308203FACAAFC87AA18765F0F358ADF5F99D0CAA9ADE51C14C43416FAB68FA18 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:27:20.0724 0x1374 NvStreamKms - ok
20:27:20.0724 0x1374 NvStreamSvc - ok
20:27:20.0739 0x1374 [ 2A4F832243E869FD7564AA90402D74BD, E730A517EB6D49036B6FC196BFC930ED93EDB4FD4FA7EB1EB69A434BB94AE3C0 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:27:20.0771 0x1374 nvsvc - ok
20:27:20.0771 0x1374 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
20:27:20.0786 0x1374 nvvad_WaveExtensible - ok
20:27:20.0786 0x1374 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:27:20.0802 0x1374 nv_agp - ok
20:27:20.0802 0x1374 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:27:20.0817 0x1374 ohci1394 - ok
20:27:20.0880 0x1374 [ D06C2368C93396C6B983CE60523BA99F, ABC90E2DC2DE577AFA37BF34630502AA209C9556DFCC1757844D95D9370FFA8C ] Origin Client Service E:\Origin\OriginClientService.exe
20:27:20.0973 0x1374 Origin Client Service - ok
20:27:20.0973 0x1374 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:27:21.0005 0x1374 ose - ok
20:27:21.0083 0x1374 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:27:21.0176 0x1374 osppsvc - ok
20:27:21.0192 0x1374 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:27:21.0207 0x1374 p2pimsvc - ok
20:27:21.0223 0x1374 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:27:21.0239 0x1374 p2psvc - ok
20:27:21.0239 0x1374 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:27:21.0254 0x1374 Parport - ok
20:27:21.0254 0x1374 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:27:21.0270 0x1374 partmgr - ok
20:27:21.0270 0x1374 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:27:21.0285 0x1374 PcaSvc - ok
20:27:21.0301 0x1374 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
20:27:21.0317 0x1374 pci - ok
20:27:21.0317 0x1374 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
20:27:21.0332 0x1374 pciide - ok
20:27:21.0334 0x1374 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:27:21.0350 0x1374 pcmcia - ok
20:27:21.0350 0x1374 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:27:21.0365 0x1374 pcw - ok
20:27:21.0381 0x1374 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:27:21.0397 0x1374 PEAUTH - ok
20:27:21.0428 0x1374 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:27:21.0459 0x1374 PeerDistSvc - ok
20:27:21.0475 0x1374 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:27:21.0490 0x1374 PerfHost - ok
20:27:21.0521 0x1374 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
20:27:21.0568 0x1374 pla - ok
20:27:21.0568 0x1374 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:27:21.0599 0x1374 PlugPlay - ok
20:27:21.0599 0x1374 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:27:21.0615 0x1374 PNRPAutoReg - ok
20:27:21.0615 0x1374 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:27:21.0631 0x1374 PNRPsvc - ok
20:27:21.0647 0x1374 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:27:21.0678 0x1374 PolicyAgent - ok
20:27:21.0678 0x1374 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:27:21.0710 0x1374 Power - ok
20:27:21.0710 0x1374 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:27:21.0741 0x1374 PptpMiniport - ok
20:27:21.0741 0x1374 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:27:21.0756 0x1374 Processor - ok
20:27:21.0756 0x1374 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
20:27:21.0772 0x1374 ProfSvc - ok
20:27:21.0772 0x1374 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:27:21.0788 0x1374 ProtectedStorage - ok
20:27:21.0788 0x1374 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:27:21.0819 0x1374 Psched - ok
20:27:21.0819 0x1374 [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:27:21.0819 0x1374 PxHlpa64 - ok
20:27:21.0850 0x1374 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:27:21.0881 0x1374 ql2300 - ok
20:27:21.0897 0x1374 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:27:21.0912 0x1374 ql40xx - ok
20:27:21.0912 0x1374 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:27:21.0928 0x1374 QWAVE - ok
20:27:21.0928 0x1374 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:27:21.0959 0x1374 QWAVEdrv - ok
20:27:21.0959 0x1374 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:27:21.0975 0x1374 RasAcd - ok
20:27:21.0990 0x1374 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:27:22.0006 0x1374 RasAgileVpn - ok
20:27:22.0022 0x1374 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:27:22.0037 0x1374 RasAuto - ok
20:27:22.0053 0x1374 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:27:22.0084 0x1374 Rasl2tp - ok
20:27:22.0084 0x1374 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
20:27:22.0115 0x1374 RasMan - ok
20:27:22.0131 0x1374 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:27:22.0146 0x1374 RasPppoe - ok
20:27:22.0162 0x1374 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:27:22.0178 0x1374 RasSstp - ok
20:27:22.0193 0x1374 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:27:22.0224 0x1374 rdbss - ok
20:27:22.0224 0x1374 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:27:22.0240 0x1374 rdpbus - ok
20:27:22.0240 0x1374 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:27:22.0271 0x1374 RDPCDD - ok
20:27:22.0271 0x1374 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:27:22.0287 0x1374 RDPDR - ok
20:27:22.0287 0x1374 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:27:22.0318 0x1374 RDPENCDD - ok
20:27:22.0318 0x1374 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:27:22.0334 0x1374 RDPREFMP - ok
20:27:22.0334 0x1374 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:27:22.0349 0x1374 RdpVideoMiniport - ok
20:27:22.0365 0x1374 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:27:22.0380 0x1374 RDPWD - ok
20:27:22.0380 0x1374 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:27:22.0396 0x1374 rdyboost - ok
20:27:22.0412 0x1374 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:27:22.0427 0x1374 RemoteAccess - ok
20:27:22.0443 0x1374 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:27:22.0474 0x1374 RemoteRegistry - ok
20:27:22.0474 0x1374 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:27:22.0505 0x1374 RpcEptMapper - ok
20:27:22.0505 0x1374 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:27:22.0521 0x1374 RpcLocator - ok
20:27:22.0521 0x1374 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
20:27:22.0552 0x1374 RpcSs - ok
20:27:22.0552 0x1374 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys
20:27:22.0568 0x1374 RRNetCap - ok
20:27:22.0568 0x1374 [ 6195EC84C82E7844B5B17803ADDB1CA3, 175DF60973C50B1F1FA84B7DBB694D2B18CD41DA8A29479E388ED76D2C9AAE19 ] RrNetCapFilterDriver C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys
20:27:22.0583 0x1374 RrNetCapFilterDriver - ok
20:27:22.0583 0x1374 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys
20:27:22.0583 0x1374 RRNetCapMP - ok
20:27:22.0599 0x1374 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:27:22.0614 0x1374 rspndr - ok
20:27:22.0630 0x1374 [ E50CFB92986DCAB49DE93788FD695813, EAE103008B967B0F064EDDA551AA553EE7C22D39D14FA0BBFEF41C4D1B6C99E5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:27:22.0646 0x1374 RTL8167 - ok
20:27:22.0661 0x1374 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] SamSs C:\Windows\system32\lsass.exe
20:27:22.0661 0x1374 SamSs - ok
20:27:22.0661 0x1374 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:27:22.0677 0x1374 sbp2port - ok
20:27:22.0677 0x1374 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:27:22.0708 0x1374 SCardSvr - ok
20:27:22.0724 0x1374 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:27:22.0739 0x1374 scfilter - ok
20:27:22.0755 0x1374 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
20:27:22.0817 0x1374 Schedule - ok
20:27:22.0817 0x1374 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:27:22.0833 0x1374 SCPolicySvc - ok
20:27:22.0848 0x1374 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:27:22.0864 0x1374 SDRSVC - ok
20:27:22.0864 0x1374 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:27:22.0895 0x1374 secdrv - ok
20:27:22.0895 0x1374 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
20:27:22.0911 0x1374 seclogon - ok
20:27:22.0926 0x1374 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:27:22.0942 0x1374 SENS - ok
20:27:22.0942 0x1374 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:27:22.0958 0x1374 SensrSvc - ok
20:27:22.0958 0x1374 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:27:22.0973 0x1374 Serenum - ok
20:27:22.0973 0x1374 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:27:22.0989 0x1374 Serial - ok
20:27:23.0004 0x1374 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:27:23.0004 0x1374 sermouse - ok
20:27:23.0020 0x1374 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
20:27:23.0051 0x1374 SessionEnv - ok
20:27:23.0051 0x1374 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:27:23.0067 0x1374 sffdisk - ok
20:27:23.0067 0x1374 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:27:23.0082 0x1374 sffp_mmc - ok
20:27:23.0082 0x1374 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:27:23.0098 0x1374 sffp_sd - ok
20:27:23.0098 0x1374 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:27:23.0114 0x1374 sfloppy - ok
20:27:23.0114 0x1374 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:27:23.0145 0x1374 SharedAccess - ok
20:27:23.0160 0x1374 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:27:23.0192 0x1374 ShellHWDetection - ok
20:27:23.0192 0x1374 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:27:23.0207 0x1374 SiSRaid2 - ok
20:27:23.0207 0x1374 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:27:23.0223 0x1374 SiSRaid4 - ok
20:27:23.0238 0x1374 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:27:23.0270 0x1374 SkypeUpdate - ok
20:27:23.0270 0x1374 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:27:23.0301 0x1374 Smb - ok
20:27:23.0301 0x1374 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:27:23.0316 0x1374 SNMPTRAP - ok
20:27:23.0316 0x1374 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\SysWOW64\speedfan.sys
20:27:23.0332 0x1374 speedfan - ok
20:27:23.0332 0x1374 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:27:23.0348 0x1374 spldr - ok
20:27:23.0363 0x1374 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
20:27:23.0382 0x1374 Spooler - ok
20:27:23.0444 0x1374 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
20:27:23.0522 0x1374 sppsvc - ok
20:27:23.0538 0x1374 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:27:23.0553 0x1374 sppuinotify - ok
20:27:23.0569 0x1374 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:27:23.0600 0x1374 srv - ok
20:27:23.0600 0x1374 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:27:23.0616 0x1374 srv2 - ok
20:27:23.0634 0x1374 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:27:23.0650 0x1374 srvnet - ok
20:27:23.0650 0x1374 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:27:23.0681 0x1374 SSDPSRV - ok
20:27:23.0681 0x1374 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:27:23.0712 0x1374 SstpSvc - ok
20:27:23.0712 0x1374 [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
20:27:23.0728 0x1374 ssudmdm - ok
20:27:23.0806 0x1374 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service E:\USB Drivers\25_escape\conn\ss_conn_service.exe
20:27:23.0853 0x1374 ss_conn_service - ok
20:27:23.0868 0x1374 [ 189879824D01F9A0DD1D72259A120F50, D587688E9EF7C43319AB87EEA368C9310F3A8F4A8A6D8A6E427A54126C209DF0 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:27:23.0915 0x1374 Steam Client Service - ok
20:27:23.0931 0x1374 [ F82B2FC221CA0E408874884787491667, A9C7FB9C4719484BDA4FB69A8F948DC556CFEA19DFE89D2E63536F2C42725E66 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:27:23.0962 0x1374 Stereo Service - ok
20:27:23.0978 0x1374 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:27:23.0978 0x1374 stexstor - ok
20:27:23.0993 0x1374 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
20:27:24.0024 0x1374 stisvc - ok
20:27:24.0024 0x1374 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
20:27:24.0040 0x1374 StorSvc - ok
20:27:24.0040 0x1374 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
20:27:24.0056 0x1374 swenum - ok
20:27:24.0071 0x1374 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:27:24.0087 0x1374 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
20:27:26.0636 0x1374 Detect skipped due to KSN trusted
20:27:26.0636 0x1374 SwitchBoard - ok
20:27:26.0651 0x1374 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:27:26.0683 0x1374 swprv - ok
20:27:26.0715 0x1374 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
20:27:26.0761 0x1374 SysMain - ok
20:27:26.0761 0x1374 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:27:26.0793 0x1374 TabletInputService - ok
20:27:26.0793 0x1374 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
20:27:26.0824 0x1374 TapiSrv - ok
20:27:26.0824 0x1374 [ E91BCBD521606E60C2807813D8EAC579, 9B9329535AF753E5922BD53DEF08E5E99C51927923C7DF87112A0E293DE47FAC ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
20:27:26.0839 0x1374 tbhsd - ok
20:27:26.0839 0x1374 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:27:26.0871 0x1374 TBS - ok
20:27:26.0902 0x1374 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:27:26.0946 0x1374 Tcpip - ok
20:27:26.0978 0x1374 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:27:27.0009 0x1374 TCPIP6 - ok
20:27:27.0009 0x1374 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:27:27.0025 0x1374 tcpipreg - ok
20:27:27.0025 0x1374 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:27:27.0041 0x1374 TDPIPE - ok
20:27:27.0041 0x1374 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:27:27.0056 0x1374 TDTCP - ok
20:27:27.0072 0x1374 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:27:27.0087 0x1374 tdx - ok
20:27:27.0243 0x1374 [ E99CD4524662A2DA7C73372C626669D8, 694DF29BF6CFF8CA06B8C701BBD148DCF58D6A6ECE3CF6CC900B0D0E5A3DFDF2 ] TeamViewer9 E:\TeamViewer9\TeamViewer_Service.exe
20:27:27.0353 0x1374 TeamViewer9 - ok
20:27:27.0368 0x1374 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
20:27:27.0384 0x1374 TermDD - ok
20:27:27.0384 0x1374 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
20:27:27.0415 0x1374 TermService - ok
20:27:27.0431 0x1374 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
20:27:27.0446 0x1374 Themes - ok
20:27:27.0446 0x1374 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:27:27.0462 0x1374 THREADORDER - ok
20:27:27.0462 0x1374 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:27:27.0493 0x1374 TrkWks - ok
20:27:27.0509 0x1374 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:27:27.0524 0x1374 TrustedInstaller - ok
20:27:27.0524 0x1374 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:27:27.0540 0x1374 tssecsrv - ok
20:27:27.0540 0x1374 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:27:27.0555 0x1374 TsUsbFlt - ok
20:27:27.0571 0x1374 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:27:27.0602 0x1374 tunnel - ok
20:27:27.0602 0x1374 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:27:27.0618 0x1374 uagp35 - ok
20:27:27.0618 0x1374 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:27:27.0649 0x1374 udfs - ok
20:27:27.0665 0x1374 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:27:27.0665 0x1374 UI0Detect - ok
20:27:27.0680 0x1374 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:27:27.0696 0x1374 uliagpkx - ok
20:27:27.0696 0x1374 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:27:27.0711 0x1374 umbus - ok
20:27:27.0711 0x1374 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:27:27.0711 0x1374 UmPass - ok
20:27:27.0727 0x1374 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
20:27:27.0743 0x1374 UmRdpService - ok
20:27:27.0758 0x1374 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:27:27.0774 0x1374 upnphost - ok
20:27:27.0789 0x1374 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:27:27.0805 0x1374 usbccgp - ok
20:27:27.0805 0x1374 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:27:27.0821 0x1374 usbcir - ok
20:27:27.0821 0x1374 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:27:27.0836 0x1374 usbehci - ok
20:27:27.0836 0x1374 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:27:27.0867 0x1374 usbhub - ok
20:27:27.0867 0x1374 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:27:27.0867 0x1374 usbohci - ok
20:27:27.0883 0x1374 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:27:27.0899 0x1374 usbprint - ok
20:27:27.0899 0x1374 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:27:27.0914 0x1374 USBSTOR - ok
20:27:27.0914 0x1374 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:27:27.0930 0x1374 usbuhci - ok
20:27:27.0930 0x1374 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:27:27.0961 0x1374 UxSms - ok
20:27:27.0961 0x1374 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] VaultSvc C:\Windows\system32\lsass.exe
20:27:27.0961 0x1374 VaultSvc - ok
20:27:27.0977 0x1374 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\system32\DRIVERS\VClone.sys
20:27:27.0977 0x1374 VClone - ok
20:27:27.0992 0x1374 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:27:27.0992 0x1374 vdrvroot - ok
20:27:28.0008 0x1374 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
20:27:28.0039 0x1374 vds - ok
20:27:28.0055 0x1374 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:27:28.0070 0x1374 vga - ok
20:27:28.0070 0x1374 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:27:28.0086 0x1374 VgaSave - ok
20:27:28.0101 0x1374 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:27:28.0117 0x1374 vhdmp - ok
20:27:28.0117 0x1374 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
20:27:28.0133 0x1374 viaide - ok
20:27:28.0133 0x1374 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:27:28.0148 0x1374 volmgr - ok
20:27:28.0148 0x1374 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:27:28.0164 0x1374 volmgrx - ok
20:27:28.0179 0x1374 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:27:28.0195 0x1374 volsnap - ok
20:27:28.0195 0x1374 [ 86C96C079293E2E06708E146A011F4C4, 10F8DBA78B76B304525FC72C83990F10133936010E26D2F9AEB2FB747F8B75C2 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
20:27:28.0242 0x1374 vpnagent - ok
20:27:28.0242 0x1374 [ 5932B2999AEF21C4599A792599F28D89, 78B2842BA71F9DAB5BB64BA4AB97BD19DEEFB075F83D735244906D046E78B2DC ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys
20:27:28.0257 0x1374 vpnva - ok
20:27:28.0257 0x1374 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:27:28.0273 0x1374 vsmraid - ok
20:27:28.0304 0x1374 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
20:27:28.0351 0x1374 VSS - ok
20:27:28.0351 0x1374 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:27:28.0367 0x1374 vwifibus - ok
