|
Log-Analyse und Auswertung: Zugriff auf GMX durch dritte. Trojaner o.ä.?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
22.05.2015, 19:01 | #1 |
| Zugriff auf GMX durch dritte. Trojaner o.ä.? Hallo Helfer! Problem : Heute eine E-Mail bekommen von GMX mit dem Inhalt: "GMX Sicherheit: Vorsorgliche Sicherheitssperre Ihres GMX Postfachs Unsere automatisierten Sicherheitssysteme haben Unregelmäßigkeiten beim Zugriff auf Ihr GMX Postfach festgestellt. Zu Ihrem persönlichen Schutz haben wir vorsorglich Ihr Postfach gesperrt. Daher werden wir Sie beim nächsten Login auffordern, Ihr Passwort zu ändern." Ich weiß nun nicht, ob wirklich jmd Zugriff hatte Hab direkt das PW geändert. Ich rufe Emails nur über Thunderbird ab, habe dort auch das PW gespeichert. Ich nutze nirgendwo anders dieses Pw, auch nicht in ähnlicher Form und rufe die Mails auch nicht über mein Handy ab. Wie gesagt, ausschliesslich Thunderbird. Dort ist das PW aber eben auch gespeichert. Ist das Sicherheitstechnisch bedenklich und ich gebe die in Zukunft lieber per Hand ein? Gmer stürzt ab??? Edit: Im abgesicherten Modus läuft GMER und meldet " GMER hasn't found any system modification" Wieso schmiert mir das im normalen Modus ab? -_- Defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1) Log created at 01:57 on 22/05/2015 (Ash) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. HKCU:DAEMON Tools Lite -> Removed Checking for services/drivers... -=E.O.F=- Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2015 Ran by Ash (administrator) on ASH-PC on 22-05-2015 02:26:12 Running from C:\Users\Ash\Desktop Loaded Profiles: Ash (Available profiles: Ash) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe (www.counter-strike.de - MUff[99]) C:\Users\Ash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gammacontrol.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (E.W.E.-Software) C:\Users\Ash\AppData\Roaming\TV Movie\TV Movie Clickfinder\tvtip.exe () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DIPAwayMode\DipAwayMode.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\AsusFanControlService.exe (AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (SplitCam Co.) C:\Program Files (x86)\SplitCam\SplitCamService.exe (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe (Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor) HKLM-x32\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.) HKU\S-1-5-21-3066379646-2778961134-1701944576-1000\...\Run: [TVTip] => C:\Users\Ash\AppData\Roaming\TV Movie\TV Movie Clickfinder\tvstart.exe [102400 2012-01-24] (E.W.E.-Software) HKU\S-1-5-21-3066379646-2778961134-1701944576-1000\...\MountPoints2: {4f80c3ff-e756-11e4-9c22-ac220bc62429} - J:\iStudio.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-01-06] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-01-06] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () Startup: C:\Users\Ash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gammacontrol.exe [2015-02-02] (www.counter-strike.de - MUff[99]) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-28] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3066379646-2778961134-1701944576-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-20] (Avast Software s.r.o.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-03] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-20] (Avast Software s.r.o.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-03] (Oracle Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt FireFox: ======== FF ProfilePath: C:\Users\Ash\AppData\Roaming\Mozilla\Firefox\Profiles\fuf6qhfb.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-15] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-15] () FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-03] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-03] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.) FF Extension: Session Manager - C:\Users\Ash\AppData\Roaming\Mozilla\Firefox\Profiles\fuf6qhfb.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2015-01-11] FF Extension: Video DownloadHelper - C:\Users\Ash\AppData\Roaming\Mozilla\Firefox\Profiles\fuf6qhfb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-16] FF Extension: Adblock Plus - C:\Users\Ash\AppData\Roaming\Mozilla\Firefox\Profiles\fuf6qhfb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-11] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-12] Chrome: ======= CHR Profile: C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-02-02] CHR Extension: (AdBlock) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-02] CHR Extension: (Bookmark Manager) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13] CHR Extension: (Session Manager) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghenlmbmjcpehccoangkdpagbcbkdpc [2015-02-02] CHR Extension: (Google Wallet) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-06] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-12] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-08-01] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-09-18] (ASUSTeK Computer Inc.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\AsusFanControlService.exe [1690424 2013-09-18] (ASUSTeK Computer Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-28] (Avast Software s.r.o.) R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [368640 2013-06-26] (AVerMedia) [File not signed] R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed] R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation) S3 Origin Client Service; E:\Origin\OriginClientService.exe [1910640 2015-03-05] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-05-11] () R2 SpliCamService; C:\Program Files (x86)\SplitCam\SplitCamService.exe [311424 2014-09-15] (SplitCam Co.) R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-28] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-28] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-28] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-28] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-28] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-28] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-28] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-28] () S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [804992 2013-06-05] (AVerMedia TECHNOLOGIES, Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-11] (Disc Soft Ltd) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-31] (Intel Corporation) R1 Eve; C:\Windows\System32\DRIVERS\eve.sys [41304 2014-04-10] () R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-01] (Intel Corporation) S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-18] (Riverbed Technology, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2014-04-08] (Realtek Semiconductor Corporation ) R3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2014-06-30] (Windows (R) Win 7 DDK provider) R3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-30] (Windows (R) Win 7 DDK provider) S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] () S4 NVHDA; system32\drivers\nvhda64v.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2039-01-10 04:41 - 2015-04-10 03:41 - 00000000 _____ () C:\Users\Ash\AppData\Local\{86B65B10-9008-48B5-8480-F7F2990BB5CA} 2015-05-22 02:26 - 2015-05-22 02:26 - 00017165 _____ () C:\Users\Ash\Desktop\FRST.txt 2015-05-22 01:57 - 2015-05-22 01:57 - 00000538 _____ () C:\Users\Ash\Desktop\defogger_disable.log 2015-05-22 01:57 - 2015-05-22 01:57 - 00000168 _____ () C:\Users\Ash\defogger_reenable 2015-05-22 01:57 - 2015-05-22 01:56 - 02108416 _____ (Farbar) C:\Users\Ash\Desktop\FRST64.exe 2015-05-22 01:57 - 2015-05-22 01:56 - 00380416 _____ () C:\Users\Ash\Desktop\Gmer-19357.exe 2015-05-22 01:57 - 2015-05-22 01:56 - 00050477 _____ () C:\Users\Ash\Desktop\Defogger.exe 2015-05-22 01:47 - 2015-05-22 02:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2015-05-22 00:55 - 2015-05-22 00:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-05-22 00:24 - 2015-05-22 00:24 - 00000000 ____D () C:\Users\Ash\Desktop\big ones 2015-05-22 00:19 - 2015-05-22 00:19 - 10382526 _____ () C:\Users\Ash\Desktop\Skills Kodie Movies.mp4 2015-05-22 00:18 - 2015-05-22 00:20 - 32583415 _____ () C:\Users\Ash\Desktop\Birthday present Kodie Movies.mp4 2015-05-19 01:24 - 2015-05-19 01:24 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-05-19 01:24 - 2015-05-19 01:24 - 00000000 ____D () C:\Users\Ash\AppData\Local\Ubisoft Game Launcher 2015-05-19 01:24 - 2015-05-19 01:24 - 00000000 ____D () C:\Program Files (x86)\Ubisoft 2015-05-14 02:39 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-14 02:39 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 13:36 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-05-13 13:36 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-05-13 13:36 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-05-13 13:36 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-05-13 13:36 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-05-13 13:36 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-05-13 13:36 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-05-13 13:36 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-05-13 13:36 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-05-13 13:36 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-05-13 13:36 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-05-13 13:36 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-05-13 13:36 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-05-13 13:36 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-05-13 13:36 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-05-13 13:36 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-05-13 13:36 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-05-13 13:36 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-05-13 13:36 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-05-13 13:36 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-05-13 13:36 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-05-13 13:36 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-05-13 13:36 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-05-13 13:36 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-05-13 13:36 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-05-13 13:36 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-05-13 13:36 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-05-13 13:36 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-05-13 13:36 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-05-13 13:36 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-05-13 13:36 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-05-13 13:36 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-05-13 13:36 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-05-13 13:36 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-05-13 13:36 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-05-13 13:36 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-05-13 13:36 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-05-13 13:36 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-05-13 13:36 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-05-13 13:36 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-05-13 13:36 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-05-13 13:36 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-05-13 13:36 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-05-13 13:36 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-05-13 13:36 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-05-13 13:36 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-05-13 13:36 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-05-13 13:36 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-05-13 13:36 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-05-13 13:36 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-05-13 13:36 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-05-13 13:36 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-05-13 13:36 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-05-13 13:36 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-05-13 13:36 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-05-13 13:36 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-05-13 13:36 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-05-13 13:36 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-05-13 13:36 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-05-13 13:36 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-05-13 13:36 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-05-13 13:36 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-05-13 13:36 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-05-13 13:36 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-05-13 13:34 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-05-13 13:34 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-05-13 13:34 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-05-13 13:34 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-05-13 13:34 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-05-13 13:34 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-05-13 13:34 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-05-13 13:34 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-05-13 13:34 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-05-13 13:34 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-05-13 13:34 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-05-13 13:34 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-05-13 13:34 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-05-13 13:34 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-05-13 13:34 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-05-13 13:34 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-05-13 13:34 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-05-13 13:34 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-05-13 13:34 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-05-13 13:34 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-05-13 13:34 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-05-13 13:34 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-05-13 13:34 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-05-13 13:34 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2015-05-13 13:34 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-05-13 13:34 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-05-13 13:34 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-05-13 13:34 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-05-13 13:34 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-05-13 13:34 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-05-13 13:34 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2015-05-13 13:34 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe 2015-05-13 13:34 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe 2015-05-13 13:34 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe 2015-05-13 13:34 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-05-13 13:34 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-05-13 13:34 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-05-13 13:34 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-05-13 13:34 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-05-13 13:34 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-05-13 13:34 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe 2015-05-13 13:34 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-05-13 13:34 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-05-13 13:34 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-05-13 13:34 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-05-13 13:34 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-05-13 13:34 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-05-13 13:34 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-05-13 13:34 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-05-13 13:34 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-05-13 