20:27:28.0382 0x1374 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:27:28.0413 0x1374 W32Time - ok
20:27:28.0413 0x1374 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:27:28.0430 0x1374 WacomPen - ok
20:27:28.0430 0x1374 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:27:28.0461 0x1374 WANARP - ok
20:27:28.0461 0x1374 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:27:28.0492 0x1374 Wanarpv6 - ok
20:27:28.0508 0x1374 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
20:27:28.0555 0x1374 wbengine - ok
20:27:28.0555 0x1374 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:27:28.0570 0x1374 WbioSrvc - ok
20:27:28.0586 0x1374 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:27:28.0602 0x1374 wcncsvc - ok
20:27:28.0602 0x1374 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:27:28.0617 0x1374 WcsPlugInService - ok
20:27:28.0617 0x1374 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:27:28.0633 0x1374 Wd - ok
20:27:28.0648 0x1374 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:27:28.0683 0x1374 Wdf01000 - ok
20:27:28.0684 0x1374 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:27:28.0684 0x1374 WdiServiceHost - ok
20:27:28.0700 0x1374 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:27:28.0700 0x1374 WdiSystemHost - ok
20:27:28.0715 0x1374 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
20:27:28.0731 0x1374 WebClient - ok
20:27:28.0731 0x1374 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:27:28.0762 0x1374 Wecsvc - ok
20:27:28.0762 0x1374 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:27:28.0793 0x1374 wercplsupport - ok
20:27:28.0793 0x1374 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:27:28.0824 0x1374 WerSvc - ok
20:27:28.0824 0x1374 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:27:28.0856 0x1374 WfpLwf - ok
20:27:28.0856 0x1374 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:27:28.0871 0x1374 WIMMount - ok
20:27:28.0871 0x1374 WinDefend - ok
20:27:28.0871 0x1374 WinHttpAutoProxySvc - ok
20:27:28.0887 0x1374 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:27:28.0918 0x1374 Winmgmt - ok
20:27:28.0949 0x1374 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
20:27:28.0996 0x1374 WinRM - ok
20:27:28.0996 0x1374 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:27:29.0012 0x1374 WinUsb - ok
20:27:29.0027 0x1374 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:27:29.0058 0x1374 Wlansvc - ok
20:27:29.0058 0x1374 [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
20:27:29.0074 0x1374 WmBEnum - ok
20:27:29.0074 0x1374 [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
20:27:29.0090 0x1374 WmFilter - ok
20:27:29.0090 0x1374 [ AC4331AF118A720F13C9C5CABBFE27BD, 2C5F453996B00078F3E8E731F6B3DD4529831BDA2146EAFC66727C9460E85112 ] WmHidLo C:\Windows\system32\drivers\WmHidLo.sys
20:27:29.0105 0x1374 WmHidLo - ok
20:27:29.0105 0x1374 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:27:29.0105 0x1374 WmiAcpi - ok
20:27:29.0121 0x1374 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:27:29.0136 0x1374 wmiApSrv - ok
20:27:29.0136 0x1374 WMPNetworkSvc - ok
20:27:29.0136 0x1374 [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
20:27:29.0152 0x1374 WmVirHid - ok
20:27:29.0152 0x1374 [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
20:27:29.0168 0x1374 WmXlCore - ok
20:27:29.0168 0x1374 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:27:29.0183 0x1374 WPCSvc - ok
20:27:29.0183 0x1374 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:27:29.0199 0x1374 WPDBusEnum - ok
20:27:29.0199 0x1374 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:27:29.0230 0x1374 ws2ifsl - ok
20:27:29.0230 0x1374 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
20:27:29.0246 0x1374 wscsvc - ok
20:27:29.0246 0x1374 WSearch - ok
20:27:29.0292 0x1374 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
20:27:29.0339 0x1374 wuauserv - ok
20:27:29.0355 0x1374 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:27:29.0355 0x1374 WudfPf - ok
20:27:29.0355 0x1374 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:27:29.0370 0x1374 WUDFRd - ok
20:27:29.0370 0x1374 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:27:29.0386 0x1374 wudfsvc - ok
20:27:29.0402 0x1374 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:27:29.0417 0x1374 WwanSvc - ok
20:27:29.0417 0x1374 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
20:27:29.0433 0x1374 xusb21 - ok
20:27:29.0433 0x1374 ================ Scan global ===============================
20:27:29.0433 0x1374 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:27:29.0448 0x1374 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
20:27:29.0464 0x1374 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
20:27:29.0480 0x1374 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:27:29.0480 0x1374 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:27:29.0495 0x1374 [ Global ] - ok
20:27:29.0495 0x1374 ================ Scan MBR ==================================
20:27:29.0495 0x1374 [ B1F7D7F6E4FBE98E578562A22A94D02C ] \Device\Harddisk0\DR0
20:27:29.0542 0x1374 \Device\Harddisk0\DR0 - ok
20:27:29.0558 0x1374 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:27:29.0620 0x1374 \Device\Harddisk1\DR1 - ok
20:27:29.0620 0x1374 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
20:27:29.0682 0x1374 \Device\Harddisk2\DR2 - ok
20:27:29.0682 0x1374 ================ Scan VBR ==================================
20:27:29.0682 0x1374 [ 07646B89B9FDD3523AABCB6D6A11EC8B ] \Device\Harddisk0\DR0\Partition1
20:27:29.0682 0x1374 \Device\Harddisk0\DR0\Partition1 - ok
20:27:29.0682 0x1374 [ 35A5992728A90B0C426CD378066F1B4B ] \Device\Harddisk1\DR1\Partition1
20:27:29.0729 0x1374 \Device\Harddisk1\DR1\Partition1 - ok
20:27:29.0729 0x1374 [ 075ABC383AEC6F0C77F664ED3FF81D24 ] \Device\Harddisk1\DR1\Partition2
20:27:29.0729 0x1374 \Device\Harddisk1\DR1\Partition2 - ok
20:27:29.0729 0x1374 [ 167A7A4C275235FC8304DA85C34CCF23 ] \Device\Harddisk2\DR2\Partition1
20:27:29.0745 0x1374 \Device\Harddisk2\DR2\Partition1 - ok
20:27:29.0745 0x1374 [ EBB1E9FCB24E72B93D3C1162AE0A1AEB ] \Device\Harddisk2\DR2\Partition2
20:27:29.0760 0x1374 \Device\Harddisk2\DR2\Partition2 - ok
20:27:29.0760 0x1374 ================ Scan generic autorun ======================
20:27:29.0760 0x1374 [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe
20:27:29.0776 0x1374 IgfxTray - ok
20:27:29.0776 0x1374 [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe
20:27:29.0807 0x1374 HotKeysCmds - ok
20:27:29.0807 0x1374 [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe
20:27:29.0838 0x1374 Persistence - ok
20:27:30.0057 0x1374 [ 47D99FEC44A9E082B2D761AB5A938CA8, FF8CAD5CD331A7DAFAA616C530F500E74663EC86BB832032D2EFD3F77EBF75FF ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:27:30.0306 0x1374 RtHDVCpl - ok
20:27:30.0353 0x1374 [ 638644168D9B5B5093AD84C9C162B550, BDBAB13BA6D369B7F87F721518F7EBD4B14D85B80BCC1E37FA929BB77200401B ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:27:30.0400 0x1374 NvBackend - ok
20:27:30.0400 0x1374 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
20:27:30.0416 0x1374 ShadowPlay - ok
20:27:30.0432 0x1374 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:27:30.0479 0x1374 Sidebar - ok
20:27:30.0479 0x1374 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:27:30.0495 0x1374 mctadmin - ok
20:27:30.0510 0x1374 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:27:30.0541 0x1374 Sidebar - ok
20:27:30.0541 0x1374 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:27:30.0557 0x1374 mctadmin - ok
20:27:30.0588 0x1374 [ 19D119FD4B5D488302C6B50074CE0B7E, 8A1D259F7FCC3B5D63B353423EFB8245419B00176A8E546105983B9995EAFFB7 ] C:\Program Files (x86)\Thunder Master\THPanel.exe
20:27:30.0635 0x1374 THPanel - ok
20:27:30.0651 0x1374 [ 14904E77AF50FABE79F8FA9247AB5DB6, 09019651ECB8DDEA13A905FFE0D1391F557F027ABA6B7111D5E3A1AC06C16C11 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE
20:27:30.0666 0x1374 \\SPEEDPORT\USB2.0 MFP(Hi-Speed) - ok
20:27:30.0666 0x1374 Waiting for KSN requests completion. In queue: 349
20:27:31.0667 0x1374 Waiting for KSN requests completion. In queue: 42
20:27:32.0667 0x1374 Waiting for KSN requests completion. In queue: 42
20:27:33.0685 0x1374 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated )
20:27:33.0685 0x1374 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmifw.exe ( 15.0.1.415 ), 0x41010 ( enabled )
20:27:36.0125 0x1374 ============================================================
20:27:36.0125 0x1374 Scan finished
20:27:36.0125 0x1374 ============================================================
20:27:36.0125 0x0078 Detected object count: 0
20:27:36.0125 0x0078 Actual detected object count: 0
20:28:03.0447 0x1220 ============================================================
20:28:03.0447 0x1220 Scan started
20:28:03.0447 0x1220 Mode: Manual; SigCheck; TDLFS;
20:28:03.0447 0x1220 ============================================================
20:28:03.0447 0x1220 KSN ping started
20:28:05.0855 0x1220 KSN ping finished: true
20:28:06.0027 0x1220 ================ Scan system memory ========================
20:28:06.0027 0x1220 System memory - ok
20:28:06.0027 0x1220 ================ Scan services =============================
20:28:06.0058 0x1220 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
20:28:06.0074 0x1220 1394ohci - ok
20:28:06.0074 0x1220 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:28:06.0089 0x1220 ACPI - ok
20:28:06.0089 0x1220 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:28:06.0105 0x1220 AcpiPmi - ok
20:28:06.0105 0x1220 [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
20:28:06.0105 0x1220 acsock - ok
20:28:06.0120 0x1220 [ CBDF353624D1744734F2FD13B4786F90, 615C695F842D2F777C7D0DAA19B3674AB903FDC401E22A130C04DB0D0C1486D2 ] AdAppMgrSvc C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
20:28:06.0136 0x1220 AdAppMgrSvc - ok
20:28:06.0152 0x1220 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:28:06.0152 0x1220 AdobeARMservice - ok
20:28:06.0167 0x1220 [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:28:06.0183 0x1220 AdobeFlashPlayerUpdateSvc - ok
20:28:06.0183 0x1220 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:28:06.0198 0x1220 adp94xx - ok
20:28:06.0214 0x1220 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:28:06.0214 0x1220 adpahci - ok
20:28:06.0230 0x1220 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:28:06.0230 0x1220 adpu320 - ok
20:28:06.0245 0x1220 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:28:06.0261 0x1220 AeLookupSvc - ok
20:28:06.0276 0x1220 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
20:28:06.0292 0x1220 AFD - ok
20:28:06.0292 0x1220 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:28:06.0292 0x1220 agp440 - ok
20:28:06.0292 0x1220 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:28:06.0308 0x1220 ALG - ok
20:28:06.0308 0x1220 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:28:06.0323 0x1220 aliide - ok
20:28:06.0323 0x1220 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:28:06.0323 0x1220 amdide - ok
20:28:06.0323 0x1220 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:28:06.0339 0x1220 AmdK8 - ok
20:28:06.0339 0x1220 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:28:06.0339 0x1220 AmdPPM - ok
20:28:06.0354 0x1220 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:28:06.0354 0x1220 amdsata - ok
20:28:06.0370 0x1220 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:28:06.0370 0x1220 amdsbs - ok
20:28:06.0370 0x1220 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:28:06.0386 0x1220 amdxata - ok
20:28:06.0386 0x1220 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
20:28:06.0386 0x1220 AppID - ok
20:28:06.0401 0x1220 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:28:06.0401 0x1220 AppIDSvc - ok
20:28:06.0401 0x1220 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
20:28:06.0417 0x1220 Appinfo - ok
20:28:06.0417 0x1220 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
20:28:06.0432 0x1220 AppMgmt - ok
20:28:06.0432 0x1220 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:28:06.0432 0x1220 arc - ok
20:28:06.0448 0x1220 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:28:06.0448 0x1220 arcsas - ok
20:28:06.0464 0x1220 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:28:06.0464 0x1220 aspnet_state - ok
20:28:06.0464 0x1220 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:28:06.0495 0x1220 AsyncMac - ok
20:28:06.0495 0x1220 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi
|
|
08.05.2015, 19:31
| #7 |
| | Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf!Code:
ATTFilter C:\Windows\system32\drivers\atapi.sys 20:28:06.0495 0x1220 atapi - ok 20:28:06.0510 0x1220 [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys 20:28:06.0510 0x1220 atksgt - ok 20:28:06.0526 0x1220 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 20:28:06.0542 0x1220 AudioEndpointBuilder - ok 20:28:06.0557 0x1220 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll 20:28:06.0573 0x1220 AudioSrv - ok 20:28:06.0588 0x1220 [ DE3FF859EDF66F5E0106B23B3A4B09CE, 9F6D735E32F340547D5FDA595E2A461083AC581AC0719913D4841C0C5D7A2998 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe 20:28:06.0588 0x1220 Autodesk Content Service - ok 20:28:06.0604 0x1220 [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe 20:28:06.0604 0x1220 AVP15.0.1 - ok 20:28:06.0620 0x1220 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 20:28:06.0620 0x1220 AxInstSV - ok 20:28:06.0635 0x1220 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 20:28:06.0651 0x1220 b06bdrv - ok 20:28:06.0651 0x1220 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 20:28:06.0666 0x1220 b57nd60a - ok 20:28:06.0666 0x1220 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 20:28:06.0682 0x1220 BDESVC - ok 20:28:06.0682 0x1220 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 20:28:06.0698 0x1220 Beep - ok 20:28:06.0713 0x1220 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 20:28:06.0729 0x1220 BFE - ok 20:28:06.0744 0x1220 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 20:28:06.0776 0x1220 BITS - ok 20:28:06.0791 0x1220 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 20:28:06.0791 0x1220 blbdrive - ok 20:28:06.0807 0x1220 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 20:28:06.0822 0x1220 Bonjour Service - ok 20:28:06.0822 0x1220 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 20:28:06.0822 0x1220 bowser - ok 20:28:06.0838 0x1220 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:28:06.0838 0x1220 BrFiltLo - ok 20:28:06.0838 0x1220 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:28:06.0854 0x1220 BrFiltUp - ok 20:28:06.0854 0x1220 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 20:28:06.0869 0x1220 Browser - ok 20:28:06.0869 0x1220 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 20:28:06.0885 0x1220 Brserid - ok 20:28:06.0885 0x1220 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 20:28:06.0900 0x1220 BrSerWdm - ok 20:28:06.0900 0x1220 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 20:28:06.0900 0x1220 BrUsbMdm - ok 20:28:06.0900 0x1220 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 20:28:06.0916 0x1220 BrUsbSer - ok 20:28:06.0916 0x1220 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 20:28:06.0932 0x1220 BTHMODEM - ok 20:28:06.0932 0x1220 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 20:28:06.0947 0x1220 bthserv - ok 20:28:06.0963 0x1220 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 20:28:06.0978 0x1220 cdfs - ok 20:28:06.0978 0x1220 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 20:28:06.0994 0x1220 cdrom - ok 20:28:06.0994 0x1220 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 20:28:07.0010 0x1220 CertPropSvc - ok 20:28:07.0025 0x1220 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 20:28:07.0025 0x1220 circlass - ok 20:28:07.0041 0x1220 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys 20:28:07.0041 0x1220 CLFS - ok 20:28:07.0090 0x1220 [ 880A6DAC6E03871B37A782155D189A53, 93659BB67236F5EBC317FD73879EB79EFB195728A2C0BC997881D3622C6CF981 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe 20:28:07.0136 0x1220 ClickToRunSvc - ok 20:28:07.0152 0x1220 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:28:07.0152 0x1220 clr_optimization_v2.0.50727_32 - ok 20:28:07.0168 0x1220 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:28:07.0168 0x1220 clr_optimization_v2.0.50727_64 - ok 20:28:07.0183 0x1220 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:28:07.0183 0x1220 clr_optimization_v4.0.30319_32 - ok 20:28:07.0199 0x1220 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 20:28:07.0199 0x1220 clr_optimization_v4.0.30319_64 - ok 20:28:07.0199 0x1220 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 20:28:07.0214 0x1220 CmBatt - ok 20:28:07.0214 0x1220 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 20:28:07.0214 0x1220 cmdide - ok 20:28:07.0230 0x1220 [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w C:\Windows\system32\DRIVERS\cm_km_w.sys 20:28:07.0230 0x1220 cm_km_w - ok 20:28:07.0246 0x1220 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys 20:28:07.0261 0x1220 CNG - ok 20:28:07.0261 0x1220 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 20:28:07.0277 0x1220 Compbatt - ok 20:28:07.0277 0x1220 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 20:28:07.0277 0x1220 CompositeBus - ok 20:28:07.0292 0x1220 COMSysApp - ok 20:28:07.0308 0x1220 [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 20:28:07.0308 0x1220 cphs - ok 20:28:07.0324 0x1220 cpuz138 - ok 20:28:07.0339 0x1220 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 20:28:07.0339 0x1220 crcdisk - ok 20:28:07.0339 0x1220 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll 20:28:07.0355 0x1220 CryptSvc - ok 20:28:07.0370 0x1220 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys 20:28:07.0386 0x1220 CSC - ok 20:28:07.0402 0x1220 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll 20:28:07.0417 0x1220 CscService - ok 20:28:07.0417 0x1220 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 20:28:07.0448 0x1220 DcomLaunch - ok 20:28:07.0464 0x1220 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 20:28:07.0480 0x1220 defragsvc - ok 20:28:07.0495 0x1220 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 20:28:07.0511 0x1220 DfsC - ok 20:28:07.0511 0x1220 [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 20:28:07.0526 0x1220 dg_ssudbus - ok 20:28:07.0526 0x1220 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 20:28:07.0542 0x1220 Dhcp - ok 20:28:07.0542 0x1220 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 20:28:07.0558 0x1220 discache - ok 20:28:07.0573 0x1220 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys 20:28:07.0573 0x1220 Disk - ok 20:28:07.0573 0x1220 