13:34 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-05-13 13:34 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-05-13 13:34 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-05-13 13:34 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-05-13 13:34 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-05-13 13:34 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-05-13 13:34 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-05-13 13:34 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2015-05-13 13:34 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-05-13 13:34 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2015-05-13 13:34 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll 2015-05-13 13:34 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll 2015-05-13 13:34 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe 2015-05-13 13:34 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2015-05-13 13:34 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-05-13 13:34 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2015-05-13 13:34 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2015-05-12 22:59 - 2015-05-12 22:59 - 00001720 _____ () C:\Users\Public\Desktop\Stellarium.lnk 2015-05-11 00:46 - 2015-05-11 00:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Chart Controls 2015-05-10 18:11 - 2015-05-10 18:11 - 00000000 ____D () C:\Users\Ash\AppData\Local\Darksiders 2015-05-10 18:10 - 2015-05-11 00:46 - 00003866 _____ () C:\Windows\DirectX.log 2015-05-10 18:10 - 2015-05-10 18:10 - 00000000 ____D () C:\Windows\SysWOW64\directx 2015-05-10 18:10 - 2015-05-10 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ 2015-05-10 18:10 - 2015-05-10 18:10 - 00000000 ____D () C:\Program Files (x86)\THQ 2015-05-10 16:32 - 2015-05-10 16:32 - 00000579 _____ () C:\Users\Ash\Desktop\TERA.lnk 2015-05-10 16:32 - 2015-05-10 16:32 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\TERA 2015-05-10 16:30 - 2015-05-20 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2015-05-10 16:30 - 2015-05-10 16:30 - 00000541 _____ () C:\Users\Public\Desktop\Gameforge Live.lnk 2015-05-10 16:30 - 2015-05-10 16:30 - 00000000 ____D () C:\Users\Ash\AppData\Local\Gameforge4d 2015-05-09 20:42 - 2015-05-09 20:42 - 00000000 ____D () C:\Program Files\Bonjour 2015-05-09 20:42 - 2015-05-09 20:42 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2015-05-09 20:41 - 2015-05-09 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2015-05-09 19:36 - 2015-05-21 23:36 - 00008546 _____ () C:\Windows\setupact.log 2015-05-09 19:36 - 2015-05-09 19:36 - 00000000 _____ () C:\Windows\setuperr.log 2015-05-08 19:45 - 2015-05-10 16:20 - 00000000 ____D () C:\ProgramData\boost_interprocess 2015-05-08 19:45 - 2015-05-08 19:45 - 00000000 ____D () C:\Users\Ash\AppData\Local\TERA 2015-05-07 00:14 - 2015-05-07 00:14 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\RunningWithScissors 2015-05-05 00:37 - 2015-05-05 00:37 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Speedball2_steam 2015-05-04 15:53 - 2015-05-04 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-05-04 14:18 - 2015-05-04 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TRON 2.0 Killer App Mod 2015-05-04 14:17 - 2015-05-04 14:17 - 00000000 ____D () C:\Windows\TRON 2.0 Killer App Mod 2015-05-03 17:55 - 2015-05-03 17:55 - 00286720 _____ (Indigo Rose Corporation) C:\Windows\iun507.exe 2015-05-03 17:55 - 2015-05-03 17:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Buena Vista Interactive 2015-05-03 14:46 - 2015-05-04 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roccat 2015-05-03 14:46 - 2015-05-03 14:46 - 00000000 ____D () C:\Users\Ash\Documents\ROCCAT Savu 2015-05-02 15:29 - 2015-05-02 15:29 - 00002115 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels.lnk 2015-05-01 20:23 - 2015-05-01 20:23 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Ponscripter 2015-04-30 16:26 - 2015-04-30 16:26 - 00000000 ____D () C:\Users\Ash\Documents\4a games 2015-04-28 15:11 - 2015-04-28 15:11 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe 2015-04-28 15:11 - 2015-04-28 15:11 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr 2015-04-28 00:23 - 2015-04-28 00:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-22 02:26 - 2015-02-13 00:29 - 00000000 ____D () C:\FRST 2015-05-22 02:25 - 2015-02-02 19:53 - 00006438 _____ () C:\Users\Ash\Desktop\Neues Textdokument.txt 2015-05-22 02:11 - 2015-01-06 18:56 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-22 02:01 - 2015-01-11 16:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-05-22 01:59 - 2015-02-03 03:10 - 00000000 ____D () C:\Program Files (x86)\Jdownloader 2015-05-22 01:57 - 2015-01-06 18:09 - 00000000 ____D () C:\Users\Ash 2015-05-22 01:53 - 2015-01-11 17:38 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\TS3Client 2015-05-22 00:10 - 2015-03-13 23:39 - 00000671 _____ () C:\Users\Ash\.swfinfo 2015-05-21 23:47 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat 2015-05-21 23:47 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat 2015-05-21 23:47 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-21 22:29 - 2015-01-06 18:09 - 01921666 _____ () C:\Windows\WindowsUpdate.log 2015-05-21 20:11 - 2015-01-06 18:56 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-21 15:42 - 2015-01-11 17:12 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\vlc 2015-05-21 14:19 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-21 14:19 - 2009-07-14 06:45 - 00014928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-21 14:11 - 2015-02-28 02:25 - 00000000 ____D () C:\Users\Ash\AppData\Local\LogMeIn Hamachi 2015-05-21 14:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-21 02:17 - 2015-04-04 16:54 - 00000000 ___SD () C:\Windows\SysWOW64\GWX 2015-05-21 02:17 - 2015-04-04 16:54 - 00000000 ___SD () C:\Windows\system32\GWX 2015-05-21 01:12 - 2015-01-06 18:57 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-05-17 13:11 - 2015-04-12 16:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-05-16 20:28 - 2015-01-11 17:34 - 00000971 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2015-05-16 20:28 - 2015-01-11 17:34 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2015-05-16 15:00 - 2015-02-02 19:35 - 00000000 ____D () C:\Users\Ash\Documents\Eigene PSP-Dateien 2015-05-15 20:06 - 2015-01-06 18:56 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-05-15 20:06 - 2015-01-06 18:56 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-05-15 18:31 - 2015-01-11 16:35 - 00000000 ____D () C:\Users\Ash\AppData\Local\Adobe 2015-05-15 18:27 - 2015-01-11 16:36 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-05-15 18:27 - 2015-01-11 16:36 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-05-14 16:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2015-05-14 14:21 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal 2015-05-14 14:21 - 2009-07-14 06:45 - 00310760 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-05-14 14:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers 2015-05-14 02:42 - 2015-01-06 19:04 - 00000000 ____D () C:\Windows\system32\MRT 2015-05-14 02:40 - 2015-01-06 19:04 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-05-12 23:04 - 2015-02-03 21:59 - 00000000 ____D () C:\Users\Ash\AppData\Local\CrashDumps 2015-05-12 22:59 - 2015-04-02 20:46 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Stellarium 2015-05-12 22:59 - 2015-04-02 20:46 - 00000000 ____D () C:\Users\Ash\AppData\Local\stellarium 2015-05-12 22:59 - 2015-04-02 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium 2015-05-12 22:59 - 2015-04-02 20:46 - 00000000 ____D () C:\Program Files\Stellarium 2015-05-12 22:59 - 2015-01-11 15:47 - 00000000 ____D () C:\ProgramData\Package Cache 2015-05-12 17:26 - 2015-02-13 20:25 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\TeamViewer 2015-05-11 00:58 - 2015-03-22 03:10 - 00280792 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2015-05-11 00:58 - 2015-03-05 04:38 - 00280792 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2015-05-11 00:58 - 2015-03-05 04:38 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-05-11 00:51 - 2015-03-22 03:10 - 00000000 ____D () C:\Users\Ash\AppData\Local\PunkBuster 2015-05-11 00:51 - 2015-03-05 04:38 - 00281032 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2015-05-10 18:11 - 2015-02-02 19:55 - 00000000 ____D () C:\Users\Ash\Documents\My Games 2015-05-10 17:38 - 2015-02-27 00:44 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-05-10 13:16 - 2015-01-11 15:47 - 00000000 ____D () C:\Program Files\Logitech Gaming Software 2015-05-09 18:55 - 2015-03-23 03:19 - 00000000 ____D () C:\AdwCleaner 2015-05-09 18:45 - 2015-01-11 18:23 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-05-09 01:12 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-05-05 15:35 - 2015-01-06 18:51 - 00070928 _____ () C:\Users\Ash\AppData\Local\GDIPFONTCACHEV1.DAT 2015-05-04 16:00 - 2015-01-06 18:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-05-02 15:29 - 2015-04-20 23:59 - 00000000 ____D () C:\Users\Ash\Knuddels 2015-05-02 01:07 - 2015-02-22 00:45 - 00000000 ____D () C:\Users\Ash\Documents\AVerTV 2015-05-01 18:51 - 2015-02-11 16:43 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-05-01 18:51 - 2015-02-11 16:43 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-05-01 18:50 - 2015-02-11 16:43 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-05-01 18:50 - 2015-02-11 16:43 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-04-28 15:11 - 2015-04-12 16:35 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys 2015-04-28 15:11 - 2015-04-12 16:35 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys 2015-04-28 15:11 - 2015-04-12 16:35 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2015-04-28 15:11 - 2015-04-12 16:35 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys 2015-04-28 15:11 - 2015-04-12 16:35 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys 2015-04-28 15:11 - 2015-04-12 16:35 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-04-28 15:11 - 2015-04-12 16:35 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2015-04-28 15:11 - 2015-04-12 16:35 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2015-04-25 23:35 - 2015-02-08 18:06 - 00000000 ____D () C:\Users\Ash\AppData\Roaming\dvdcss ==================== Files in the root of some directories ======= 2015-03-09 17:24 - 2015-04-02 13:44 - 0099384 _____ () C:\Users\Ash\AppData\Roaming\inst.exe 2015-03-09 17:24 - 2015-04-02 13:44 - 0007859 _____ () C:\Users\Ash\AppData\Roaming\pcouffin.cat 2015-03-09 17:24 - 2015-04-02 13:44 - 0001167 _____ () C:\Users\Ash\AppData\Roaming\pcouffin.inf 2015-03-09 17:24 - 2015-04-02 13:44 - 0000055 _____ () C:\Users\Ash\AppData\Roaming\pcouffin.log 2015-03-09 17:24 - 2015-04-02 13:44 - 0082816 _____ (VSO Software) C:\Users\Ash\AppData\Roaming\pcouffin.sys 2015-03-14 01:10 - 2015-03-14 01:10 - 0119839 _____ () C:\Users\Ash\AppData\Local\242322F9_stp.CIS 2015-03-14 01:10 - 2015-03-14 01:10 - 0000306 _____ () C:\Users\Ash\AppData\Local\242322F9_stp.CIS.part 2015-03-14 01:10 - 2015-03-14 01:10 - 0120135 _____ () C:\Users\Ash\AppData\Local\48FD097A_stp.CIS 2015-03-14 01:10 - 2015-03-14 01:10 - 0000290 _____ () C:\Users\Ash\AppData\Local\48FD097A_stp.CIS.part 2015-03-14 01:10 - 2015-03-14 01:10 - 0385602 _____ () C:\Users\Ash\AppData\Local\5D515C96_stp.CIS 2015-03-14 01:10 - 2015-03-14 01:10 - 0000220 _____ () C:\Users\Ash\AppData\Local\5D515C96_stp.CIS.part 2015-04-04 23:04 - 2015-04-04 23:05 - 0003072 _____ () C:\Users\Ash\AppData\Local\file__0.localstorage 2039-01-10 04:41 - 2015-04-10 03:41 - 0000000 _____ () C:\Users\Ash\AppData\Local\{86B65B10-9008-48B5-8480-F7F2990BB5CA} 2015-01-06 18:20 - 2015-01-06 18:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-14 15:59 ==================== End of log ============================ |
22.05.2015, 19:22 | #2 |
| Zugriff auf GMX durch dritte. Trojaner o.ä.?Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2015 Ran by Ash at 2015-05-22 02:26:27 Running from C:\Users\Ash\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3066379646-2778961134-1701944576-500 - Administrator - Disabled) Ash (S-1-5-21-3066379646-2778961134-1701944576-1000 - Administrator - Enabled) => C:\Users\Ash Gast (S-1-5-21-3066379646-2778961134-1701944576-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) (HKLM\...\UDK-32dac49c-f0b5-4444-8b4e-b3325eda5fa7) (Version: - RuneStorm ACDSee Pro 5 (HKLM-x32\...\{35E0BA9D-3AFE-402A-99CA-D94FE1E73D18}) (Version: 5.3.168 - ACD Systems International Inc.) ACE COMBAT™ ASSAULT HORIZON Enhanced Edition (HKLM-x32\...\Steam App 228400) (Version: - Namco) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games) AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.56 - ASUSTeK Computer Inc.) Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version: - Spicy Horse Games) Allied Intent Xtended 2.0 (HKLM-x32\...\Allied Intent Xtended) (Version: 2.0 - AIX Community) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software) AVerMedia A835 USB DVB-T 2.3.64.28 (HKLM-x32\...\AVerMedia A835 USB DVB-T) (Version: 2.3.64.28 - AVerMedia TECHNOLOGIES, Inc.) AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.26 - AVerMedia Technologies, Inc.) AVerTV 3D (x32 Version: 6.5.2.26 - AVerMedia Technologies, Inc.) Hidden Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: - ) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) BF2SP64 (HKLM-x32\...\BF2SP64) (Version: - ) BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston) BioShock 2 (HKLM-x32\...\Steam App 8850) (Version: - 2K Marin) BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games) BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version: - Gaijin Games) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Brother MFL-Pro Suite DCP-375CW (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 2.0.0.0 - Brother Industries, Ltd.) Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version: - Rockstar New England) Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games) Carnage Racing (HKLM-x32\...\Steam App 228940) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dark Messiah of Might & Magic Multi-Player (HKLM-x32\...\Steam App 2130) (Version: - Arkane Studios) Dark Messiah of Might & Magic Single Player (HKLM-x32\...\Steam App 2100) (Version: - Arkane Studios) Darksaber's Ultimate Craft Pack (HKLM-x32\...\Darksaber's Ultimate Craft Pack) (Version: 2.2.1.4 - Darksaber's X-Wing Station) Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games) DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname) DEFCON (HKLM-x32\...\Steam App 1520) (Version: - Introversion Software) DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version: - Codemasters Racing Studio) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) EVGA PrecisionX 16 (HKLM-x32\...\Steam App 268850) (Version: - EVGA) FlatOut 2 (HKLM-x32\...\Steam App 2990) (Version: - Bugbear Entertainment) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.) Free Video Editor version 1.4.11.301 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.11.301 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.55.219 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.55.219 - DVDVideoSoft Ltd.) From Dust (HKLM-x32\...\Steam App 33460) (Version: - Ubisoft Montpellier) Gameforge Live 2.0.7 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.7 - Gameforge) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.) Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version: - Rockstar Games) Hacker Evolution Duality (HKLM-x32\...\Steam App 70120) (Version: - exosyphen studios) Half-Life (HKLM-x32\...\Steam App 70) (Version: - Valve) HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) Heroine's Quest: The Herald of Ragnarok (HKLM-x32\...\Steam App 283880) (Version: - Crystal Shard) Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation) Jamestown (HKLM-x32\...\Steam App 94200) (Version: - Final Form Games) Jasc Paint Shop Pro 9 (HKLM-x32\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.00.0000 - Jasc Software Inc) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Knights of Pen and Paper +1 (HKLM-x32\...