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 20:28:07.0589 0x1220 Dnscache - ok 20:28:07.0589 0x1220 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 20:28:07.0623 0x1220 dot3svc - ok 20:28:07.0623 0x1220 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 20:28:07.0654 0x1220 DPS - ok 20:28:07.0654 0x1220 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 20:28:07.0654 0x1220 drmkaud - ok 20:28:07.0670 0x1220 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 20:28:07.0701 0x1220 DXGKrnl - ok 20:28:07.0701 0x1220 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 20:28:07.0717 0x1220 EapHost - ok 20:28:07.0779 0x1220 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 20:28:07.0841 0x1220 ebdrv - ok 20:28:07.0841 0x1220 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] EFS C:\Windows\System32\lsass.exe 20:28:07.0841 0x1220 EFS - ok 20:28:07.0857 0x1220 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 20:28:07.0873 0x1220 ehRecvr - ok 20:28:07.0888 0x1220 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 20:28:07.0888 0x1220 ehSched - ok 20:28:07.0888 0x1220 [ 9387A484D31209D7FC3F795A787294DB, 3CAFA3403B8A3547811B7233FB399FA8BB9FF54C82AC317955EDACE2E13519E5 ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys 20:28:07.0904 0x1220 ElbyCDFL - ok 20:28:07.0904 0x1220 [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys 20:28:07.0904 0x1220 ElbyCDIO - ok 20:28:07.0919 0x1220 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 20:28:07.0935 0x1220 elxstor - ok 20:28:07.0935 0x1220 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 20:28:07.0951 0x1220 ErrDev - ok 20:28:07.0951 0x1220 [ 72ECCB2F5C9CFC32A9B2A60933832501, BDEA5B00DB05B9A594E2B9798B96EB7FC3A8B894869F19A8DE105AD12F3A623E ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys 20:28:07.0951 0x1220 EtronHub3 - ok 20:28:07.0951 0x1220 [ 7BB310F6FB9E1B9D21DD2CE7EB0D5464, 23E6E1388757A8ACCE83A01475EEE47B5C4304B2BDB543956E95349890150F88 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys 20:28:07.0966 0x1220 EtronXHCI - ok 20:28:07.0966 0x1220 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 20:28:07.0997 0x1220 EventSystem - ok 20:28:08.0013 0x1220 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 20:28:08.0029 0x1220 exfat - ok 20:28:08.0029 0x1220 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 20:28:08.0060 0x1220 fastfat - ok 20:28:08.0075 0x1220 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 20:28:08.0091 0x1220 Fax - ok 20:28:08.0091 0x1220 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys 20:28:08.0107 0x1220 fdc - ok 20:28:08.0107 0x1220 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 20:28:08.0122 0x1220 fdPHost - ok 20:28:08.0122 0x1220 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 20:28:08.0153 0x1220 FDResPub - ok 20:28:08.0153 0x1220 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 20:28:08.0169 0x1220 FileInfo - ok 20:28:08.0169 0x1220 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 20:28:08.0185 0x1220 Filetrace - ok 20:28:08.0216 0x1220 [ 8645F91F40B8D022C9AC3DABDF360A6B, 4F83080B1273C92470EB90D80B32056C913240DCC9C4C50B7BE85254066D654D ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe 20:28:08.0231 0x1220 FlexNet Licensing Service 64 - ok 20:28:08.0247 0x1220 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 20:28:08.0247 0x1220 flpydisk - ok 20:28:08.0247 0x1220 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 20:28:08.0263 0x1220 FltMgr - ok 20:28:08.0278 0x1220 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 20:28:08.0309 0x1220 FontCache - ok 20:28:08.0309 0x1220 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:28:08.0325 0x1220 FontCache3.0.0.0 - ok 20:28:08.0325 0x1220 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 20:28:08.0325 0x1220 FsDepends - ok 20:28:08.0341 0x1220 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 20:28:08.0341 0x1220 Fs_Rec - ok 20:28:08.0341 0x1220 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 20:28:08.0356 0x1220 fvevol - ok 20:28:08.0356 0x1220 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 20:28:08.0372 0x1220 gagp30kx - ok 20:28:08.0372 0x1220 [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys 20:28:08.0372 0x1220 gdrv - ok 20:28:08.0403 0x1220 [ EBF714703106C1D5BC3E7B4C389A5828, D09472BCF71B58CF8F463131AD778F4D2E189047EE6B9AF088BCDE7B25398682 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 20:28:08.0419 0x1220 GfExperienceService - ok 20:28:08.0434 0x1220 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 20:28:08.0465 0x1220 gpsvc - ok 20:28:08.0465 0x1220 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:28:08.0481 0x1220 gupdate - ok 20:28:08.0481 0x1220 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:28:08.0497 0x1220 gupdatem - ok 20:28:08.0497 0x1220 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 20:28:08.0497 0x1220 hcw85cir - ok 20:28:08.0512 0x1220 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 20:28:08.0528 0x1220 HdAudAddService - ok 20:28:08.0528 0x1220 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 20:28:08.0528 0x1220 HDAudBus - ok 20:28:08.0543 0x1220 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 20:28:08.0543 0x1220 HidBatt - ok 20:28:08.0543 0x1220 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 20:28:08.0559 0x1220 HidBth - ok 20:28:08.0559 0x1220 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 20:28:08.0575 0x1220 HidIr - ok 20:28:08.0575 0x1220 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 20:28:08.0590 0x1220 hidserv - ok 20:28:08.0590 0x1220 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 20:28:08.0606 0x1220 HidUsb - ok 20:28:08.0606 0x1220 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 20:28:08.0637 0x1220 hkmsvc - ok 20:28:08.0637 0x1220 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 20:28:08.0653 0x1220 HomeGroupListener - ok 20:28:08.0653 0x1220 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 20:28:08.0668 0x1220 HomeGroupProvider - ok 20:28:08.0668 0x1220 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 20:28:08.0668 0x1220 HpSAMD - ok 20:28:08.0684 0x1220 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys 20:28:08.0699 0x1220 HTTP - ok 20:28:08.0715 0x1220 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 20:28:08.0715 0x1220 hwpolicy - ok 20:28:08.0715 0x1220 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 20:28:08.0731 0x1220 i8042prt - ok 20:28:08.0731 0x1220 [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 20:28:08.0746 0x1220 iaStor - ok 20:28:08.0762 0x1220 [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 20:28:08.0762 0x1220 IAStorDataMgrSvc - ok 20:28:08.0762 0x1220 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 20:28:08.0777 0x1220 iaStorV - ok 20:28:08.0777 0x1220 [ B9187F0E4F990357B9A5372066A40B57, BF9535335DAD8E26A3841FA07CFA937F9645AE4B1914C08C8029EDB020E8C694 ] ICCWDT C:\Windows\system32\DRIVERS\ICCWDT.sys 20:28:08.0793 0x1220 ICCWDT - ok 20:28:08.0809 0x1220 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:28:08.0824 0x1220 idsvc - ok 20:28:08.0824 0x1220 IEEtwCollectorService - ok 20:28:08.0918 0x1220 [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 20:28:09.0011 0x1220 igfx - ok 20:28:09.0027 0x1220 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 20:28:09.0027 0x1220 iirsp - ok 20:28:09.0046 0x1220 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 20:28:09.0061 0x1220 IKEEXT - ok 20:28:09.0124 0x1220 [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 20:28:09.0202 0x1220 IntcAzAudAddService - ok 20:28:09.0202 0x1220 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 20:28:09.0217 0x1220 intelide - ok 20:28:09.0217 0x1220 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 20:28:09.0217 0x1220 intelppm - ok 20:28:09.0233 0x1220 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 20:28:09.0248 0x1220 IPBusEnum - ok 20:28:09.0248 0x1220 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:28:09.0280 0x1220 IpFilterDriver - ok 20:28:09.0280 0x1220 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 20:28:09.0295 0x1220 iphlpsvc - ok 20:28:09.0311 0x1220 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 20:28:09.0311 0x1220 IPMIDRV - ok 20:28:09.0311 0x1220 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 20:28:09.0342 0x1220 IPNAT - ok 20:28:09.0342 0x1220 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 20:28:09.0358 0x1220 IRENUM - ok 20:28:09.0358 0x1220 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 20:28:09.0358 0x1220 isapnp - ok 20:28:09.0373 0x1220 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 20:28:09.0373 0x1220 iScsiPrt - ok 20:28:09.0373 0x1220 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 20:28:09.0389 0x1220 kbdclass - ok 20:28:09.0389 0x1220 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 20:28:09.0389 0x1220 kbdhid - ok 20:28:09.0404 0x1220 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] KeyIso C:\Windows\system32\lsass.exe 20:28:09.0404 0x1220 KeyIso - ok 20:28:09.0420 0x1220 [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys 20:28:09.0436 0x1220 kl1 - ok 20:28:09.0436 0x1220 [ CEF0410B784E8CEB0175103CDE52E7FA, 729A45D76D1886E5ECDF23F96925CEBB90A31EFA5A798D69D9C5A684380B6E36 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys 20:28:09.0436 0x1220 kldisk - ok 20:28:09.0451 0x1220 [ 09F851161CB4B3D92CDE85B3845DCECC, C86EE26F13DB904CD0CB92BEE282188D5E56ECE071F4D6E53F9AAB6D911C5DE0 ] klflt C:\Windows\system32\DRIVERS\klflt.sys 20:28:09.0451 0x1220 klflt - ok 20:28:09.0451 0x1220 [ 7A64190934B66C17F41D3921353BAEDD, D212A6ECB1CBCC665336DF982B5061A72CD88CB5BF6B2EB14B11B8BE756A670E ] klhk C:\Windows\system32\DRIVERS\klhk.sys 20:28:09.0467 0x1220 klhk - ok 20:28:09.0482 0x1220 [ B8B20727DD8B9753614E089682473563, CA39E9A517CC8B1E04860E0AFB03B0CD7FBDE66143B6CA26FB9DC0EBF80F8F48 ] KLIF C:\Windows\system32\DRIVERS\klif.sys 20:28:09.0498 0x1220 KLIF - ok 20:28:09.0498 0x1220 [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys 20:28:09.0514 0x1220 KLIM6 - ok 20:28:09.0514 0x1220 [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys 20:28:09.0514 0x1220 klkbdflt - ok 20:28:09.0514 0x1220 klkbdflt2 - ok 20:28:09.0529 0x1220 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys 20:28:09.0529 0x1220 klmouflt - ok 20:28:09.0529 0x1220 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys 20:28:09.0545 0x1220 klpd - ok 20:28:09.0545 0x1220 [ 43957361D346A4263873932D572613F2, 719E61CADF6FB49C24370899329BDE198E55DEB175F5701382EE16311D8576D9 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys 20:28:09.0545 0x1220 kltdi - ok 20:28:09.0545 0x1220 [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys 20:28:09.0560 0x1220 Klwtp - ok 20:28:09.0560 0x1220 [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps C:\Windows\system32\DRIVERS\kneps.sys 20:28:09.0576 0x1220 kneps - ok 20:28:09.0576 0x1220 [ 063C09DB965E3DFD6F4F08416F6DB8F5, 0BE015C59288397536B3941BA55EFE0CF06714BC43FF3A33A1D844B4E0F16097 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 20:28:09.0576 0x1220 KSecDD - ok 20:28:09.0593 0x1220 [ 1FA627E63195BF3BF636BFEF0D7190D4, 794456605303F4916E81BE899E0B05CB070094E719ADA8BE8072A761E35CA8E9 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 20:28:09.0593 0x1220 KSecPkg - ok 20:28:09.0593 0x1220 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 20:28:09.0624 0x1220 ksthunk - ok 20:28:09.0624 0x1220 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 20:28:09.0655 0x1220 KtmRm - ok 20:28:09.0655 0x1220 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 20:28:09.0688 0x1220 LanmanServer - ok 20:28:09.0688 0x1220 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 20:28:09.0704 0x1220 LanmanWorkstation - ok 20:28:09.0719 0x1220 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys 20:28:09.0719 0x1220 LGBusEnum - ok 20:28:09.0719 0x1220 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys 20:28:09.0719 0x1220 LGVirHid - ok 20:28:09.0735 0x1220 [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys 20:28:09.0735 0x1220 lirsgt - ok 20:28:09.0735 0x1220 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 20:28:09.0751 0x1220 lltdio - ok 20:28:09.0766 0x1220 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 20:28:09.0797 0x1220 lltdsvc - ok 20:28:09.0797 0x1220 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 20:28:09.0813 0x1220 lmhosts - ok 20:28:09.0813 0x1220 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 20:28:09.0829 0x1220 LSI_FC - ok 20:28:09.0829 0x1220 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 20:28:09.0844 0x1220 LSI_SAS - ok 20:28:09.0844 0x1220 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:28:09.0844 0x1220 LSI_SAS2 - ok 20:28:09.0844 0x1220 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:28:09.0860 0x1220 LSI_SCSI - ok 20:28:09.0860 0x1220 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 20:28:09.0891 0x1220 luafv - ok 20:28:09.0891 0x1220 [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 20:28:09.0891 0x1220 MBAMProtector - ok 20:28:09.0969 0x1220 [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService E:\ Malwarebytes Anti-Malware \mbamservice.exe 20:28:09.0985 0x1220 MBAMService - ok 20:28:10.0000 0x1220 [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 20:28:10.0000 0x1220 MBAMWebAccessControl - ok 20:28:10.0000 0x1220 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 20:28:10.0016 0x1220 Mcx2Svc - ok 20:28:10.0016 0x1220 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 20:28:10.0031 0x1220 MDM - ok 20:28:10.0031 0x1220 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 20:28:10.0031 0x1220 megasas - ok 20:28:10.0047 0x1220 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 20:28:10.0063 0x1220 MegaSR - ok 20:28:10.0063 0x1220 [ 9042E630FE102F1A2436EE05857CD139, 96C855824E46E2863EBC4A70FC195A14BD9FDD35107358B83D6C3CD01C522F3C ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys 20:28:10.0078 0x1220 MEIx64 - ok 20:28:10.0078 0x1220 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 20:28:10.0094 0x1220 MMCSS - ok 20:28:10.0094 0x1220 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 20:28:10.0125 0x1220 Modem - ok 20:28:10.0125 0x1220 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 20:28:10.0141 0x1220 monitor - ok 20:28:10.0141 0x1220 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 20:28:10.0141 0x1220 mouclass - ok 20:28:10.0141 0x1220 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 20:28:10.0156 0x1220 mouhid - ok 20:28:10.0156 0x1220 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 20:28:10.0172 0x1220 mountmgr - ok 20:28:10.0172 0x1220 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 20:28:10.0172 0x1220 mpio - ok 20:28:10.0187 0x1220 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 20:28:10.0203 0x1220 mpsdrv - ok 20:28:10.0219 0x1220 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 20:28:10.0250 0x1220 MpsSvc - ok 20:28:10.0265 0x1220 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 20:28:10.0265 0x1220 MRxDAV - ok 20:28:10.0265 0x1220 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 20:28:10.0281 0x1220 mrxsmb - ok 20:28:10.0281 0x1220 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:28:10.0297 0x1220 mrxsmb10 - ok 20:28:10.0297 0x1220 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:28:10.0312 0x1220 mrxsmb20 - ok 20:28:10.0312 0x1220 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 20:28:10.0312 0x1220 msahci - ok 20:28:10.0328 0x1220 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 20:28:10.0328 0x1220 msdsm - ok 20:28:10.0343 0x1220 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 20:28:10.0343 0x1220 MSDTC - ok 20:28:10.0343 0x1220 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 20:28:10.0375 0x1220 Msfs - ok 20:28:10.0375 0x1220 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 20:28:10.0390 0x1220 mshidkmdf - ok 20:28:10.0390 0x1220 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 20:28:10.0406 0x1220 msisadrv - ok 20:28:10.0406 0x1220 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 20:28:10.0437 0x1220 MSiSCSI - ok 20:28:10.0437 0x1220 msiserver - ok 20:28:10.0437 0x1220 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 20:28:10.0453 0x1220 MSKSSRV - ok 20:28:10.0453 0x1220 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 20:28:10.0484 0x1220 MSPCLOCK - ok 20:28:10.0484 0x1220 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 20:28:10.0499 0x1220 MSPQM - ok 20:28:10.0515 0x1220 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 20:28:10.0515 0x1220 MsRPC - ok 20:28:10.0531 0x1220 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 20:28:10.0531 0x1220 mssmbios - ok 20:28:10.0531 0x1220 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 20:28:10.0546 0x1220 MSTEE - ok 20:28:10.0562 0x1220 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 20:28:10.0562 0x1220 MTConfig - ok 20:28:10.0562 0x1220 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 20:28:10.0578 0x1220 Mup - ok 20:28:10.0579 0x1220 [ A986DC81534582FA478C286E8F57A877, E4605C0F95474C9CEB7630A1DB4D62D810A4D4797FFFAC2D175693DA5C76DEC5 ] mvs91xx C:\Windows\system32\DRIVERS\mvs91xx.sys 20:28:10.0595 0x1220 mvs91xx - ok 20:28:10.0595 0x1220 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 20:28:10.0626 0x1220 napagent - ok 20:28:10.0642 0x1220 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 20:28:10.0642 0x1220 NativeWifiP - ok 20:28:10.0673 0x1220 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 20:28:10.0689 0x1220 NDIS - ok 20:28:10.0689 0x1220 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 20:28:10.0704 0x1220 NdisCap - ok 20:28:10.0720 0x1220 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 20:28:10.0735 0x1220 NdisTapi - ok 20:28:10.0735 0x1220 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 20:28:10.0767 0x1220 Ndisuio - ok 20:28:10.0767 0x1220 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 20:28:10.0782 0x1220 NdisWan - ok 20:28:10.0782 0x1220 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 20:28:10.0813 0x1220 NDProxy - ok 20:28:10.0813 0x1220 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 20:28:10.0829 0x1220 NetBIOS - ok 20:28:10.0845 0x1220 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 20:28:10.0860 0x1220 NetBT - ok 20:28:10.0860 0x1220 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] Netlogon C:\Windows\system32\lsass.exe 20:28:10.0876 0x1220 Netlogon - ok 20:28:10.0876 0x1220 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 20:28:10.0907 0x1220 Netman - ok 20:28:10.0923 0x1220 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:28:10.0923 0x1220 NetMsmqActivator - ok 20:28:10.0938 0x1220 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:28:10.0938 0x1220 NetPipeActivator - ok 20:28:10.0954 0x1220 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 20:28:10.0969 0x1220 netprofm - ok 20:28:10.0985 0x1220 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:28:10.0985 0x1220 NetTcpActivator - ok 20:28:11.0001 0x1220 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:28:11.0001 0x1220 NetTcpPortSharing - ok 20:28:11.0001 0x1220 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 20:28:11.0016 0x1220 nfrd960 - ok 20:28:11.0016 0x1220 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 20:28:11.0032 0x1220 NlaSvc - ok 20:28:11.0032 0x1220 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 20:28:11.0063 0x1220 Npfs - ok 20:28:11.0063 0x1220 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 20:28:11.0079 0x1220 nsi - ok 20:28:11.0079 0x1220 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 20:28:11.0112 0x1220 nsiproxy - ok 20:28:11.0127 0x1220 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 20:28:11.0159 0x1220 Ntfs - ok 20:28:11.0174 0x1220 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 20:28:11.0190 0x1220 Null - ok 20:28:11.0190 0x1220 [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 20:28:11.0205 0x1220 NVHDA - ok 20:28:11.0361 0x1220 [ 7C28BA74B766F3470128107DA764F711, 43738B3B7F7A493D2B0102B889612A1E91545F38BA82CD911D63361F08048314 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:28:11.0533 0x1220 nvlddmkm - ok 20:28:11.0580 0x1220 [ F758A5752CA282925CE3324FDBBADBED, E9DE21AE4509BC401FE7BD717E1585BDEAF2E016A4DC8BB829DD43F54101923F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 20:28:11.0611 0x1220 NvNetworkService - ok 20:28:11.0627 0x1220 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 20:28:11.0627 0x1220 nvraid - ok 20:28:11.0642 0x1220 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 20:28:11.0642 0x1220 nvstor - ok 20:28:11.0642 0x1220 [ 0772513BF441995A61A6C6F87BE12174, 308203FACAAFC87AA18765F0F358ADF5F99D0CAA9ADE51C14C43416FAB68FA18 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 20:28:11.0658 0x1220 NvStreamKms - ok 20:28:11.0658 0x1220 NvStreamSvc - ok 20:28:11.0673 0x1220 [ 2A4F832243E869FD7564AA90402D74BD, E730A517EB6D49036B6FC196BFC930ED93EDB4FD4FA7EB1EB69A434BB94AE3C0 ] nvsvc C:\Windows\system32\nvvsvc.exe 20:28:11.0689 0x1220 nvsvc - ok 20:28:11.0705 0x1220 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys 20:28:11.0705 0x1220 nvvad_WaveExtensible - ok 20:28:11.0705 0x1220 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 20:28:11.0720 0x1220 nv_agp - ok 20:28:11.0720 0x1220 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 20:28:11.0720 0x1220 ohci1394 - ok 20:28:11.0798 0x1220 [ D06C2368C93396C6B983CE60523BA99F, ABC90E2DC2DE577AFA37BF34630502AA209C9556DFCC1757844D95D9370FFA8C ] Origin Client Service E:\Origin\OriginClientService.exe 20:28:11.0831 0x1220 Origin Client Service - ok 20:28:11.0847 0x1220 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:28:11.0847 0x1220 ose - ok 20:28:11.0925 0x1220 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 20:28:12.0019 0x1220 osppsvc - ok 20:28:12.0034 0x1220 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 20:28:12.0050 0x1220 p2pimsvc - ok 20:28:12.0050 0x1220 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 20:28:12.0065 0x1220 p2psvc - ok 20:28:12.0081 0x1220 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys 20:28:12.0081 0x1220 Parport - ok 20:28:12.0081 0x1220 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 20:28:12.0098 0x1220 partmgr - ok 20:28:12.0098 0x1220 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll 20:28:12.0113 0x1220 PcaSvc - ok 20:28:12.0113 0x1220 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 20:28:12.0129 0x1220 pci - ok 20:28:12.0129 0x1220 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 20:28:12.0129 0x1220 pciide - ok 20:28:12.0144 0x1220 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 20:28:12.0144 0x1220 pcmcia - ok 20:28:12.0144 0x1220 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 20:28:12.0160 0x1220 pcw - ok 20:28:12.0176 0x1220 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 20:28:12.0191 0x1220 PEAUTH - ok 20:28:12.0207 0x1220 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 20:28:12.0238 0x1220 PeerDistSvc - ok 20:28:12.0254 0x1220 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 20:28:12.0269 0x1220 PerfHost - ok 20:28:12.0285 0x1220 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 20:28:12.0332 0x1220 pla - ok 20:28:12.0347 0x1220 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 20:28:12.0363 0x1220 PlugPlay - ok 20:28:12.0363 0x1220 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 20:28:12.0363 0x1220 PNRPAutoReg - ok 20:28:12.0378 0x1220 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 20:28:12.0394 0x1220 PNRPsvc - ok 20:28:12.0394 0x1220 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 20:28:12.0425 0x1220 PolicyAgent - ok 20:28:12.0441 0x1220 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 20:28:12.0456 0x1220 Power - ok 20:28:12.0456 0x1220 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 20:28:12.0488 0x1220 PptpMiniport - ok 20:28:12.0488 0x1220 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys 20:28:12.0488 0x1220 Processor - ok 20:28:12.0503 0x1220 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 20:28:12.0503 0x1220 ProfSvc - ok 20:28:12.0519 0x1220 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] ProtectedStorage C:\Windows\system32\lsass.exe 20:28:12.0519 0x1220 ProtectedStorage - ok 20:28:12.0519 0x1220 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 20:28:12.0550 0x1220 Psched - ok 20:28:12.0550 0x1220 [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 20:28:12.0550 0x1220 PxHlpa64 - ok 20:28:12.0581 0x1220 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 20:28:12.0612 0x1220 ql2300 - ok 20:28:12.0612 0x1220 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 20:28:12.0628 0x1220 ql40xx - ok 20:28:12.0628 0x1220 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 20:28:12.0644 0x1220 QWAVE - ok 20:28:12.0644 0x1220 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 20:28:12.0659 0x1220 QWAVEdrv - ok 20:28:12.0659 0x1220 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 20:28:12.0675 0x1220 RasAcd - ok 20:28:12.0690 0x1220 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 20:28:12.0706 0x1220 RasAgileVpn - ok 20:28:12.0706 0x1220 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 20:28:12.0737 0x1220 RasAuto - ok 20:28:12.0737 0x1220 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 20:28:12.0753 0x1220 Rasl2tp - ok 20:28:12.0768 0x1220 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 20:28:12.0784 0x1220 RasMan - ok 20:28:12.0800 0x1220 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 20:28:12.0815 0x1220 RasPppoe - ok 20:28:12.0815 0x1220 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 20:28:12.0846 0x1220 RasSstp - ok 20:28:12.0846 0x1220 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 20:28:12.0878 0x1220 rdbss - ok 20:28:12.0878 0x1220 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 20:28:12.0878 0x1220 rdpbus - ok 20:28:12.0893 0x1220 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 20:28:12.0909 0x1220 RDPCDD - ok 20:28:12.0909 0x1220 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 20:28:12.0924 0x1220 RDPDR - ok 20:28:12.0924 0x1220 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 20:28:12.0940 0x1220 RDPENCDD - ok 20:28:12.0940 0x1220 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 20:28:12.0971 0x1220 RDPREFMP - ok 20:28:12.0971 0x1220 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 20:28:12.0971 0x1220 RdpVideoMiniport - ok 20:28:12.0987 0x1220 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 20:28:13.0002 0x1220 RDPWD - ok 20:28:13.0002 0x1220 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 20:28:13.0002 0x1220 rdyboost - ok 20:28:13.0018 0x1220 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 20:28:13.0034 0x1220 RemoteAccess - ok 20:28:13.0034 0x1220 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 20:28:13.0065 0x1220 RemoteRegistry - ok 20:28:13.0065 0x1220 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 20:28:13.0097 0x1220 RpcEptMapper - ok 20:28:13.0097 0x1220 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 20:28:13.0097 0x1220 RpcLocator - ok 20:28:13.0113 0x1220 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 20:28:13.0144 0x1220 RpcSs - ok 20:28:13.0144 0x1220 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys 20:28:13.0144 0x1220 RRNetCap - ok 20:28:13.0144 0x1220 [ 6195EC84C82E7844B5B17803ADDB1CA3, 175DF60973C50B1F1FA84B7DBB694D2B18CD41DA8A29479E388ED76D2C9AAE19 ] RrNetCapFilterDriver C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys 20:28:13.0159 0x1220 RrNetCapFilterDriver - ok 20:28:13.0159 0x1220 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys 20:28:13.0159 0x1220 RRNetCapMP - ok 20:28:13.0159 0x1220 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 20:28:13.0191 0x1220 rspndr - ok 20:28:13.0206 0x1220 [ E50CFB92986DCAB49DE93788FD695813, EAE103008B967B0F064EDDA551AA553EE7C22D39D14FA0BBFEF41C4D1B6C99E5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 20:28:13.0206 0x1220 RTL8167 - ok 20:28:13.0222 0x1220 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] SamSs C:\Windows\system32\lsass.exe 20:28:13.0222 0x1220 SamSs - ok 20:28:13.0222 0x1220 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 20:28:13.0237 0x1220 sbp2port - ok 20:28:13.0237 0x1220 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 20:28:13.0269 0x1220 SCardSvr - ok 20:28:13.0269 0x1220 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 20:28:13.0284 0x1220 scfilter - ok 20:28:13.0300 0x1220 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 20:28:13.0347 0x1220 Schedule - ok 20:28:13.0347 0x1220 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 20:28:13.0362 0x1220 SCPolicySvc - ok 20:28:13.0378 0x1220 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 20:28:13.0378 0x1220 SDRSVC - ok 20:28:13.0393 0x1220 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 20:28:13.0409 0x1220 secdrv - ok 20:28:13.0409 0x1220 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 20:28:13.0425 0x1220 seclogon - ok 20:28:13.0440 0x1220 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 20:28:13.0456 0x1220 SENS - ok 20:28:13.0456 0x1220 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 20:28:13.0471 0x1220 SensrSvc - ok 20:28:13.0471 0x1220 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 20:28:13.0471 0x1220 Serenum - ok 20:28:13.0487 0x1220 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 20:28:13.0487 0x1220 Serial - ok 20:28:13.0487 0x1220 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 20:28:13.0503 0x1220 sermouse - ok 20:28:13.0503 0x1220 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 20:28:13.0534 0x1220 SessionEnv - ok 20:28:13.0534 0x1220 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 20:28:13.0534 0x1220 sffdisk - ok 20:28:13.0534 0x1220 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 20:28:13.0549 0x1220 sffp_mmc - ok 20:28:13.0549 0x1220 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 20:28:13.0549 0x1220 sffp_sd - ok 20:28:13.0549 0x1220 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 20:28:13.0565 0x1220 sfloppy - ok 20:28:13.0565 0x1220 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 20:28:13.0596 0x1220 SharedAccess - ok 20:28:13.0612 0x1220 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 20:28:13.0628 0x1220 ShellHWDetection - ok 20:28:13.0628 0x1220 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:28:13.0644 0x1220 SiSRaid2 - ok 20:28:13.0644 0x1220 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 20:28:13.0660 0x1220 SiSRaid4 - ok 20:28:13.0660 0x1220 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 20:28:13.0675 0x1220 SkypeUpdate - ok 20:28:13.0675 0x1220 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 20:28:13.0691 0x1220 Smb - ok 20:28:13.0706 0x1220 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 20:28:13.0706 0x1220 SNMPTRAP - ok 20:28:13.0706 0x1220 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\SysWOW64\speedfan.sys 20:28:13.0722 0x1220 speedfan - ok 20:28:13.0722 0x1220 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 20:28:13.0722 0x1220 spldr - ok 20:28:13.0738 0x1220 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 20:28:13.0753 0x1220 Spooler - ok 20:28:13.0816 0x1220 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 20:28:13.0894 0x1220 sppsvc - ok 20:28:13.0894 0x1220 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 20:28:13.0909 0x1220 sppuinotify - ok 20:28:13.0925 0x1220 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 20:28:13.0940 0x1220 srv - ok 20:28:13.0956 0x1220 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 20:28:13.0956 0x1220 srv2 - ok 20:28:13.0972 0x1220 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 20:28:13.0972 0x1220 srvnet - ok 20:28:13.0987 0x1220 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 20:28:14.0003 0x1220 SSDPSRV - ok 20:28:14.0003 0x1220 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 20:28:14.0034 0x1220 SstpSvc - ok 20:28:14.0034 0x1220 [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 20:28:14.0050 0x1220 ssudmdm - ok 20:28:14.0128 0x1220 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service E:\USB Drivers\25_escape\conn\ss_conn_service.exe 20:28:14.0143 0x1220 ss_conn_service - ok 20:28:14.0159 0x1220 [ 189879824D01F9A0DD1D72259A120F50, D587688E9EF7C43319AB87EEA368C9310F3A8F4A8A6D8A6E427A54126C209DF0 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 20:28:14.0174 0x1220 Steam Client Service - ok 20:28:14.0174 0x1220 [ F82B2FC221CA0E408874884787491667, A9C7FB9C4719484BDA4FB69A8F948DC556CFEA19DFE89D2E63536F2C42725E66 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 20:28:14.0190 0x1220 Stereo Service - ok 20:28:14.0190 0x1220 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 20:28:14.0206 0x1220 stexstor - ok 20:28:14.0221 0x1220 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 20:28:14.0237 0x1220 stisvc - ok 20:28:14.0237 0x1220 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll 20:28:14.0237 0x1220 StorSvc - ok 20:28:14.0252 0x1220 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 20:28:14.0252 0x1220 swenum - ok 20:28:14.0268 0x1220 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 20:28:14.0284 0x1220 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 ) 20:28:14.0284 0x1220 Detect skipped due to KSN trusted 20:28:14.0284 0x1220 SwitchBoard - ok 20:28:14.0284 0x1220 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 20:28:14.0315 0x1220 swprv - ok 20:28:14.0346 0x1220 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 20:28:14.0393 0x1220 SysMain - ok 20:28:14.0393 0x1220 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 20:28:14.0408 0x1220 TabletInputService - ok 20:28:14.0408 0x1220 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 20:28:14.0440 0x1220 TapiSrv - ok 20:28:14.0440 0x1220 [ E91BCBD521606E60C2807813D8EAC579, 9B9329535AF753E5922BD53DEF08E5E99C51927923C7DF87112A0E293DE47FAC ] tbhsd C:\Windows\system32\drivers\tbhsd.sys 20:28:14.0440 0x1220 tbhsd - ok 20:28:14.0455 0x1220 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 20:28:14.0471 0x1220 TBS - ok 20:28:14.0502 0x1220 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 20:28:14.0533 0x1220 Tcpip - ok 20:28:14.0564 0x1220 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 20:28:14.0611 0x1220 TCPIP6 - ok 20:28:14.0611 0x1220 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 20:28:14.0628 0x1220 tcpipreg - ok 20:28:14.0628 0x1220 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 20:28:14.0628 0x1220 TDPIPE - ok 20:28:14.0628 0x1220 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 20:28:14.0643 0x1220 TDTCP - ok 20:28:14.0643 0x1220 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys 20:28:14.0659 0x1220 tdx - ok 20:28:14.0815 0x1220 [ E99CD4524662A2DA7C73372C626669D8, 694DF29BF6CFF8CA06B8C701BBD148DCF58D6A6ECE3CF6CC900B0D0E5A3DFDF2 ] TeamViewer9 E:\TeamViewer9\TeamViewer_Service.exe 20:28:14.0909 0x1220 TeamViewer9 - ok 20:28:14.0924 0x1220 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 20:28:14.0924 0x1220 TermDD - ok 20:28:14.0940 0x1220 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 20:28:14.0955 0x1220 TermService - ok 20:28:14.0955 0x1220 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 20:28:14.0971 0x1220 Themes - ok 20:28:14.0971 0x1220 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 20:28:15.0002 0x1220 THREADORDER - ok 20:28:15.0002 0x1220 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 20:28:15.0018 0x1220 TrkWks - ok 20:28:15.0033 0x1220 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 20:28:15.0049 0x1220 TrustedInstaller - ok 20:28:15.0049 0x1220 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 20:28:15.0065 0x1220 tssecsrv - ok 20:28:15.0065 0x1220 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 20:28:15.0080 0x1220 TsUsbFlt - ok 20:28:15.0080 0x1220 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 20:28:15.0096 0x1220 tunnel - ok 20:28:15.0096 0x1220 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 20:28:15.0111 0x1220 uagp35 - ok 20:28:15.0111 0x1220 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 20:28:15.0145 0x1220 udfs - ok 20:28:15.0145 0x1220 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 20:28:15.0160 0x1220 UI0Detect - ok 20:28:15.0160 0x1220 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 20:28:15.0160 0x1220 uliagpkx - ok 20:28:15.0160 0x1220 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 20:28:15.0176 0x1220 umbus - ok 20:28:15.0176 0x1220 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 20:28:15.0191 0x1220 UmPass - ok 20:28:15.0191 0x1220 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll 20:28:15.0207 0x1220 UmRdpService - ok 20:28:15.0207 0x1220 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 20:28:15.0238 0x1220 upnphost - ok 20:28:15.0238 0x1220 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 20:28:15.0254 0x1220 usbccgp - ok 20:28:15.0254 0x1220 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 20:28:15.0254 0x1220 usbcir - ok 20:28:15.0269 0x1220 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 20:28:15.0269 0x1220 usbehci - ok 20:28:15.0285 0x1220 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 20:28:15.0285 0x1220 usbhub - ok 20:28:15.0285 0x1220 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 20:28:15.0301 0x1220 usbohci - ok 20:28:15.0301 0x1220 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 20:28:15.0316 0x1220 usbprint - ok 20:28:15.0316 0x1220 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:28:15.0316 