\Steam App 231740) (Version: - Behold Studios) Knuddels Desktop App (HKU\S-1-5-21-3066379646-2778961134-1701944576-1000\...\Knuddels Desktop App ) (Version: "2014.12.13.0" - "Knuddels Desktop App") Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment) Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden Macro Recorder 5.7.8 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.7.8 - Jitbit Software) Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech) Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Metro 2033 (HKLM-x32\...\Steam App 43110) (Version: - 4A Games) Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Monkey Island 2: Special Edition (HKLM-x32\...\Steam App 32460) (Version: - LucasArts) Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla) Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla) Narcissu 1st & 2nd (HKLM-x32\...\Steam App 264380) (Version: - stage-nana) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.7 - Black Tree Gaming) NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation) NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Oil Rush (HKLM-x32\...\Steam App 200390) (Version: - Unigine Corp.) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.) Overlord (HKLM-x32\...\{259A8A5E-2886-4BED-9EF1-D5485282CCC3}) (Version: 1.00.0606 - Codemasters) Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security) Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software) Penguins Arena: Sedna's World (HKLM-x32\...\Steam App 11280) (Version: - Frogames) Poker Night 2 (HKLM-x32\...\Steam App 234710) (Version: - Telltale Games) Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version: - Telltale Games) Portal (HKLM-x32\...\Steam App 400) (Version: - Valve) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) POSTAL (HKLM-x32\...\Steam App 232770) (Version: - Running With Scissors) POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.) RACE 07 (HKLM-x32\...\Steam App 8600) (Version: - SimBin) Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - Wild Shadow Studios) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.) Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version: - ) Rise of Nations: Extended Edition (HKLM-x32\...\Steam App 287450) (Version: - SkyBox Labs) Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive) Rochard (HKLM-x32\...\Steam App 107800) (Version: - Recoil Games) Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition) Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition) Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) SCARFACE: THE WORLD IS YOURS (HKLM-x32\...\InstallShield_{50A1E01F-21A4-4FB9-B0BA-76CEB5D8D5F5}) (Version: 1.00.0000 - Sierra Entertainment) SCARFACE: THE WORLD IS YOURS (x32 Version: 1.00.0000 - Sierra Entertainment) Hidden Scarface: The World is Yours Patch (HKLM-x32\...\InstallShield_{9BA745ED-5748-4303-AE0C-78991809DD68}) (Version: 1.02.00 - Sierra Entertainment) Scarface: The World is Yours Patch (x32 Version: 1.02.00 - Sierra Entertainment) Hidden Shatter (HKLM-x32\...\Steam App 20820) (Version: - Sidhe) SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden Sid Meier's Pirates! (HKLM-x32\...\Steam App 3920) (Version: - Firaxis Games) Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion) Solar 2 (HKLM-x32\...\Steam App 97000) (Version: - Murudai) Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version: - MinMax Games Ltd.) Speedball 2 HD (HKLM-x32\...\Steam App 251690) (Version: - Vivid Games) SplitCam (HKLM-x32\...\SplitCam) (Version: 6.9.4.1 - SplitCam Co) SSDlife Free (HKLM-x32\...\{18302BF2-AA3C-46E3-B039-996FD0DB5639}) (Version: 2.5.82 - BinarySense Inc.) Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios) Star Wars X-Wing Alliance DE (HKLM-x32\...\{7AD8FE70-1A35-492C-9AA8-E9F9C1833040}) (Version: 1.0.0.0 - LucasArts, Totally Games) Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version: - BioWare) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stellarium 0.13.3 (HKLM\...\Stellarium_is1) (Version: 0.13.3 - Stellarium team) Strife: Veteran Edition (HKLM-x32\...\Steam App 317040) (Version: - Rogue Entertainment) Superfrog HD (HKLM-x32\...\Steam App 234000) (Version: - Team17 Digital Ltd) Swords and Soldiers HD (HKLM-x32\...\Steam App 63500) (Version: - Ronimo Games) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer) TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH) Tesla Effect (HKLM-x32\...\Steam App 261510) (Version: - Big Finish Games) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) Thunder Wolves (HKLM-x32\...\Steam App 232970) (Version: - Most Wanted Entertainment) TP-LINK TL-WN821N(C)_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte) Tron 2.0 (HKLM-x32\...\Steam App 327740) (Version: - Monolith Productions, Inc.) TRON 2.0 v1.042 Update (HKLM-x32\...\TRON 2.0 v1.042 Update) (Version: - ) TRON 2.0: Killer App Mod (HKLM-x32\...\Killer App Mod) (Version: v1.1a - LDSO and Killer App Mod Team) Tropico 3 - Steam Special Edition (HKLM-x32\...\Steam App 23490) (Version: - Haemimont Games) TV Movie ClickFinder (HKLM-x32\...\{A1A2ACDC-0C22-4EB1-B958-1898A93DAF28}) (Version: 1.00.0000 - TV Movie) Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft) VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden Vessel (HKLM-x32\...\Steam App 108500) (Version: - Strange Loop Games) Viscera Cleanup Detail (HKLM-x32\...\Steam App 246900) (Version: - RuneStorm) Viscera Cleanup Detail: alpha v0.25 VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.62 - VSO Software) VSO ConvertXtoVideo Ultimate 1 (HKLM-x32\...\{{ECDB800F-E1F0-48FE-B393-E12E40CD3A89}_is1) (Version: 1.5.0.36 - VSO Software) VSO Downloader 4.2.6.2 (HKLM-x32\...\{A0D0BA9E-F1A6-44FF-AA14-03ED96B3D56D}_is1) (Version: 4.2.6.2 - VSO Software) VSO EVE Network Driver version 1.0.0.27 (HKLM-x32\...\{AC0AFDC9-4FB1-44FE-B3E1-82300BF3D756}_is1) (Version: 1.0.0.27 - VSO Software) Watch_Dogs (HKLM-x32\...\Steam App 243470) (Version: - Ubisoft) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Wings of Prey (HKLM-x32\...\Steam App 45300) (Version: - Gaijin Entertainment) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies) WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) World of Guns: Gun Disassembly (HKLM-x32\...\Steam App 262410) (Version: - Noble Empire Corp.) Worms Crazy Golf (HKLM-x32\...\Steam App 70620) (Version: - Team17 Software Ltd.) XMedia Recode Version 3.2.2.4 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.2.4 - XMedia Recode) yuPlay client 0.7.40 (HKLM-x32\...\yuPlay клиент_is1) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 14-05-2015 02:39:38 Windows Update 19-05-2015 12:18:03 Windows Update 21-05-2015 02:16:58 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2015-05-04 14:19 - 00000903 ___RA C:\Windows\system32\Drivers\etc\hosts 65.112.87.186 tron20.master.gamespy.com 65.112.87.186 tron20.ms9.gamespy.com ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {160E2F40-C2F6-4674-82D5-4AE6461350AD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-28] (Avast Software s.r.o.) Task: {490AEBC7-0393-4EF3-A238-A46B3071DDBD} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DipAwayMode\DipAwayMode.exe [2013-09-18] () Task: {4B87D5B4-7443-46D8-9871-3917C52E33A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-06] (Google Inc.) Task: {54F7257B-879B-4A5A-B6D7-8920F736D1A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-06] (Google Inc.) Task: {6596BD2A-F3C7-49F5-A8DD-09238F492D1E} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.) Task: {67B55842-72A9-47A4-BF83-196B8B433666} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-07] (ASUSTeK Computer Inc.) Task: {771C634C-317C-456E-80CB-4F56F0A36B6D} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] () Task: {7CDA4C3C-A9F4-47BD-B6F1-50C6E85008B8} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {EE8811AF-D321-43B4-8972-90F358C5A00E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {F1F1533A-C471-4BEC-B072-472D70C2E644} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-03-16 17:02 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2015-03-12 