0x1220 USBSTOR - ok 20:28:15.0332 0x1220 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 20:28:15.0332 0x1220 usbuhci - ok 20:28:15.0332 0x1220 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 20:28:15.0363 0x1220 UxSms - ok 20:28:15.0363 0x1220 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] VaultSvc C:\Windows\system32\lsass.exe 20:28:15.0363 0x1220 VaultSvc - ok 20:28:15.0363 0x1220 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\system32\DRIVERS\VClone.sys 20:28:15.0379 0x1220 VClone - ok 20:28:15.0379 0x1220 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 20:28:15.0379 0x1220 vdrvroot - ok 20:28:15.0394 0x1220 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 20:28:15.0425 0x1220 vds - ok 20:28:15.0425 0x1220 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 20:28:15.0441 0x1220 vga - ok 20:28:15.0441 0x1220 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 20:28:15.0457 0x1220 VgaSave - ok 20:28:15.0457 0x1220 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 20:28:15.0472 0x1220 vhdmp - ok 20:28:15.0472 0x1220 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 20:28:15.0488 0x1220 viaide - ok 20:28:15.0488 0x1220 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 20:28:15.0488 0x1220 volmgr - ok 20:28:15.0503 0x1220 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 20:28:15.0519 0x1220 volmgrx - ok 20:28:15.0519 0x1220 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 20:28:15.0535 0x1220 volsnap - ok 20:28:15.0535 0x1220 [ 86C96C079293E2E06708E146A011F4C4, 10F8DBA78B76B304525FC72C83990F10133936010E26D2F9AEB2FB747F8B75C2 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe 20:28:15.0550 0x1220 vpnagent - ok 20:28:15.0566 0x1220 [ 5932B2999AEF21C4599A792599F28D89, 78B2842BA71F9DAB5BB64BA4AB97BD19DEEFB075F83D735244906D046E78B2DC ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys 20:28:15.0566 0x1220 vpnva - ok 20:28:15.0566 0x1220 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 20:28:15.0581 0x1220 vsmraid - ok 20:28:15.0614 0x1220 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 20:28:15.0646 0x1220 VSS - ok 20:28:15.0661 0x1220 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 20:28:15.0661 0x1220 vwifibus - ok 20:28:15.0677 0x1220 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 20:28:15.0693 0x1220 W32Time - ok 20:28:15.0708 0x1220 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 20:28:15.0708 0x1220 WacomPen - ok 20:28:15.0708 0x1220 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 20:28:15.0739 0x1220 WANARP - ok 20:28:15.0739 0x1220 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 20:28:15.0755 0x1220 Wanarpv6 - ok 20:28:15.0786 0x1220 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 20:28:15.0817 0x1220 wbengine - ok 20:28:15.0817 0x1220 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 20:28:15.0833 0x1220 WbioSrvc - ok 20:28:15.0849 0x1220 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 20:28:15.0864 0x1220 wcncsvc - ok 20:28:15.0864 0x1220 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 20:28:15.0864 0x1220 WcsPlugInService - ok 20:28:15.0880 0x1220 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys 20:28:15.0880 0x1220 Wd - ok 20:28:15.0895 0x1220 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 20:28:15.0911 0x1220 Wdf01000 - ok 20:28:15.0911 0x1220 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 20:28:15.0927 0x1220 WdiServiceHost - ok 20:28:15.0927 0x1220 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 20:28:15.0942 0x1220 WdiSystemHost - ok 20:28:15.0942 0x1220 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 20:28:15.0958 0x1220 WebClient - ok 20:28:15.0958 0x1220 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 20:28:15.0989 0x1220 Wecsvc - ok 20:28:15.0989 0x1220 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 20:28:16.0005 0x1220 wercplsupport - ok 20:28:16.0020 0x1220 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 20:28:16.0036 0x1220 WerSvc - ok 20:28:16.0036 0x1220 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 20:28:16.0067 0x1220 WfpLwf - ok 20:28:16.0067 0x1220 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 20:28:16.0067 0x1220 WIMMount - ok 20:28:16.0067 0x1220 WinDefend - ok 20:28:16.0083 0x1220 WinHttpAutoProxySvc - ok 20:28:16.0083 0x1220 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 20:28:16.0114 0x1220 Winmgmt - ok 20:28:16.0146 0x1220 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll 20:28:16.0193 0x1220 WinRM - ok 20:28:16.0193 0x1220 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 20:28:16.0208 0x1220 WinUsb - ok 20:28:16.0224 0x1220 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 20:28:16.0240 0x1220 Wlansvc - ok 20:28:16.0240 0x1220 [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys 20:28:16.0255 0x1220 WmBEnum - ok 20:28:16.0255 0x1220 [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys 20:28:16.0255 0x1220 WmFilter - ok 20:28:16.0255 0x1220 [ AC4331AF118A720F13C9C5CABBFE27BD, 2C5F453996B00078F3E8E731F6B3DD4529831BDA2146EAFC66727C9460E85112 ] WmHidLo C:\Windows\system32\drivers\WmHidLo.sys 20:28:16.0271 0x1220 WmHidLo - ok 20:28:16.0271 0x1220 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 20:28:16.0271 0x1220 WmiAcpi - ok 20:28:16.0286 0x1220 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 20:28:16.0302 0x1220 wmiApSrv - ok 20:28:16.0302 0x1220 WMPNetworkSvc - ok 20:28:16.0302 0x1220 [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys 20:28:16.0302 0x1220 WmVirHid - ok 20:28:16.0302 0x1220 [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys 20:28:16.0318 0x1220 WmXlCore - ok 20:28:16.0318 0x1220 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 20:28:16.0318 0x1220 WPCSvc - ok 20:28:16.0333 0x1220 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 20:28:16.0333 0x1220 WPDBusEnum - ok 20:28:16.0349 0x1220 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 20:28:16.0364 0x1220 ws2ifsl - ok 20:28:16.0364 0x1220 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 20:28:16.0380 0x1220 wscsvc - ok 20:28:16.0380 0x1220 WSearch - ok 20:28:16.0427 0x1220 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll 20:28:16.0474 0x1220 wuauserv - ok 20:28:16.0474 0x1220 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 20:28:16.0489 0x1220 WudfPf - ok 20:28:16.0489 0x1220 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 20:28:16.0505 0x1220 WUDFRd - ok 20:28:16.0505 0x1220 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 20:28:16.0520 0x1220 wudfsvc - ok 20:28:16.0520 0x1220 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 20:28:16.0536 0x1220 WwanSvc - ok 20:28:16.0536 0x1220 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys 20:28:16.0536 0x1220 xusb21 - ok 20:28:16.0536 0x1220 ================ Scan global =============================== 20:28:16.0552 0x1220 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 20:28:16.0552 0x1220 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll 20:28:16.0567 0x1220 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll 20:28:16.0567 0x1220 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 20:28:16.0567 0x1220 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 20:28:16.0583 0x1220 [ Global ] - ok 20:28:16.0583 0x1220 ================ Scan MBR ================================== 20:28:16.0583 0x1220 [ B1F7D7F6E4FBE98E578562A22A94D02C ] \Device\Harddisk0\DR0 20:28:16.0630 0x1220 \Device\Harddisk0\DR0 - ok 20:28:16.0630 0x1220 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 20:28:16.0661 0x1220 \Device\Harddisk1\DR1 - ok 20:28:16.0661 0x1220 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2 20:28:16.0723 0x1220 \Device\Harddisk2\DR2 - ok 20:28:16.0723 0x1220 ================ Scan VBR ================================== 20:28:16.0739 0x1220 [ 07646B89B9FDD3523AABCB6D6A11EC8B ] \Device\Harddisk0\DR0\Partition1 20:28:16.0739 0x1220 \Device\Harddisk0\DR0\Partition1 - ok 20:28:16.0739 0x1220 [ 35A5992728A90B0C426CD378066F1B4B ] \Device\Harddisk1\DR1\Partition1 20:28:16.0739 0x1220 \Device\Harddisk1\DR1\Partition1 - ok 20:28:16.0739 0x1220 [ 075ABC383AEC6F0C77F664ED3FF81D24 ] \Device\Harddisk1\DR1\Partition2 20:28:16.0739 0x1220 \Device\Harddisk1\DR1\Partition2 - ok 20:28:16.0739 0x1220 [ 167A7A4C275235FC8304DA85C34CCF23 ] \Device\Harddisk2\DR2\Partition1 20:28:16.0754 0x1220 \Device\Harddisk2\DR2\Partition1 - ok 20:28:16.0754 0x1220 [ EBB1E9FCB24E72B93D3C1162AE0A1AEB ] \Device\Harddisk2\DR2\Partition2 20:28:16.0754 0x1220 \Device\Harddisk2\DR2\Partition2 - ok 20:28:16.0754 0x1220 ================ Scan generic autorun ====================== 20:28:16.0770 0x1220 [ 28062B17191C9450BF6C6C3EF8C7EB27, 4859C5708DFD119021F7B7FFB38F0B316675E1E4D5D51A10D4265F712CF8CDB6 ] C:\Windows\system32\igfxtray.exe 20:28:16.0770 0x1220 IgfxTray - ok 20:28:16.0786 0x1220 [ 28FC280487F0BAAE5E8119257C4EEF8C, F574BC70B79B77912FC683B3EB0BE6929E7758284ED5B47008E18B0E4A4A09FD ] C:\Windows\system32\hkcmd.exe 20:28:16.0786 0x1220 HotKeysCmds - ok 20:28:16.0801 0x1220 [ F29BEA821C753E4F00177690F70CDC13, 0EDB40F4A4C23553C0288E6E3AD65E7B523F6764C87C6C36C3ECB0C1940C5176 ] C:\Windows\system32\igfxpers.exe 20:28:16.0817 0x1220 Persistence - ok 20:28:17.0020 0x1220 [ 47D99FEC44A9E082B2D761AB5A938CA8, FF8CAD5CD331A7DAFAA616C530F500E74663EC86BB832032D2EFD3F77EBF75FF ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 20:28:17.0239 0x1220 RtHDVCpl - ok 20:28:17.0301 0x1220 [ 638644168D9B5B5093AD84C9C162B550, BDBAB13BA6D369B7F87F721518F7EBD4B14D85B80BCC1E37FA929BB77200401B ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 20:28:17.0348 0x1220 NvBackend - ok 20:28:17.0348 0x1220 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe 20:28:17.0364 0x1220 ShadowPlay - ok 20:28:17.0379 0x1220 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 20:28:17.0395 0x1220 Sidebar - ok 20:28:17.0411 0x1220 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 20:28:17.0411 0x1220 mctadmin - ok 20:28:17.0442 0x1220 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 20:28:17.0457 0x1220 Sidebar - ok 20:28:17.0473 0x1220 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 20:28:17.0473 0x1220 mctadmin - ok 20:28:17.0520 0x1220 [ 19D119FD4B5D488302C6B50074CE0B7E, 8A1D259F7FCC3B5D63B353423EFB8245419B00176A8E546105983B9995EAFFB7 ] C:\Program Files (x86)\Thunder Master\THPanel.exe 20:28:17.0551 0x1220 THPanel - ok 20:28:17.0567 0x1220 [ 14904E77AF50FABE79F8FA9247AB5DB6, 09019651ECB8DDEA13A905FFE0D1391F557F027ABA6B7111D5E3A1AC06C16C11 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE 20:28:17.0582 0x1220 \\SPEEDPORT\USB2.0 MFP(Hi-Speed) - ok 20:28:17.0582 0x1220 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated ) 20:28:17.0582 0x1220 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmifw.exe ( 15.0.1.415 ), 0x41010 ( enabled ) 20:28:19.0976 0x1220 ============================================================ 20:28:19.0976 0x1220 Scan finished 20:28:19.0976 0x1220 ============================================================ 20:28:19.0976 0x1148 Detected object count: 0 20:28:19.0976 0x1148 Actual detected object count: 0 |
|
09.05.2015, 17:10
| #8 |
| /// the machine /// TB-Ausbilder | Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf! hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.05.2015, 19:00
| #9 |
| | Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf! Hi, hier ist der erste log. Ich hab leider zu beginn die Maus kurz bewegt. Kaspersky habe ich deaktiviert. Code:
ATTFilter ComboFix 15-05-09.01 - Sebastian 09.05.2015 19:36:40.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16237.13701 [GMT 2:00]
ausgeführt von:: c:\users\Sebastian\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-04-09 bis 2015-05-09 ))))))))))))))))))))))))))))))
.
.
2015-05-09 17:39 . 2015-05-09 17:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-08 18:20 . 2015-04-04 06:25 12032440 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{24916949-086E-4C7E-B41A-38579732ACF4}\mpengine.dll
2015-05-07 16:08 . 2015-05-07 16:08 -------- d-----w- C:\FRST
2015-05-07 16:03 . 2015-05-07 20:41 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-05-07 15:54 . 2015-05-08 20:38 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-07 15:54 . 2015-05-07 20:35 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-07 15:54 . 2015-04-14 07:37 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-05-07 15:54 . 2015-04-14 07:37 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-05-06 20:59 . 2015-05-06 20:59 -------- d-----w- c:\programdata\Malwarebytes
2015-05-05 13:28 . 2015-05-05 13:30 -------- d-----w- c:\users\Sebastian\AppData\Roaming\AdvertismentImages
2015-04-29 17:30 . 2015-04-29 17:30 -------- d-----w- c:\programdata\LogiShrd
2015-04-29 17:30 . 2015-04-29 17:30 -------- d-----w- c:\programdata\Apple
2015-04-29 17:30 . 2015-04-29 17:30 -------- d-----w- c:\program files\Bonjour
2015-04-29 17:30 . 2015-04-29 17:30 -------- d-----w- c:\program files (x86)\Bonjour
2015-04-29 17:29 . 2015-04-29 17:30 -------- d-----w- c:\program files\Logitech Gaming Software
2015-04-29 13:57 . 2015-04-29 13:57 -------- d-----w- c:\users\Sebastian\AppData\Roaming\Logitech
2015-04-29 13:57 . 2015-04-29 13:57 -------- d-----w- c:\users\Sebastian\AppData\Roaming\Logishrd
2015-04-28 14:07 . 2015-04-28 14:13 25640 ----a-w- c:\windows\gdrv.sys
2015-04-15 06:33 . 2015-03-25 03:23 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-04-15 06:32 . 2015-03-23 03:25 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-04-15 06:27 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-15 06:27 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 06:27 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-14 12:00 . 2015-04-08 20:32 560968 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-04-14 11:41 . 2015-04-19 18:36 -------- d-----w- c:\program files (x86)\Rockstar Games
2015-04-14 11:41 . 2015-04-19 18:36 -------- d-----w- c:\program files\Rockstar Games
2015-04-09 20:09 . 2015-05-07 14:26 -------- d-----w- c:\users\Sebastian\AppData\Roaming\SketchUp
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-15 20:29 . 2014-11-07 13:46 128913832 ----a-w- c:\windows\system32\MRT.exe
2015-04-09 00:58 . 2015-02-18 14:34 15818528 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-04-09 00:58 . 2014-11-12 11:24 78480 ----a-w- c:\windows\system32\OpenCL.dll
2015-04-09 00:58 . 2014-11-12 11:24 66704 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-04-09 00:58 . 2014-11-12 11:21 3317344 ----a-w- c:\windows\system32\nvapi64.dll
2015-04-09 00:58 . 2014-11-12 11:21 2935416 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-04-09 00:58 . 2014-11-12 11:21 17176128 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-04-09 00:58 . 2014-11-12 11:21 12689592 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-04-08 21:30 . 2014-11-12 11:25 3478344 ----a-w- c:\windows\system32\nvsvc64.dll
2015-04-08 21:30 . 2014-11-12 11:25 6841488 ----a-w- c:\windows\system32\nvcpl.dll
2015-04-08 21:30 . 2014-11-12 11:25 936264 ----a-w- c:\windows\system32\nvvsvc.exe
2015-04-08 21:30 . 2014-11-12 11:25 62608 ----a-w- c:\windows\system32\nvshext.dll
2015-04-08 21:30 . 2014-11-12 11:25 2558608 ----a-w- c:\windows\system32\nvsvcr.dll
2015-04-08 21:30 . 2014-11-12 11:25 385168 ----a-w- c:\windows\system32\nvmctray.dll
2015-04-08 17:52 . 2014-11-12 11:25 4336074 ----a-w- c:\windows\system32\nvcoproc.bin
2015-03-28 03:44 . 2014-11-12 11:25 1316000 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-03-28 03:44 . 2014-11-12 11:25 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-03-28 03:43 . 2014-11-12 11:25 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-03-28 03:43 . 2014-11-12 11:25 1570672 ----a-w- c:\windows\system32\nvspcap64.dll
2015-03-24 14:57 . 2014-11-09 13:37 778928 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-03-24 14:57 . 2014-11-09 13:37 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-17 04:56 . 2015-04-15 06:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-03-10 08:54 . 2014-11-07 15:54 819896 ----a-w- c:\windows\system32\drivers\klif.sys
2015-03-10 07:22 . 2015-03-17 12:30 627920 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-02-26 03:25 . 2015-03-11 11:26 3204096 ----a-w- c:\windows\system32\win32k.sys
2015-02-24 02:17 . 2014-11-07 13:41 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-20 04:41 . 2015-03-11 11:27 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 11:27 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 11:27 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 11:27 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 11:27 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 11:27 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 11:27 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 11:27 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 11:27 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 11:27 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-02-13 05:22 . 2015-03-11 11:26 14177280 ----a-w- c:\windows\system32\shell32.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"THPanel"="c:\program files (x86)\Thunder Master\THPanel.exe" [2014-09-19 2197288]
"\\SPEEDPORT\USB2.0 MFP(Hi-Speed)"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE" [2007-12-17 221696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2014-05-01 1193352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 AVP15.0.1;Kaspersky Anti-Virus Service 15.0.1;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 cpuz138;cpuz138;c:\users\SEBAST~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys;c:\users\SEBAST~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [x]
R4 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
R4 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R4 Origin Client Service;Origin Client Service;e:\origin\OriginClientService.exe;e:\origin\OriginClientService.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 ss_conn_service;SAMSUNG Mobile Connectivity Service;e:\usb drivers\25_escape\conn\ss_conn_service.exe;e:\usb drivers\25_escape\conn\ss_conn_service.exe [x]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R4 TeamViewer9;TeamViewer 9;e:\teamviewer9\TeamViewer_Service.exe;e:\teamviewer9\TeamViewer_Service.exe [x]
R4 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [x]
S0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);c:\windows\system32\DRIVERS\cm_km_w.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km_w.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 RrNetCapFilterDriver;RadioRip Filter Driver;c:\windows\system32\DRIVERS\RrNetCapFilterDriver.sys;c:\windows\SYSNATIVE\DRIVERS\RrNetCapFilterDriver.sys [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-05-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-09 14:57]
.