20:23 - 2015-03-12 20:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2015-03-12 20:23 - 2015-03-12 20:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2015-01-06 18:45 - 2014-04-08 10:43 - 00847360 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe 2015-01-11 15:56 - 2012-09-25 12:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe 2015-01-06 18:21 - 2013-05-07 16:45 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2015-01-06 20:48 - 2013-09-18 11:18 - 01225528 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DipAwayMode\DipAwayMode.exe 2015-01-11 15:50 - 2011-04-01 15:52 - 00403456 _____ () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe 2015-01-11 15:50 - 2013-01-09 17:05 - 00163840 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe 2015-03-05 04:38 - 2015-05-11 00:58 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-01-11 15:56 - 2005-04-22 14:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll 2015-04-28 15:11 - 2015-04-28 15:11 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-04-28 15:11 - 2015-04-28 15:11 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-05-21 22:12 - 2015-05-21 22:12 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052101\algo.dll 2015-05-04 15:53 - 2015-05-01 18:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-01-06 18:45 - 2014-04-08 10:42 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll 2015-01-06 18:45 - 2014-04-08 10:42 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll 2015-01-06 18:45 - 2014-04-08 10:42 - 00298496 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJRtl.dll 2015-01-11 15:56 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2015-04-12 16:35 - 2015-04-12 16:35 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-01-06 18:21 - 2015-05-21 14:11 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2015-01-06 18:21 - 2013-05-07 16:45 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2015-01-06 20:48 - 2013-09-18 11:18 - 00685056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DipAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll 2015-01-06 20:48 - 2013-09-18 11:18 - 00825344 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DipAwayMode\DIPDLL\DIP4EpuAction.dll 2015-01-06 20:48 - 2013-09-18 11:18 - 00765952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DipAwayMode\DIPDLL\DIP4FanAction.dll 2015-01-06 20:48 - 2013-09-18 11:18 - 00776704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DipAwayMode\DIPDLL\DIP4TurboVEVOAction.dll 2015-01-06 20:48 - 2013-09-18 11:18 - 00904704 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\DipAwayMode\DIPDLL\UsbPowerManager.dll 2015-01-06 20:47 - 2013-08-07 20:11 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll 2015-01-06 20:48 - 2013-09-18 11:27 - 02371584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar Core\tufx.dll 2015-01-06 20:47 - 2013-06-04 18:41 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll 2015-01-06 20:47 - 2013-08-07 20:11 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll 2014-09-15 07:17 - 2014-09-15 07:17 - 00114304 _____ () C:\Program Files (x86)\SplitCam\splitcam_hd_driver_ProxyPlugin.ax 2015-01-06 20:53 - 2014-09-28 18:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll 2015-01-06 18:25 - 2013-09-03 17:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3066379646-2778961134-1701944576-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ash\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER Error getting == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk => C:\Windows\pss\AVer HID Receiver.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk => C:\Windows\pss\AVerQuick.lnk.CommonStartup MSCONFIG\startupreg: ACPW05DE => "C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe" /pid ACPW05DE MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: GoogleChromeAutoLaunch_8252431206705CA8C92C144971B8E8EF => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start MSCONFIG\startupreg: MouseDriver => TiltWheelMouse.exe MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{5DE6EB3A-5C2C-4582-B609-AE14F1A55912}] => (Allow) LPort=54925 FirewallRules: [{E463A16D-F718-4BE6-95E4-FFBE9D90765F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{18DDA827-8247-475C-8D8F-009A3DDFE349}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{0D29C7BD-3577-4D59-863A-2E5E9756E856}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{827120C0-2E79-40B0-BF25-94CE74D0765E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{5728EAF8-F301-4E8F-A263-15452B3C9B3D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{D84DC50B-7A1B-4715-9489-7260EED99F0A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{92532BB9-E538-4720-88EB-B6E7137B6326}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe FirewallRules: [{E9642276-E030-4597-BD0C-D30E43405555}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe FirewallRules: [{82A84747-C208-468D-BDE3-DE4C95223D86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{54580992-E792-4980-89BC-0216ACD7D68C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{9E3E5FC7-535A-4682-91DB-CF6B6BA66D0E}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{C47FBEC3-8D8B-4175-9982-C7F76A911D8B}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{CA437B6F-2D15-43E7-92DD-7640055A9B28}] => (Allow) C:\Program Files (x86)\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{39F60726-A7C8-423D-B9F5-CB3B231FF027}] => (Allow) C:\Program Files (x86)\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{E23D2D97-C36D-4149-B9C7-F6D85365C904}] => (Allow) C:\Program Files (x86)\SteamLibrary\steamapps\common\dota 2 beta\dota.exe FirewallRules: [{16804EDA-A66C-405B-99DF-0C74D48FF489}] => (Allow) C:\Program Files (x86)\SteamLibrary\steamapps\common\dota 2 beta\dota.exe FirewallRules: [{CA9DF019-7736-4DE1-8C22-B4863C585E37}] => (Allow) D:\Steam\steamapps\common\BIT.TRIP RUNNER\RUNNER.exe FirewallRules: [{969BB6AD-B731-4B19-A705-752A4A18AF77}] => (Allow) D:\Steam\steamapps\common\BIT.TRIP RUNNER\RUNNER.exe FirewallRules: [{64FB8349-F006-4DD0-A1CF-D96B01227E6E}] => (Allow) D:\Steam\steamapps\common\Ace Combat Assault Horizon\Ace Combat_AH.exe FirewallRules: [{3C0102B5-09B3-4A62-BA79-437E3BD03F07}] => (Allow) D:\Steam\steamapps\common\Ace Combat Assault Horizon\Ace Combat_AH.exe FirewallRules: [{1606584A-B90B-4CE1-87C4-401E1B37050D}] => (Allow) D:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe FirewallRules: [{38C199EE-2386-4045-A3AB-E5FC77024D77}] => (Allow) D:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe FirewallRules: [{3930389D-1709-4D64-B9FC-9A3FB4722D20}] => (Allow) D:\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe FirewallRules: [{7AC3B7F4-02FA-47D6-A7CC-7420E5249118}] => (Allow) D:\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe FirewallRules: [{4661502A-38AB-4B1B-80B9-59251E45CB10}] => (Allow) D:\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe FirewallRules: [{D67D3F41-07D6-4122-AB8F-26BBBA0348D7}] => (Allow) D:\Steam\steamapps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe FirewallRules: [{D1B430B5-0C8A-475F-820E-E3DBFFCE721C}] => (Allow) D:\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe FirewallRules: [{45E2F2B7-A0A4-4C03-959C-1D7EAE2D7D22}] => (Allow) D:\Steam\steamapps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe FirewallRules: [{6AF11520-F085-4989-BB65-DAF15E2B25BE}] => (Allow) D:\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe FirewallRules: [{06D48E36-E412-4EB4-AA16-376B541ED8B0}] => (Allow) D:\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe FirewallRules: [{1B4F5DFA-0460-4F11-A188-69F48FDFD63D}] => (Allow) D:\Steam\steamapps\common\Bully Scholarship Edition\Bully.exe FirewallRules: [{7BA4FDB7-2D32-4D19-8736-2A2C5EB3358C}] => (Allow) D:\Steam\steamapps\common\Bully Scholarship Edition\Bully.exe FirewallRules: [{035D9139-A8EB-4048-BCD0-D86C9A00D440}] => (Allow) D:\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe FirewallRules: [{DB5C89EE-7685-4CF4-9484-0E9344E23D20}] => (Allow) D:\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe FirewallRules: [{F9E1B088-9FF7-4CA5-A8D3-7283A46551CA}] => (Allow) D:\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe FirewallRules: [{CF115ACB-663B-4089-BD65-9549658E3B2F}] => (Allow) D:\Steam\steamapps\common\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe FirewallRules: [{11C60D03-85CB-4B57-AB62-096C6B72038F}] => (Allow) D:\Steam\steamapps\common\Carnage Racing\CarnageRacing.exe FirewallRules: [{F6412942-7600-4629-BFF3-CCF81C8B1C1B}] => (Allow) D:\Steam\steamapps\common\Carnage Racing\CarnageRacing.exe FirewallRules: [{0ACB1ABA-9E77-4DC2-882D-ECEB630B9BC4}] => (Allow) D:\Steam\steamapps\common\Defcon\defcon.exe FirewallRules: [{C0B4BC9C-C2FE-4966-A546-7E93BDE5F8BE}] => (Allow) D:\Steam\steamapps\common\Defcon\defcon.exe FirewallRules: [{B123A1A5-32C4-49AE-828B-09586EF52395}] => (Allow) D:\Steam\steamapps\common\FlatOut2\FlatOut2.exe FirewallRules: [{D4DDAE3C-C1A6-4605-9A23-87A0379CF720}] => (Allow) D:\Steam\steamapps\common\FlatOut2\FlatOut2.exe FirewallRules: [{7EA792FF-3AAD-42F3-8A92-D2B96FF0BF90}] => (Allow) D:\Steam\steamapps\common\From Dust\From_Dust.exe FirewallRules: [{DE9A504C-8746-4C66-935D-8B5C64F6CCD3}] => (Allow) D:\Steam\steamapps\common\From Dust\From_Dust.exe FirewallRules: [{6F967B18-44A3-4105-8620-8AE7A7C9547A}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe FirewallRules: [{C03BF2B7-8D79-43A8-A8E6-551C3402AE56}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe FirewallRules: [{4160B81D-9636-4335-A472-904212472656}] => (Allow) D:\Steam\steamapps\common\EVGA PrecisionX\PrecisionX_x64.exe FirewallRules: [{633D8D11-EF38-4B23-94D5-EF6DC6E16309}] => (Allow) D:\Steam\steamapps\common\EVGA PrecisionX\PrecisionX_x64.exe FirewallRules: [{13E8D768-2ED7-450E-9DA6-55770AA59677}] => (Allow) D:\Steam\steamapps\common\EVGA PrecisionX\Skins\UxfTool.exe FirewallRules: [{2F40AEF5-C784-4C7B-B3D5-7AB404109D11}] => (Allow) D:\Steam\steamapps\common\EVGA PrecisionX\Skins\UxfTool.exe FirewallRules: [{9EDF1D26-A082-409F-ACC4-0B3F1038925F}] => (Allow) D:\Steam\steamapps\common\Hacker Evolution Duality\Hacker Evolution Duality.exe FirewallRules: [{09385B85-1128-4D15-A67E-58C20CC781A1}] => (Allow) D:\Steam\steamapps\common\Hacker Evolution Duality\Hacker Evolution Duality.exe FirewallRules: [{145F6741-9A2C-481E-9D4F-F497F9B726FB}] => (Allow) D:\Steam\steamapps\common\Heroine's Quest\Heroine's Quest.exe FirewallRules: [{062339BC-B000-433F-98CB-632B291799D8}] => (Allow) D:\Steam\steamapps\common\Heroine's Quest\Heroine's Quest.exe FirewallRules: [{8658654A-1571-4A1A-BBA6-301E2353A071}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe FirewallRules: [{9093848D-F1D5-45C6-998A-322A8D3CDC3A}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe FirewallRules: [{AB04C751-4D98-4172-922B-8987BCEBD610}] => (Allow) D:\Steam\steamapps\common\Hitman Absolution\HMA.exe FirewallRules: [{583D4CF3-777C-4FA1-AC57-D44335901D53}] => (Allow) D:\Steam\steamapps\common\Hitman Absolution\HMA.exe FirewallRules: [{4C06B129-88AB-4A81-9C79-8614F5E8433B}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{DB439122-8973-4959-8018-C3299ED42358}] => (Allow) D:\Steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{388405C4-24FB-4B72-BD23-9F625C320180}] => (Allow) D:\Steam\steamapps\common\Jamestown\Jamestown.exe FirewallRules: [{422C5072-C368-4554-837F-44880A78CA6A}] => (Allow) D:\Steam\steamapps\common\Jamestown\Jamestown.exe FirewallRules: [{A80275E1-7E4F-472A-9863-54F39F993535}] => (Allow) D:\Steam\steamapps\common\Mafia II\pc\mafia2.exe FirewallRules: [{B6FC15A5-6879-4BF3-A5CF-ECB5757ABCDE}] => (Allow) D:\Steam\steamapps\common\Mafia II\pc\mafia2.exe FirewallRules: [{9F2ADF69-4ADA-41DA-8988-C4AA9C80ED40}] => (Allow) D:\Steam\steamapps\common\Monkey2\Monkey2.exe FirewallRules: [{D9AA0677-62CD-451D-BB8B-D32F2CB0480A}] => (Allow) D:\Steam\steamapps\common\Monkey2\Monkey2.exe FirewallRules: [{1C83D5EE-95EB-4644-A31F-2F19291BD538}] => (Allow) D:\Steam\steamapps\common\PapersPlease\PapersPlease.exe FirewallRules: [{1ECD8D5F-F4CD-4D60-B815-8486F4F88190}] => (Allow) D:\Steam\steamapps\common\PapersPlease\PapersPlease.exe FirewallRules: [{6DA6D91A-9A48-4701-B9E5-AC67E408F0EA}] => (Allow) D:\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe FirewallRules: [{77583893-69B6-4764-B526-45F75AFF1BF7}] => (Allow) D:\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe FirewallRules: [{1B589C89-7D70-40E2-87E6-813DF07A432E}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{987FE9C4-3CA7-4115-9212-3BD061BB77D2}] => (Allow) D:\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{62531339-0114-494C-8B70-29D147B03FE7}] => (Allow) D:\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe FirewallRules: [{E454CE02-58E3-4682-A22D-F6A53DA07798}] => (Allow) D:\Steam\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe FirewallRules: [{CA3B47F0-C860-41D5-9302-817366D754F6}] => (Allow) D:\Steam\steamapps\common\Poker Night 2\PokerNight2.exe FirewallRules: [{58D6FEE3-3108-4666-8719-EEFA4075B050}] => (Allow) D:\Steam\steamapps\common\Poker Night 2\PokerNight2.exe FirewallRules: [{7F19CE73-E824-4193-8DA2-B8EFDBB6F49A}] => (Allow) D:\Steam\steamapps\common\Portal\hl2.exe FirewallRules: [{3865DF64-7E9C-4E9B-88F6-602FD6CF4269}] => (Allow) D:\Steam\steamapps\common\Portal\hl2.exe FirewallRules: [{4DC5AAED-E6AB-4E7F-83E2-4FC207954A94}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe FirewallRules: [{1D337C0B-12FA-476E-98FE-A0791E918160}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe FirewallRules: [{F8E6384F-DA4B-46CC-9D15-A0E9F76E342B}] => (Allow) D:\Steam\steamapps\common\race 07\SteamProxy.exe FirewallRules: [{71FF48B9-5938-4247-BCBA-256AB243E217}] => (Allow) D:\Steam\steamapps\common\race 07\SteamProxy.exe FirewallRules: [{D6AD5F1B-A390-48E0-8457-307FF58F4354}] => (Allow) D:\Steam\steamapps\common\race 07\Config.exe FirewallRules: [{36FC5232-203A-4562-8EAD-87B229EF4CAC}] => (Allow) D:\Steam\steamapps\common\race 07\Config.exe FirewallRules: [{2388F58E-90A3-4A48-B707-A236DFE2EFF8}] => (Allow) D:\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe FirewallRules: [{6B2F7F39-BD24-4097-9CCA-6B0638FF70A9}] => (Allow) D:\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe FirewallRules: [{198ABF80-C2B0-4DB4-B5F1-A388B7AD9005}] => (Allow) D:\Steam\steamapps\common\Red Orchestra 2 - Single Player\Binaries\Win32\ROGame.exe FirewallRules: [{55853A76-5A94-4A05-B8F0-EC19A0962554}] => (Allow) D:\Steam\steamapps\common\Red Orchestra 2 - Single Player\Binaries\Win32\ROGame.exe FirewallRules: [{A434F7C6-4CE8-4B71-AEE8-6FD95B6793C3}] => (Allow) D:\Steam\steamapps\common\Saints Row the Third\game_launcher.exe FirewallRules: [{15950D8A-B586-4D55-81A4-8BD794664C8A}] => (Allow) D:\Steam\steamapps\common\Saints Row the Third\game_launcher.exe FirewallRules: [{776A2B5A-27B3-48DA-BAF9-78F440717E34}] => (Allow) D:\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe FirewallRules: [{136FD2FE-2D5D-4737-8908-D12EA4A7364E}] => (Allow) D:\Steam\steamapps\common\Saints Row IV\SaintsRowIV.exe FirewallRules: [{01BEDF31-CB1B-4DEA-920C-BC35727A5968}] => (Allow) D:\Steam\steamapps\common\Shatter\Shatter.exe FirewallRules: [{A9A19804-9223-416E-ADE9-1710E36A3F9F}] => (Allow) D:\Steam\steamapps\common\Shatter\Shatter.exe FirewallRules: [{A5361F8A-A565-454B-8E4E-61D87CBAC1BD}] => (Allow) D:\Steam\steamapps\common\Shatter\ShatterSettingsEditor.exe FirewallRules: [{2CF03505-FF96-47D0-AD00-5AA9189AF875}] => (Allow) D:\Steam\steamapps\common\Shatter\ShatterSettingsEditor.exe FirewallRules: [{1976482E-5A13-45C0-83E8-49498D985CD8}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Pirates!\Pirates!.exe FirewallRules: [{57938199-DABF-4F24-8D32-C6CC92221E0B}] => (Allow) D:\Steam\steamapps\common\Sid Meier's Pirates!