2015-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07 15:34]
.
2015-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07 15:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-05-09 13672152]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-03-28 2673296]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-03-28 1570672]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = proxy1.hswt.de:8080
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Nach Microsoft &Excel exportieren - e:\office\OFFICE11\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {{09A10376-994C-4BBF-9121-F50CF7BA237E} - {F2A56BFE-7911-451A-BC74-A9C3C2E95126} - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{FE069612-7581-4713-9246-B43BAB6FDE31}: NameServer = 10.156.33.53,129.187.5.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
AddRemove-FormatFactory - e:\formatfactory\uninst.exe
AddRemove-LEGO Rock Raiders - c:\windows\IsUn0407.exe
AddRemove-S3 - c:\windows\IsUn0407.exe
AddRemove-Tomb Raider II - c:\windows\IsUn0407.exe
AddRemove-Tomb Raider III - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1745351314-3532001228-714929071-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:69,e4,e0,c3,0c,3a,e9,94,c4,21,a9,cc,44,50,66,f6,c7,3d,cd,78,41,57,bc,
2d,67,b2,9e,d7,81,2d,6e,f0,ff,3b,cc,07,32,69,7e,9e,5e,56,5a,a3,62,2b,12,4f,\
"??"=hex:80,39,bd,13,9b,da,4e,4a,79,f6,11,fe,ae,aa,42,c7
.
[HKEY_USERS\S-1-5-21-1745351314-3532001228-714929071-1000\Software\SecuROM\License information*]
"datasecu"=hex:6c,ab,ab,48,73,29,9c,ff,36,59,42,47,1d,31,07,22,ef,90,dd,4d,28,
8d,db,52,5a,8d,cd,bf,18,69,f1,b5,45,b9,1f,20,b8,48,f2,e4,2d,40,6f,75,49,cd,\
"rkeysecu"=hex:33,10,40,06,a0,3e,90,cc,71,a0,2b,f2,55,36,e4,97
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-05-09 19:40:26
ComboFix-quarantined-files.txt 2015-05-09 17:40
.
Vor Suchlauf: 11 Verzeichnis(se), 183.342.850.048 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 183.825.145.856 Bytes frei
.
- - End Of File - - F9C60E516C615654E5676A2126C55D27
|
|
10.05.2015, 06:50
| #10 |
| /// the machine /// TB-Ausbilder | Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf! Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.05.2015, 11:52
| #11 |
| | Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf! Malwarebytes' Anti-Malware Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 10.05.2015 Suchlauf-Zeit: 12:36:32 Logdatei: Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.05.10.02 Rootkit Datenbank: v2015.04.21.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Sebastian Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 411070 Verstrichene Zeit: 4 Min, 15 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 0 (Keine schädliche Elemente gefunden) Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter # AdwCleaner v4.203 - Bericht erstellt 10/05/2015 um 12:43:41
# Aktualisiert 30/04/2015 von Xplode
# Datenbank : 2015-05-09.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Sebastian - SEBASTIAN-PC
# Gestarted von : C:\Users\Sebastian\Desktop\Trojaner-Board\AdwCleaner_4.203.exe
# Option : Suchlauf
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
Ordner Gefunden : C:\ProgramData\apn
Ordner Gefunden : C:\ProgramData\baidu
Ordner Gefunden : C:\Users\Sebastian\AppData\Local\Gameo
Ordner Gefunden : C:\Users\Sebastian\AppData\Local\StormFall
Ordner Gefunden : C:\Users\Sebastian\AppData\Roaming\pdfforge
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*.local
Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - proxy1.hswt.de:8080
Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Google Chrome v42.0.2311.135
*************************
AdwCleaner[R0].txt - [2382 Bytes] - [10/05/2015 12:43:41]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2441 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.0 (05.09.2015:1)
OS: Windows 7 Professional x64
Ran by Sebastian on 10.05.2015 at 12:45:45,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\apn
Successfully deleted: [Folder] C:\ProgramData\baidu
Successfully deleted: [Folder] C:\Users\Sebastian\AppData\Roaming\pdfforge
Successfully deleted: [Folder] C:\Windows\syswow64\ai_recyclebin
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.05.2015 at 12:47:45,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Sebastian (administrator) on SEBASTIAN-PC on 10-05-2015 12:51:25
Running from C:\Users\Sebastian\Desktop\Trojaner-Board
Loaded Profiles: Sebastian (Available profiles: Sebastian)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1745351314-3532001228-714929071-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2197288 2014-09-19] (Palit Microsystems Ltd.)
HKU\S-1-5-21-1745351314-3532001228-714929071-1000\...\Run: [\\SPEEDPORT\USB2.0 MFP(Hi-Speed)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE [221696 2007-12-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1745351314-3532001228-714929071-1000\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-05-01] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1745351314-3532001228-714929071-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-1745351314-3532001228-714929071-1000] => proxy1.hswt.de:8080
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1745351314-3532001228-714929071-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1745351314-3532001228-714929071-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1745351314-3532001228-714929071-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1745351314-3532001228-714929071-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java\bin\ssv.dll [2014-11-12] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-03-10] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java\bin\jp2ssv.dll [2014-11-12] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-03-10] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-11-19] (Kaspersky Lab ZAO)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-17] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{FE069612-7581-4713-9246-B43BAB6FDE31}: [NameServer] 10.156.33.53,129.187.5.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-24] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> D:\Java\bin\dtplugin\npDeployJava1.dll [2014-11-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> D:\Java\bin\plugin2\npjp2.dll [2014-11-12] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-24] ()
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-11-19] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-11-19] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-11-19] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-17] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1745351314-3532001228-714929071-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll No File
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-11-07]
Chrome:
=======
CHR HomePage: Profile 2 -> hxxp://www.google.com/
CHR StartupUrls: Profile 2 -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-07]
CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-07]
CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-07]
CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-27]
CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-11-20]
CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-07]
CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-11-13]
CHR Extension: (No Name) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-07]
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-06]
CHR Extension: (Angry Birds) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-05-06]
CHR Extension: (Google Docs) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-06]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-05-06]
CHR Extension: (Tribal Wars) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bfcoihkppmlaldchalnpmolekhkmdoej [2015-05-06]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-06]
CHR Extension: (Adblock Plus) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-06]
CHR Extension: (Google Search) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-06]
CHR Extension: (Kaspersky Protection) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-05-06]
CHR Extension: (Google Sheets) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-06]
CHR Extension: (Click&Clean) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2015-05-06]
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-06]
CHR Extension: (Gmail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-06]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
S4 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
S2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S4 Origin Client Service; E:\Origin\OriginClientService.exe [1931632 2015-04-14] (Electronic Arts)
S4 ss_conn_service; E:\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 TeamViewer9; E:\TeamViewer9\TeamViewer_Service.exe [5261584 2015-04-09] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-11-07] ()
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-11-19] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-11-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-11-07] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-06-16] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-12-20] (RapidSolution Software AG)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-11-19] (Audials AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-12-20] (RapidSolution Software AG)
R3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz138; \??\C:\Users\SEBAST~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-10 12:47 - 2015-05-10 12:47 - 00000852 _____ () C:\Users\Sebastian\Desktop\JRT.txt
2015-05-10 12:45 - 2015-05-10 12:45 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-SEBASTIAN-PC-Windows-7-Professional-(64-bit).dat
2015-05-10 12:45 - 2015-05-10 12:45 - 00000000 ____D () C:\RegBackup
2015-05-10 12:43 - 2015-05-10 12:43 - 00000000 ____D () C:\AdwCleaner
2015-05-10 12:34 - 2015-05-10 12:51 - 00000000 ____D () C:\Users\Sebastian\Desktop\Trojaner-Board
2015-05-09 20:04 - 2015-05-09 20:04 - 00026487 _____ () C:\ComboFix.txt
2015-05-09 19:36 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-09 19:36 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-09 19:36 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-09 19:36 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-09 19:36 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-09 19:36 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-09 19:36 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-09 19:36 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-09 19:35 - 2015-05-09 20:04 - 00000000 ____D () C:\Qoobox
2015-05-09 19:35 - 2015-05-09 19:39 - 00000000 ____D () C:\Windows\erdnt
2015-05-09 19:30 - 2015-05-09 19:34 - 05623215 ____R (Swearware) C:\Users\Sebastian\Desktop\ComboFix.exe
2015-05-07 20:00 - 2015-05-10 12:32 - 00007036 _____ () C:\Windows\PFRO.log
2015-05-07 18:08 - 2015-05-10 12:51 - 00000000 ____D () C:\FRST
2015-05-07 18:03 - 2015-05-07 22:41 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-07 17:54 - 2015-05-10 12:36 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-07 17:54 - 2015-05-10 12:34 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-07 17:54 - 2015-05-07 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-05-07 17:54 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-07 17:54 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-06 22:59 - 2015-05-06 22:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-06 22:36 - 2015-05-06 22:36 - 00000162 ____H () C:\Users\Sebastian\Desktop\~$benslauf-2.odt
2015-05-05 15:28 - 2015-05-05 15:30 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\AdvertismentImages
2015-04-30 21:29 - 2015-05-10 12:32 - 00000504 _____ () C:\Windows\setupact.log
2015-04-30 21:29 - 2015-04-30 21:29 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-29 22:22 - 2015-05-10 12:35 - 00233379 _____ () C:\Windows\WindowsUpdate.log
2015-04-29 19:30 - 2015-04-29 19:30 - 00000000 ____D () C:\ProgramData\LogiShrd
2015-04-29 19:30 - 2015-04-29 19:30 - 00000000 ____D () C:\ProgramData\Apple
2015-04-29 19:30 - 2015-04-29 19:30 - 00000000 ____D () C:\Program Files\Bonjour
2015-04-29 19:30 - 2015-04-29 19:30 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-04-29 19:29 - 2015-04-29 19:30 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2015-04-29 15:57 - 2015-04-29 15:57 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Logitech
2015-04-29 15:57 - 2015-04-29 15:57 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Logishrd
2015-04-28 16:07 - 2015-04-28 16:13 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-04-15 08:37 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 08:37 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 08:37 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 08:37 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 08:37 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 08:37 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 08:37 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 08:37 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 08:37 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 08:37 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 08:37 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 08:37 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 08:37 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 08:37 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 08:37 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 08:37 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 08:37 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 08:37 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 08:37 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 08:37 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 08:37 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 08:37 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 08:37 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 08:37 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 08:37 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 08:37 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 08:37 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 08:37 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 08:37 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 08:37 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 08:37 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 08:37 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 08:37 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 08:37 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 08:37 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 08:37 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 08:37 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 08:37 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 08:37 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 08:37 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 08:37 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 08:37 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 08:37 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 08:37 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 08:37 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 08:37 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 08:37 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 08:37 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 08:37 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 08:37 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 08:37 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 08:37 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 08:37 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 08:37 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 08:37 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 08:37 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 08:37 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 08:37 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 08:33 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 08:33 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 08:33 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 08:33 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 08:33 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 08:33 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 08:33 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 08:33 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 08:33 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 08:33 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 08:33 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 08:33 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 08:33 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 08:33 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 08:33 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 08:33 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 08:32 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 08:32 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 08:32 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 08:32 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 08:32 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 08:32 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 08:32 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 08:32 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 08:32 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 08:32 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 08:32 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 08:32 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 08:32 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 08:32 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 08:32 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 08:32 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 08:32 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 08:32 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 08:32 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 08:32 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 08:32 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 08:32 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 08:32 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 08:32 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 08:32 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 08:32 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 08:32 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 08:32 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 08:32 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 08:32 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 08:32 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 08:32 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 08:32 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 08:32 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 08:32 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 08:32 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 08:32 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 08:32 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 08:32 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 08:32 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 08:32 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 08:32 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 08:32 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 08:32 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 08:32 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:32 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:32 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 08:32 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 08:32 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 08:32 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 08:32 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 08:32 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 08:32 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 08:27 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 08:27 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 08:27 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-14 14:00 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-14 13:59 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-14 13:59 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-14 13:59 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-14 13:41 - 2015-04-19 20:36 - 00000000 ____D () C:\Program Files\Rockstar Games
2015-04-14 13:41 - 2015-04-19 20:36 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2015-04-14 13:38 - 2015-04-14 13:38 - 00000577 _____ () C:\Users\Public\Desktop\Grand Theft Auto V.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-10 12:50 - 2014-11-07 17:23 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-10 12:40 - 2009-07-14 06:45 - 00028688 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-10 12:40 - 2009-07-14 06:45 - 00028688 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-10 12:38 - 2009-07-14 19:58 - 00702954 _____ () C:\Windows\system32\perfh007.dat
2015-05-10 12:38 - 2009-07-14 19:58 - 00150612 _____ () C:\Windows\system32\perfc007.dat
2015-05-10 12:38 - 2009-07-14 07:13 - 01629434 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-10 12:32 - 2014-11-07 17:54 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-10 12:32 - 2014-11-07 17:23 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-10 12:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-09 21:03 - 2014-11-09 15:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-09 20:03 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-09 19:40 - 2015-01-06 02:29 - 00000000 ____D () C:\Users\Modssave
2015-05-09 19:40 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-05-07 22:41 - 2014-11-30 18:49 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Battle.net
2015-05-07 16:41 - 2015-03-17 14:17 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-07 16:30 - 2014-12-08 13:41 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\uTorrent
2015-05-07 16:27 - 2014-11-07 16:57 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\NVIDIA
2015-05-07 16:27 - 2014-11-07 15:25 - 00000000 ____D () C:\Users\Sebastian
2015-05-07 16:26 - 2015-04-09 22:09 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\SketchUp
2015-05-07 16:26 - 2015-04-04 23:29 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-07 16:26 - 2015-03-17 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-07 16:26 - 2015-02-25 14:57 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\.minecraft
2015-05-07 16:26 - 2014-12-08 22:14 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-05-07 16:26 - 2014-12-08 11:40 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Gameo
2015-05-07 16:26 - 2014-11-30 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-05-07 16:26 - 2014-11-30 18:49 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\Battle.net
2015-05-07 16:26 - 2014-11-12 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-07 16:26 - 2014-11-07 23:33 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\vlc
2015-05-07 16:26 - 2014-11-07 18:29 - 00000000 ____D () C:\Users\Sebastian\Desktop\Programme
2015-05-07 16:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-05-07 16:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-06 22:31 - 2014-11-13 19:12 - 00000000 ____D () C:\Users\Sebastian\AppData\Roaming\TeamViewer
2015-05-05 21:01 - 2014-12-01 21:47 - 00002244 ____H () C:\Users\Sebastian\Documents\Default.rdp
2015-04-30 21:31 - 2014-11-13 23:03 - 00000000 ____D () C:\Users\Sebastian\Documents\Assassin's Creed Unity
2015-04-30 21:29 - 2009-07-14 06:45 - 05127464 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-29 22:28 - 2014-11-07 16:59 - 00141520 _____ () C:\Users\Sebastian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-29 22:25 - 2014-11-07 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2015-04-29 22:22 - 2014-11-07 15:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-29 22:19 - 2014-11-12 13:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-29 19:30 - 2014-11-30 18:58 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Logitech
2015-04-28 18:50 - 2014-11-07 17:55 - 00000000 ____D () C:\ProgramData\Origin
2015-04-26 16:52 - 2014-11-07 19:13 - 00000574 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-04-22 19:58 - 2015-04-06 19:39 - 00000000 ____D () C:\Users\Sebastian\.freemind
2015-04-22 17:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-19 14:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 18:35 - 2014-12-11 11:51 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 18:35 - 2014-11-07 16:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 22:32 - 2014-11-07 17:18 - 01602778 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 22:31 - 2014-11-07 15:46 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 22:29 - 2014-11-07 15:46 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 18:18 - 2015-03-11 19:52 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-04-15 18:18 - 2009-07-14 20:18 - 00000000 ____D () C:\Windows\ShellNew
2015-04-15 18:18 - 2009-07-14 04:34 - 00000387 _____ () C:\Windows\win.ini
2015-04-15 08:13 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-14 14:00 - 2014-11-07 21:42 - 00000000 ____D () C:\temp
2015-04-14 14:00 - 2014-11-07 15:47 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-14 14:00 - 2014-11-07 15:47 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-14 13:44 - 2014-11-12 14:58 - 00000000 ____D () C:\Users\Sebastian\Documents\Rockstar Games
2015-04-14 13:42 - 2014-11-07 22:50 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\Rockstar Games
2015-04-14 13:38 - 2014-11-07 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-04-11 15:22 - 2015-02-25 14:52 - 00000000 ____D () C:\Users\Sebastian\AppData\Local\ftblauncher
==================== Files in the root of some directories =======
2015-01-23 01:02 - 2015-01-23 01:02 - 0000132 _____ () C:\Users\Sebastian\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2014-12-01 16:23 - 2014-12-28 01:24 - 0007598 _____ () C:\Users\Sebastian\AppData\Local\Resmon.ResmonCfg
2014-11-07 20:44 - 2014-12-11 20:38 - 0000041 ___SH () C:\ProgramData\.zreglib
2014-11-12 00:33 - 2014-11-12 00:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-03 15:07 - 2015-02-03 15:07 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-05 11:58
==================== End Of Log ============================
--- --- --- Geändert von Seppell (10.05.2015 um 11:50 Uhr) |
|
10.05.2015, 11:54
| #12 |
| | Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf! Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by Sebastian at 2015-05-10 12:51:41
Running from C:\Users\Sebastian\Desktop\Trojaner-Board
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1745351314-3532001228-714929071-500 - Administrator - Disabled)
Gast (S-1-5-21-1745351314-3532001228-714929071-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1745351314-3532001228-714929071-1009 - Limited - Enabled)
Sebastian (S-1-5-21-1745351314-3532001228-714929071-1000 - Administrator - Enabled) => C:\Users\Sebastian
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
ANNO 1404 - Venedig (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version: - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Audials (HKLM-x32\...\{A7207DE0-6320-4585-8335-63B24247EE7D}) (Version: 12.0.55701.100 - Audials AG)
Audials (HKLM-x32\...\{DBA5239C-921A-41CC-8A65-FFF45986372B}) (Version: 9.0.57911.1100 - RapidSolution Software AG)
AutoCAD 2015 - Deutsch (German) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - Deutsch (German) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.1.2.1000 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk AutoCAD 2015 - Deutsch (German) (HKLM\...\AutoCAD 2015 - Deutsch (German)) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Maya 2015 (HKLM\...\Autodesk Maya 2015) (Version: 15.2.1633.0 - Autodesk)
Autodesk Maya 2015 (Version: 15.2.1633.0 - Autodesk) Hidden
Autodesk Maya 2015 SP2 (HKLM\...\Autodesk Maya 2015 SP2) (Version: 15.2.1633.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk ReCap (Version: 1.3.1.39 - Autodesk) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
BioShock (HKLM-x32\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.62.0000 - 2K Games)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Breitbildfix (HKLM-x32\...\Breitbildfix) (Version: 0.5.0 - davied)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.6 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.6 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
CPUID CPU-Z 1.71 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crysis (HKLM-x32\...\{E70E73B2-DABD-40E4-AE50-81B22567F418}) (Version: 1.1.1.6115 - Electronic Arts)
Crysis WARHEAD(R) (HKLM-x32\...\Crysis WARHEAD(R)) (Version: - Electronic Arts)
Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek) Hidden
CrystalDiskInfo 6.2.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.2.1 - Crystal Dew World)
DDS Thumbnail Viewer (HKLM-x32\...\{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}) (Version: 1.00.000 - )
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DIE SIEDLER - Das Erbe der Könige (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
Die Siedler III Gold Edition (HKLM-x32\...\S3) (Version: - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.5.149.1020 - Electronic Arts Inc.)
Druckerdeinstallation für EPSON Stylus SX400 Series (HKLM\...\EPSON Stylus SX400 Series) (Version: - SEIKO EPSON Corporation)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.101 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.101 - Etron Technology) Hidden
FormatFactory 3.5.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.5.1.0 - Format Factory)
GIANTS Editor 6.0.3 64-bit (HKLM-x32\...\giants_editor_6.0.3_win64_is1) (Version: 6.0.3 - GIANTS Software GmbH)
GII_Win7_Nvidia_Workaround (HKLM-x32\...\GII_Win7_Nvidia_Workaround) (Version: 1.0 - Diverse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gothic (HKLM-x32\...\{BD56DFBF-110C-4CC2-910A-80C0759397AA}) (Version: 1.0.0 - JoWooD)
Gothic 2 Gold (HKLM-x32\...\{3A5FB407-4499-4514-BE05-A4BCADD87163}) (Version: 1.0.0 - JoWooD )
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
Gothic: Gothic I Breitbildkamera-Patch (HKLM-x32\...\Breitbild_Patch) (Version: 1.2 - davied)
Gothic_Patch (HKLM-x32\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version: - )
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.2.0.0 - GIANTS Software)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Rock Raiders (HKLM-x32\...\LEGO Rock Raiders) (Version: - )
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.1.0.6 - Marvell)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4711.1003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.1.571 - Electronic Arts, Inc.)
Patrician IV Gold (HKLM-x32\...\{CDD92071-5688-493D-9980-540D006B375C}) (Version: 1.0.0.0 - Gaming Minds Studios GmbH)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Risen (HKLM-x32\...\Steam App 40300) (Version: - Piranha – Bytes)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14123.5 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14123.5 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimCity 4 (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version: 1.1.0.3 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Star Wars Jedi Knight Jedi Academy (HKLM-x32\...\{0D994CC5-819F-4657-84DD-397B8FE1EA80}) (Version: - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Supreme Commander (HKLM-x32\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
Thunder Master v2.6 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 2.6.0.0 - Palit Microsystems Ltd.)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Tomb Raider II (HKLM-x32\...\Tomb Raider II) (Version: - )
Tomb Raider III (HKLM-x32\...\Tomb Raider III) (Version: - )
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version: - )
Tomb Raider: Legend 1.2 (HKLM-x32\...\Tomb Raider: Legend) (Version: - )
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WORLD IN CONFLICT: SOVIET ASSAULT (HKLM-x32\...\{F11ADC64-C89E-47F4-A0B3-3665FF859397}) (Version: 1.0.1.0 - Ubisoft Entertainment)
Worms Forts Under Siege (HKLM-x32\...\{917E73C2-C7DA-4C12-9774-A6A2730BCAAB}) (Version: 1.00.0001 - Ihr Firmenname)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1745351314-3532001228-714929071-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> E:\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1745351314-3532001228-714929071-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> E:\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1745351314-3532001228-714929071-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> E:\AutoCAD 2015\de-DE\acadficn.dll (Autodesk, Inc.)
==================== Restore Points =========================
01-05-2015 17:44:14 Windows Update
05-05-2015 11:56:55 Windows Update
05-05-2015 15:32:48 Removed Bonjour
07-05-2015 16:26:03 Wiederherstellungsvorgang
07-05-2015 16:30:55 Windows Update
09-05-2015 19:36:01 ComboFix created restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2015-05-09 19:39 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {21C673CA-E0B7-4641-B1DF-46298ED4A02D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-04-22] (Microsoft Corporation)
Task: {65B6CACD-22D9-4917-A00A-907D3CFB0555} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {69E61C9E-75B6-4FF8-AEEE-3B1E7C3D4F66} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7156B3A2-E0D7-47AA-87B5-E8C7E135F195} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7489857D-C08E-4815-B678-C4913FBE3FFF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {7774FF98-89DD-4943-9CBF-ED1659BD71C9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-03-17] (Microsoft Corporation)
Task: {7D88B625-6F80-45C9-81CE-90E6313D40A2} - System32\Tasks\CCleanerSkipUAC => E:\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {87ADA57C-280B-4B83-95EB-CB573EDC4A09} - System32\Tasks\ThunderMaster => C:\Program Files (x86)\Thunder Master\THPanel.exe [2014-09-19] (Palit Microsystems Ltd.)
Task: {898AF7D6-635A-461D-B1FC-43A30396982C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: {8B0246BC-AB4F-481E-8FC9-8E88E0AE1A19} - System32\Tasks\{87C913E4-7D02-4EBA-A350-DFC73BB88F81} => H:\S3\AUTORUN.EXE
Task: {9F85A9DB-0B92-4A17-8B44-1DD4C8B337C3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {B2D6CE86-5F3E-4591-994F-CD4965E032CB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-24] (Adobe Systems Incorporated)
Task: {BDA909DB-CC17-417B-92C0-852A2F2E757D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07] (Google Inc.)
Task: {C796F6C6-F3EF-4C3D-A5E3-15EAB5AD7F66} - System32\Tasks\SamsungMagician => MagPath
Task: {E9D4F055-C648-46F0-AEB9-6E0C01B93B72} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {EC87E435-F411-4CC8-B1CF-AB49CBF46A41} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-03-17] (Microsoft Corporation)
Task: {FC988F41-4EB7-46E9-AF44-3A0195EF2AAD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () E:\Notepad++\NppShell_06.dll
2015-03-17 14:17 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-20 21:53 - 2015-02-18 03:34 - 01450312 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-20 21:53 - 2015-02-18 03:34 - 00205128 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-20 21:53 - 2015-02-18 03:34 - 10864456 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\Sebastian\.DS_Store:AFP_AfpInfo
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1745351314-3532001228-714929071-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Autodesk Content Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: nkdytjtjsw32 => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: vpnagent => 2
MSCONFIG\startupfolder: C:^Users^Sebastian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Sebastian\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AudialsNotifier => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: CCleaner Monitoring => "E:\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: CloneCDTray => "E:\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: KiesPDLR.exe => E:\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
MSCONFIG\startupreg: KiesTrayAgent => E:\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: VirtualCloneDrive => "E:\VirtualCloneDrive\VCDDaemon.exe" /s
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [{F390D810-B362-4EDE-90DA-D03AB63FDF5B}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{5DE60864-663F-4450-9290-F509FFD698F1}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{7F16188A-BA77-487C-A7CE-3684F4BC08B6}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{418E1FB0-0F49-4A63-BF97-A86BC7040320}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{FE5A6ACE-019A-4EF1-883E-AF26E9F3209E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{64E301F9-6C61-4A9C-A6FA-813A40AD5AF7}] => (Allow) F:\Origin\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{BE5F4635-EA09-420C-8561-CDC10DF63ECB}] => (Allow) F:\Origin\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{E2606C35-7658-4D9A-AF10-1BB187C20786}] => (Allow) F:\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{63C1195C-4843-42FE-8A58-F2E151599314}] => (Allow) F:\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{CE2EEB3D-40FE-41E2-B28B-BAA87B79CF91}] => (Allow) F:\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{0011770B-CC87-49B0-9586-0D160E6C2551}] => (Allow) F:\Supreme Commander\Supreme Commander\bin\SupremeCommander.exe
FirewallRules: [{4B5FD04B-41BB-427B-9E13-F67C8C9F0062}] => (Allow) F:\ANNO 1404\Anno4.exe
FirewallRules: [{3B12C34E-C56D-4B75-BAFD-A6802020C8D9}] => (Allow) F:\ANNO 1404\Anno4.exe
FirewallRules: [{F48434DF-A0C1-4511-B50F-1F82B7F165EB}] => (Allow) F:\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{FD77CB45-B51F-468C-95CE-12B20A721421}] => (Allow) F:\ANNO 1404\tools\Anno4Web.exe
FirewallRules: [{5BB46788-CD62-4C31-AFC0-C1E189ED3552}] => (Allow) C:\Program Files (x86)\Kalypso Media\Patrician IV Gold\Patrician4Gold.exe
FirewallRules: [{4BDA0EA9-6211-448F-8611-5FA50F94763D}] => (Allow) F:\GTA4\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{CA840FE1-867A-4BA1-9779-C8CE3E8092F3}] => (Allow) F:\GTA4\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{BF5A931E-2C44-42E1-AA35-14B856911468}] => (Allow) F:\Assassins Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{D3E114E4-10AE-4D43-A99B-8F9A8F65B99F}] => (Allow) F:\Assassins Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{5F2E98BE-0A9C-4128-A4D9-9AED8D5D2C41}] => (Allow) F:\Assassins Creed 2\AssassinsCreedII.exe
FirewallRules: [{6EA208AB-C50B-4B7E-837E-8D58F94E711F}] => (Allow) F:\Assassins Creed 2\AssassinsCreedII.exe
FirewallRules: [{419ABBE1-5BEA-4B93-8EAA-2BF7D80E0041}] => (Allow) F:\Assassins Creed 2\UPlayBrowser.exe
FirewallRules: [{A5547E3B-18A9-4B13-ACBC-832857119CBD}] => (Allow) F:\Assassins Creed 2\UPlayBrowser.exe
FirewallRules: [{F77B3049-1A99-4CB0-9A79-E566026E9072}] => (Allow) F:\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{B91BA33E-A628-4755-96AC-9C2AAAF0DEEA}] => (Allow) F:\Assassins Creed Brotherhood\ACBSP.exe
FirewallRules: [{2310B58C-5D56-4940-BFDF-8C283A241CB6}] => (Allow) F:\Assassins Creed Brotherhood\ACBMP.exe
FirewallRules: [{A2EB0B5E-97D9-4603-AEBE-C42F22C9C26A}] => (Allow) F:\Assassins Creed Brotherhood\ACBMP.exe
FirewallRules: [{80605B5C-B73C-4C68-BF25-CFE7A5ACA2E8}] => (Allow) F:\Assassins Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{82CD1AB4-EE13-42CB-8955-D2CE54F3BEF4}] => (Allow) F:\Assassins Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{8FFD8714-A4DC-44E8-B799-6D893263E73E}] => (Allow) F:\Assassins Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{5A323FA0-CB1B-4F44-9871-19788F1E6074}] => (Allow) F:\Assassins Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{9AC38C70-B523-4333-A81E-752A477F5062}] => (Allow) F:\Assassins Creed Revelations\ACRSP.exe
FirewallRules: [{5456D2F8-526E-4BA5-ACB8-7AA9F041269D}] => (Allow) F:\Assassins Creed Revelations\ACRSP.exe
FirewallRules: [{7583B2E8-D2E0-413E-A210-E59BD07D5D1E}] => (Allow) F:\Assassins Creed Revelations\ACRMP.exe
FirewallRules: [{B24A932D-8DE3-45BA-A9AE-C6BB01F67585}] => (Allow) F:\Assassins Creed Revelations\ACRMP.exe
FirewallRules: [{5860B4C9-FA47-4600-9FD0-B70AA5345747}] => (Allow) F:\Assassins Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{8A40A1A0-D50F-4CAA-8B66-DF29B649EA76}] => (Allow) F:\Assassins Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{D0F9D2D5-814E-48AF-9975-3D6A07B8EAD0}] => (Allow) F:\Assassins Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{88EDDF7C-F2FF-4DA2-B47E-A3A226703457}] => (Allow) F:\Assassins Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{F42AC2AA-7C31-4DEC-8EDA-14CF163D1E1D}] => (Allow) F:\Assassins Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{4C53D78A-C41A-4BD3-A7AF-1B28F0CB28ED}] => (Allow) F:\Assassins Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{A3B12DD2-B2C2-4695-B9C0-A23738A3BC8E}] => (Allow) F:\Assassins Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{8F3BA1F4-A4BD-4AC2-92D1-F9F86FC28F7A}] => (Allow) F:\Assassins Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{DD3012CC-E3EB-4F5D-8286-E96C7190C71F}] => (Allow) F:\SimCity\SimCity\SimCity\SimCity.exe
FirewallRules: [{92B551DA-989B-4B0F-B544-23F7B7B6A241}] => (Allow) F:\SimCity\SimCity\SimCity\SimCity.exe
FirewallRules: [{54E27879-8A3C-4D6B-8D65-10D4FA379780}] => (Allow) F:\World in Conflikt\wic.exe
FirewallRules: [{C0595994-2F95-4501-A7D6-D4432A451DC0}] => (Allow) F:\World in Conflikt\wic.exe
FirewallRules: [{33692EBC-2135-4525-A0AB-2929E1228E8B}] => (Allow) F:\World in Conflikt\wic_online.exe
FirewallRules: [{BEB31215-0E86-4B4B-9FD4-9CA1B76B044E}] => (Allow) F:\World in Conflikt\wic_online.exe
FirewallRules: [{50512174-FE5A-4397-93D6-BA2C9DE44816}] => (Allow) F:\World in Conflikt\wic_ds.exe
FirewallRules: [{CF2ACB93-25E2-4E9A-8635-C0CA4A41860D}] => (Allow) F:\World in Conflikt\wic_ds.exe
FirewallRules: [{B7751D01-D184-4C70-9E72-8179DA3BFE1D}] => (Allow) F:\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{35005F13-897E-401F-B6C7-FB9FFBD11102}] => (Allow) F:\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{01D72F0F-6ADF-4A55-B04A-73120924D805}] => (Allow) F:\ANNO 1404\Addon.exe
FirewallRules: [{1C59F7AD-AFB1-4452-A9EC-0F837BACAC4F}] => (Allow) F:\ANNO 1404\Addon.exe
FirewallRules: [{8DF4EE42-31BD-49C1-8D93-577D2B192F66}] => (Allow) F:\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{929AA978-CC66-4133-A04A-596BCFC49FBE}] => (Allow) F:\ANNO 1404\tools\AddonWeb.exe
FirewallRules: [{A6EC23A7-453A-4198-80B3-AFC528E9C6E3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0980D154-F9F8-4482-A29D-D9400CE97E8A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{051E90F1-615B-4C43-980E-805AC76CD22E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FF2711F7-D7C0-4A62-BA67-16D4C3FC6BB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8CEF5C64-8659-4C50-A352-23072D9210C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DDAB1FF3-B1D2-4D3F-A4A0-1491C46AE53A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{828D492C-5D94-4C6A-9BA8-956A39D201F5}] => (Allow) F:\Assassin's Creed Unity\ACU.exe
FirewallRules: [{397F08C8-BDF4-4BCD-B1C3-AD98D6035459}] => (Allow) F:\Assassin's Creed Unity\ACU.exe
FirewallRules: [{1DD8A585-D5FD-448B-8C3A-B0D18E47F39A}] => (Allow) F:\SimCity\SimCity 4 Deluxe Edition\Apps\SimCity 4.exe
FirewallRules: [{1F62EBB6-4825-4C4F-A3E5-EA2E3CC283C0}] => (Allow) F:\SimCity\SimCity 4 Deluxe Edition\Apps\SimCity 4.exe
FirewallRules: [{52BDCCE5-FE06-4A7F-B396-8ECB49685CA3}] => (Allow) F:\Spiele Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{3522A447-45DF-48E7-9065-DC5C54B4A6D8}] => (Allow) F:\Spiele Steam\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{70CAD1BB-28BE-4BA8-9496-03F7C78C992E}] => (Allow) F:\Spiele Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{A887B6CD-4F2E-438F-A8B9-FFEE677F8E18}] => (Allow) F:\Spiele Steam\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{0FBD8DD9-B2A7-4BF6-A8DC-40F37E4FE2C5}] => (Allow) F:\Spiele Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{843AB26F-80CE-4DFC-A50D-050A0DB459A7}] => (Allow) F:\Spiele Steam\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{7F52DA87-E71E-4AE5-B425-70F3A289816E}] => (Allow) F:\Spiele Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{2BC39502-3892-4D11-A2AC-BA84915D9DBF}] => (Allow) F:\Spiele Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{6C9EC92D-A0B3-44AB-AC9A-E42F182C392E}] => (Allow) F:\Spiele Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{70AD5A4B-2A25-4242-B7D6-A43DFB6624A9}] => (Allow) F:\Spiele Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{D78DBEEE-B603-48EC-8BC7-BE60C4D7DC4D}] => (Allow) F:\Spiele Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{CD5C3DE8-774D-49BD-B3BA-113E497DB6F5}] => (Allow) F:\Spiele Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{78D3D324-E07F-488F-8624-0E0E716A736F}] => (Allow) E:\Battle.net\Battle.net.exe
FirewallRules: [{D3212178-CB41-488D-B5A4-AC5380DA1C19}] => (Allow) E:\Battle.net\Battle.net.exe
FirewallRules: [{0F9A4C2F-3030-4915-82A6-113B937D2099}] => (Allow) F:\Spiele\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{389299B8-44A4-4612-9F9A-011E48215FFB}] => (Allow) F:\Spiele\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{F091B7CD-3EE4-490D-9429-5C39C595732E}] => (Allow) F:\Spiele Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{31F662A2-03D9-44ED-95D4-87651B7DE20B}] => (Allow) F:\Spiele Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{18AE4F37-84EB-4088-8AC0-BE33642E9456}] => (Allow) F:\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{B9618FA9-0761-46CD-A770-E49304224D8E}] => (Allow) F:\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{6CC99070-CABC-4AFE-9F08-D8C8DA9B8420}] => (Allow) F:\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{48F8FA50-E19B-414F-AE83-8716ABEC2B50}] => (Allow) F:\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{06DC03A3-DADB-4891-9AB8-0FB382E9CB0E}] => (Allow) F:\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{0403087E-F850-4C03-88D9-F118D409861A}] => (Allow) F:\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{1060483D-A8B5-4C4E-A51F-5CA4535270F8}] => (Allow) C:\Users\Sebastian\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{34B58678-DD87-430F-B2DF-26B47EBF2E71}] => (Allow) C:\Users\Sebastian\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3DE27141-6FBD-413A-9A7A-75B0044E5970}] => (Allow) C:\Program Files (x86)\Audials\Audials 12\Audials.exe
FirewallRules: [{E111C5F4-1DDA-4EDF-9842-C8BBE0295218}] => (Allow) LPort=12972
FirewallRules: [{FAC1FAF2-A0B5-40B5-A3FB-A576E6B46169}] => (Allow) LPort=14714
FirewallRules: [{7DC7862B-5066-4E0B-95EA-9DC34AFF0BE6}] => (Allow) LPort=31931
FirewallRules: [{102C8D8B-1301-4DB6-B231-5C9B952EDD8E}] => (Allow) F:\Spiele\Crysis\Bin32\Crysis.exe
FirewallRules: [{21F44B5B-7315-4802-8D0D-D595D4A3E9AD}] => (Allow) F:\Spiele\Crysis\Bin32\Crysis.exe
FirewallRules: [{04C62F58-D608-4BDE-9E75-E8AF4596C47C}] => (Allow) F:\Spiele\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{7B541178-7B29-420E-9DFE-88B55255510A}] => (Allow) F:\Spiele\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{F8D5D151-A7BC-4B33-824B-1B8B6571C751}] => (Allow) F:\Spiele\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{2737F06C-0256-4659-9BDD-9CBC68E5ABAA}] => (Allow) F:\Spiele\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{2089AD30-ACBC-4769-863F-95CC0348D3FE}] => (Allow) F:\Assassins Creed 3\AC3SP.exe
FirewallRules: [{A6F2A0B8-1518-4653-9100-BDA3A23866E6}] => (Allow) F:\Assassins Creed 3\AC3SP.exe
FirewallRules: [{01626260-0188-4A3F-8574-0EAF77A5C0B8}] => (Allow) F:\Assassins Creed 3\AC3MP.exe
FirewallRules: [{E3C30BC4-C3A5-49FE-99A7-1CA40C4DF7A1}] => (Allow) F:\Assassins Creed 3\AC3MP.exe
FirewallRules: [{27A71990-218B-4BE4-9837-2117316D2E78}] => (Allow) F:\Assassins Creed 3\AssassinsCreed3.exe
FirewallRules: [{EB0D1918-A5B2-4B76-A03D-8FBA243BCC7C}] => (Allow) F:\Assassins Creed 3\AssassinsCreed3.exe
FirewallRules: [{2F99D597-4164-4F7F-97A2-F261081A357D}] => (Allow) F:\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{949D1CC3-64D7-4633-9DD8-047078D3FFDF}] => (Allow) F:\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{E35BD06A-C27D-4FA5-8BB6-80F957B7BFD9}] => (Allow) F:\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{51702E89-8475-499E-8BD3-D9D5A2ED502D}] => (Allow) F:\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{184E459A-1AC8-4280-BA60-40E39D330C2B}] => (Allow) F:\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{1670F949-27E2-4A1F-B1AF-9C0341BD1E4D}] => (Allow) F:\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{A145C0C7-A4C1-494A-A3B8-8085D2A74567}] => (Allow) F:\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{0132F3C0-451D-41D1-AB15-75A255D5AFA7}] => (Allow) F:\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{BC8CD834-3702-4D63-AA7F-9122BF6E2B0E}] => (Allow) F:\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{62D1A47A-E9E8-4610-8724-E53E7C78DDF5}] => (Allow) F:\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{0B760F7F-E931-4AD8-8766-7DACFAEC5C53}] => (Allow) E:\Photoshop\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{1BDD44A7-30F7-49C6-8918-0439939BB5EF}] => (Allow) E:\Photoshop\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{C57A2A96-2927-424B-9135-C2724FFDE20D}] => (Allow) LPort=7935
FirewallRules: [{EC527781-115C-4982-9DCD-E602273A67C2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{C1CFA0C3-B3EB-44EC-B272-BA3715595C4A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{6F01B93C-A1A0-4ACD-97FD-72AFC76EC6DA}] => (Allow) F:\Spiele\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{79EBBFD1-EA9E-4E0A-A725-C7D84EC2797D}] => (Allow) F:\Spiele\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{9CE5E9C4-7395-411E-A4BD-1ED1A4D17133}] => (Allow) LPort=50248
FirewallRules: [{5EC09CAF-DF25-4B12-87B1-6EFF99FBE2DE}] => (Allow) F:\Spiele Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{593CE30F-5399-4068-8C5F-53F6DDD85BEB}] => (Allow) F:\Spiele Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{A642BCA7-98D9-48D0-93EE-301460424FA1}] => (Allow) F:\Spiele Steam\steamapps\common\Risen\bin\Risen.exe
FirewallRules: [{A2226266-DABB-4A70-9B66-5383293B8FA7}] => (Allow) F:\Spiele Steam\steamapps\common\Risen\bin\Risen.exe
FirewallRules: [{95999620-A57F-43A6-A766-C05BE49BFDA8}] => (Allow) F:\Spiele Steam\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{A6EA2B73-51C7-4FA5-8F66-6433861099ED}] => (Allow) F:\Spiele Steam\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{9CE50B14-78FE-49E0-A989-7EE3895C0160}] => (Allow) F:\Spiele Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{1C0DD5CD-A0F4-479D-8396-8E1834449998}] => (Allow) F:\Spiele Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{6F4B2631-B6E3-4E70-BE63-19307B2F3F25}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{C14D818B-6B09-4A10-9696-8289F6437AED}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{B6A2EEAA-096A-4A33-B144-B48CDD21D32D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{01D4C8D7-66DD-45ED-83AB-F14161A779C0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{04CEC879-8C0E-49E1-B60C-483B2F677A9E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{FBBFC95C-C5E8-4A30-A20B-803773CE0B26}] => (Allow) F:\Uplay Spiele\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{E9C28117-E99C-481F-B061-A778B658B0C4}] => (Allow) F:\Uplay Spiele\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{5195E5DB-CDEA-484A-9D4C-589EB4F0A478}] => (Allow) F:\Sims4\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{654AF412-C644-49AE-87F2-5E96C1245432}] => (Allow) F:\Sims4\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{F3C0FE26-F5FF-41AE-8F81-5AC767F86B23}] => (Allow) E:\TeamViewer9\TeamViewer.exe
FirewallRules: [{C54DE7CA-A5CC-48B9-8F5F-D67F16B47BA7}] => (Allow) E:\TeamViewer9\TeamViewer.exe
FirewallRules: [{4FEFC977-BEA3-4B76-837D-78CF0D638154}] => (Allow) E:\TeamViewer9\TeamViewer_Service.exe
FirewallRules: [{C5FD9C96-B8A6-47C2-A589-62DA28EA362B}] => (Allow) E:\TeamViewer9\TeamViewer_Service.exe
FirewallRules: [{BDB41329-A5F8-46B2-A6A1-AE342C48BB55}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{2023BC34-EEC2-4017-97BB-3ABF8028FEAC}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{45F6A168-3AF2-48DA-A19A-2DB82FB01E74}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C9EF20F0-0FA0-4FD3-9D76-B427720CDB35}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{38FC0218-526D-4792-86BA-5E7BF338BC2E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CDE5A3F1-8CF4-4C4F-872B-E7554BD0EAA9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4424A44B-949B-4683-9F99-FA9DFF48F8E6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7487CA95-6EB3-4D11-B545-F42377E7E3ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{785772B1-C2FD-4F0C-9B5F-E605FC981873}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
==================== Faulty Device Manager Devices =============
Name: Intel(R) HD Graphics
Description: Intel(R) HD Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/09/2015 08:22:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PPClientAssembly,processorArchitecture="x86",type="x64",version="2008.1.17012.4817"1".
Die abhängige Assemblierung "PPClientAssembly,processorArchitecture="x86",type="x64",version="2008.1.17012.4817"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/09/2015 08:22:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (05/07/2015 06:33:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PPClientAssembly,processorArchitecture="x86",type="x64",version="2008.1.17012.4817"1".
Die abhängige Assemblierung "PPClientAssembly,processorArchitecture="x86",type="x64",version="2008.1.17012.4817"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/07/2015 06:31:16 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (05/07/2015 04:24:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 14dc
Startzeit: 01d088d17b1a570d
Endzeit: 14
Anwendungspfad: C:\Windows\explorer.exe
Berichts-ID: c62190d6-f4c4-11e4-b5d1-50e5495bf9d2
Error: (05/07/2015 04:24:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 794
Startzeit: 01d088ce1289e623
Endzeit: 21
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: b6f2ee0d-f4c4-11e4-b5d1-50e5495bf9d2
Error: (05/06/2015 10:49:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GFExperience.exe, Version 2.4.3.22 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1660
Startzeit: 01d0883d5b48fdb5
Endzeit: 51
Anwendungspfad: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
Berichts-ID:
Error: (05/06/2015 09:53:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GTA5.exe, Version 1.0.350.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f6c
Startzeit: 01d08831fc9adc65
Endzeit: 279
Anwendungspfad: F:\GTA 5\GTA5.exe
Berichts-ID:
Error: (05/06/2015 09:21:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm GTA5.exe, Version 1.0.350.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c5c
Startzeit: 01d08826f95bc130
Endzeit: 165
Anwendungspfad: F:\GTA 5\GTA5.exe
Berichts-ID:
Error: (05/06/2015 06:39:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18798, Zeitstempel: 0x5507b864
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001883d
ID des fehlerhaften Prozesses: 0xc28
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
System errors:
=============
Error: (05/10/2015 00:46:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/10/2015 00:46:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/10/2015 00:46:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/10/2015 00:46:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/10/2015 00:46:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/10/2015 00:46:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/10/2015 00:46:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/09/2015 08:03:34 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/09/2015 08:02:11 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/09/2015 07:39:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Microsoft Office Sessions:
=========================
Error: (05/09/2015 08:22:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: PPClientAssembly,processorArchitecture="x86",type="x64",version="2008.1.17012.4817"e:\autocad 2015\autocad_2015_german_win_64bit_r1_dlm\x64\acad\program files\Root\Locked\acad.exe
Error: (05/09/2015 08:22:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
Error: (05/07/2015 06:33:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: PPClientAssembly,processorArchitecture="x86",type="x64",version="2008.1.17012.4817"e:\autocad 2015\autocad_2015_german_win_64bit_r1_dlm\x64\acad\program files\Root\Locked\acad.exe
Error: (05/07/2015 06:31:16 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
Error: (05/07/2015 04:24:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.1.7601.1756714dc01d088d17b1a570d14C:\Windows\explorer.exec62190d6-f4c4-11e4-b5d1-50e5495bf9d2
Error: (05/07/2015 04:24:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.1756779401d088ce1289e62321C:\Windows\Explorer.EXEb6f2ee0d-f4c4-11e4-b5d1-50e5495bf9d2
Error: (05/06/2015 10:49:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GFExperience.exe2.4.3.22166001d0883d5b48fdb551C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
Error: (05/06/2015 09:53:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GTA5.exe1.0.350.2f6c01d08831fc9adc65279F:\GTA 5\GTA5.exe
Error: (05/06/2015 09:21:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: GTA5.exe1.0.350.2c5c01d08826f95bc130165F:\GTA 5\GTA5.exe
Error: (05/06/2015 06:39:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.187985507b864c0000005000000000001883dc2801d0880efa4f0b41E:\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll82e37e58-f40e-11e4-bb70-50e5495bf9d2
CodeIntegrity Errors:
===================================
Date: 2015-05-09 19:39:03.659
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-09 19:39:03.628
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-13 13:32:49.951
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-13 13:32:49.951
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-13 13:30:00.784
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-13 13:30:00.722
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-14 19:08:24.950
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-14 19:08:24.934
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-14 19:05:18.505
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-14 19:05:18.450
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Percentage of memory in use: 13%
Total physical RAM: 16237.11 MB
Available physical RAM: 13974.98 MB
Total Pagefile: 16435.3 MB
Available Pagefile: 13982.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.47 GB) (Free:170.89 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten) (Fixed) (Total:341.8 GB) (Free:139.22 GB) NTFS
Drive e: (Programme) (Fixed) (Total:175.78 GB) (Free:119.79 GB) NTFS
Drive f: (Spiele) (Fixed) (Total:589.71 GB) (Free:118.91 GB) NTFS
Drive g: (Images) (Fixed) (Total:289.98 GB) (Free:224.39 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 7FCFFD77)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 65CB6360)
Partition 1: (Not Active) - (Size=341.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=589.7 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4761DDBE)
Partition 1: (Not Active) - (Size=175.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=290 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
11.05.2015, 09:19
| #13 |
| /// the machine /// TB-Ausbilder | Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf! AdwCleaner nochmal, und bitte löschen lassen. ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Fenster wirft mich auf den Desktop! GTA5 hängt sich deswegen auf! |
| fehlercode 0xc0000005, fehlercode 22, fehlercode windows, internet, internet explorer, malwarebytes, microsoft, pup.optional.gameo.a, pup.optional.gameo.c, pup.optional.infonaut.a, pup.optional.installcore.a, pup.optional.opencandy, pup.optional.stormwatchapp.a, pup.optional.vosteran.a, pup.optional.vosteran.c, quarantäne, rogue.multiple, taskmanager, this device is disabled. (code 22), webseiten |
WARNUNG an die MITLESER: 
Linear-Darstellung