\Pirates!.exe FirewallRules: [{8A667BF6-03AC-49E6-899D-8794D1190384}] => (Allow) D:\Steam\steamapps\common\Sniper Elite V2\bin\SniperEliteV2.exe FirewallRules: [{6CED203B-582B-44FC-A847-08873DA7DFCD}] => (Allow) D:\Steam\steamapps\common\Sniper Elite V2\bin\SniperEliteV2.exe FirewallRules: [{26365C04-B90D-4F6D-877A-A10E6CE96273}] => (Allow) D:\Steam\steamapps\common\Space Pirates and Zombies\SpazGame.exe FirewallRules: [{FC462A89-FA40-4BE7-A54B-84FABCDB75C7}] => (Allow) D:\Steam\steamapps\common\Space Pirates and Zombies\SpazGame.exe FirewallRules: [{63DF48F0-7755-4BE6-A2AF-C4C79FB30C9F}] => (Allow) D:\Steam\steamapps\common\Superfrog\Superfrog.exe FirewallRules: [{7EF7AF67-5634-4CBB-B0C0-B1D6DF024AD1}] => (Allow) D:\Steam\steamapps\common\Superfrog\Superfrog.exe FirewallRules: [{B9B2C040-9BBB-4966-84A1-34A3928AEF92}] => (Allow) D:\Steam\steamapps\common\swkotor\swkotor.exe FirewallRules: [{75B391A3-4FB5-41CD-B839-760029E77CD1}] => (Allow) D:\Steam\steamapps\common\swkotor\swkotor.exe FirewallRules: [{D04EEC4F-085E-425C-A6A5-819B0B86DFF7}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{560FA1A2-F440-4EBC-B0A4-EFB0D5EE2D60}] => (Allow) D:\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{68D4C2F9-6EA4-4AF2-B8E4-0336D2F75CFA}] => (Allow) D:\Steam\steamapps\common\Tesla Effect\TeslaEffect.exe FirewallRules: [{03CCB984-6F75-4A2F-A0DE-1CD92AAF1143}] => (Allow) D:\Steam\steamapps\common\Tesla Effect\TeslaEffect.exe FirewallRules: [{1D5B157E-4C2A-4E3C-B994-AEAC21A399D3}] => (Allow) D:\Steam\steamapps\common\Thunder Wolves\ThunderWolves.exe FirewallRules: [{1A7956E3-7384-41AF-B133-C8225A0B2D69}] => (Allow) D:\Steam\steamapps\common\Thunder Wolves\ThunderWolves.exe FirewallRules: [{A3C3CD27-FCA5-4E70-B90B-9818838F182F}] => (Allow) D:\Steam\steamapps\common\Tron 2.0\TronLauncher.exe FirewallRules: [{2751EBFE-FC08-4705-A6D6-A34EB48AFEA9}] => (Allow) D:\Steam\steamapps\common\Tron 2.0\TronLauncher.exe FirewallRules: [{96FC7842-5943-4E7F-ADED-8926D0D171FB}] => (Allow) D:\Steam\steamapps\common\Vessel\Vessel.exe FirewallRules: [{050C142F-58AC-4BBB-A6A5-0EEF491F8D64}] => (Allow) D:\Steam\steamapps\common\Vessel\Vessel.exe FirewallRules: [{E87A55C7-6F95-404A-8B98-DB3303AE395D}] => (Allow) D:\Steam\steamapps\common\Watch_Dogs\bin\watch_dogs.exe FirewallRules: [{9DEA38F4-B328-468C-A016-DEE8D2AED9B7}] => (Allow) D:\Steam\steamapps\common\Watch_Dogs\bin\watch_dogs.exe FirewallRules: [{630BFBA3-6349-4DB5-A770-A5E888ABA900}] => (Allow) D:\Steam\steamapps\common\Wings of Prey\launcher.exe FirewallRules: [{BB83D4D3-47B2-423F-8BED-A2BEFB46AEF4}] => (Allow) D:\Steam\steamapps\common\Wings of Prey\launcher.exe FirewallRules: [{830C1B30-8DCC-4D8C-B04E-DDDFEBFECA62}] => (Allow) D:\Steam\steamapps\common\WormsGolf2010\WormsCrazyGolf.exe FirewallRules: [{997F3B79-2E7C-4081-AC81-2C2B9CF3BBDA}] => (Allow) D:\Steam\steamapps\common\WormsGolf2010\WormsCrazyGolf.exe FirewallRules: [{E5BF02B2-B643-4DC1-B083-E431E0010ACC}] => (Allow) D:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe FirewallRules: [{33DCE8E8-E879-423B-8A18-2A2B4C027274}] => (Allow) D:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe FirewallRules: [{E8D1DBEB-8FEE-45E8-AB32-0214BC5B9BA4}] => (Allow) D:\Steam\steamapps\common\DiRT Showdown\showdown.exe FirewallRules: [{2FB3A701-762E-410D-8318-8B6F4D7BF1A8}] => (Allow) D:\Steam\steamapps\common\DiRT Showdown\showdown.exe FirewallRules: [TCP Query User{2CD4EEEC-6BF5-4383-8B79-787A41DDEDF6}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{20512F62-7B56-49DD-99AC-6A64D1222BFA}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{D79B07F4-3BCE-4339-A291-0A991119911C}C:\program files (x86)\java\jre1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\java.exe FirewallRules: [UDP Query User{BF1CBDF1-6948-401C-946C-53D1E388798B}C:\program files (x86)\java\jre1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\java.exe FirewallRules: [{7DAE186E-702F-43A4-928E-F070A302865E}] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\java.exe FirewallRules: [{DA36085B-AA5B-4EBE-9D00-B0A69A7FFEF0}] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\java.exe FirewallRules: [TCP Query User{95AB1095-46EB-402C-A316-52FA7E36BA5F}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [UDP Query User{761183F4-A811-48EF-B6EF-8F8E3A446955}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [{CB552256-A066-4D28-818D-BD4B9E587193}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{55C52B8E-4810-4A88-88B5-F4CED649B6A7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4309019E-E1BA-4461-9191-BD6F2ADD7798}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe FirewallRules: [{60FB1935-12A1-4ADE-8128-294ECAB7F6E6}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe FirewallRules: [{A9C3A65B-ACA5-4094-A4D6-EDBE5A7C39D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{53115D07-725E-43D6-A133-5BA5F689A6A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{EA982433-2EE0-416B-89E1-B7D31787F683}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{5A020AFA-CF62-42B7-A350-79099488E8A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{6BF4839A-6BF3-4D82-8CC1-680F1C1E5650}] => (Allow) D:\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe FirewallRules: [{C2A5D8EB-10DE-49CC-8E71-E68D880B7201}] => (Allow) D:\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe FirewallRules: [{76C5C224-71AF-4045-801B-3976703031C1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{FFA2B150-7CD6-467D-8BA4-04A1AD6640DA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{063D7720-935E-41AE-A83D-6FE96F2EFD5B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{0730B154-E556-4093-9F27-79F5E1F0736D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{EA269721-467E-48D7-B908-6855A06B1D36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{424B6BA6-DC49-4B5E-8C59-B0FF230B498C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{16E471F1-63A3-4794-BCAC-B1FA43EB0349}C:\program files (x86)\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\java.exe FirewallRules: [UDP Query User{E8A8C826-7613-48DD-A78B-CA7A5A5A8859}C:\program files (x86)\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\java.exe FirewallRules: [TCP Query User{4EF32B40-B82A-4A69-A005-0F3BC83E300F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{5E3B1F9B-9C92-41E5-A813-2511E5B3FA20}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [{5AFC942C-DEDA-4E85-B25B-ED8AEBEBE1A1}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe FirewallRules: [{71A36913-18A1-4BBC-92AD-BD13D5BAAA39}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe FirewallRules: [{5F65A3A2-600B-45C2-BC5F-173ABD2E552E}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe FirewallRules: [{9B7E1A1D-5289-4FF6-B8AA-A5AE008B3100}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe FirewallRules: [{FFDEADE8-D90A-4238-BBA1-0BBD029B9E4A}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe FirewallRules: [{DF9282C4-AE30-41E8-B0AD-2CEF6D6C6F0B}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe FirewallRules: [{A1701104-EE30-4D0E-B7A9-8963BD27ACB4}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe FirewallRules: [{AE94BAAA-EC41-42E3-97E0-C901ADDCC5F4}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe FirewallRules: [{B22D969B-0F1B-4157-AC77-D5F8E731698C}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe FirewallRules: [{E6879F8C-D6F2-44D1-A3B1-BDE7726F23CD}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe FirewallRules: [{DC8889A6-CC31-4737-BD83-285AF9867E43}] => (Allow) D:\Steam\steamapps\common\Penguins Arena\PenguinsArena.exe FirewallRules: [{6B3C2E41-8E72-49C2-A60B-5CCC7A4480AB}] => (Allow) D:\Steam\steamapps\common\Penguins Arena\PenguinsArena.exe FirewallRules: [{8FA0BBDA-8D99-45AC-85D0-6A7D342C2975}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{77D9DF24-26AE-4987-9012-70D79F848E25}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{C56AE735-BA77-4B28-BEEF-C58C3EC7746F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{90A7399F-60ED-43FA-8EE9-F1CB3C0CA2DA}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{1F09E696-2160-4F41-AF5B-890BD7A3FB4D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{855A16B9-627F-4BB7-8570-4D9802901842}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{CB9ADAB6-DF10-4D07-AA8F-97E22048864E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{7CE5DE79-EF60-4CE8-81BD-87B6675AF00F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{8404396D-6CEF-4D9C-BAA6-B8E51995265C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{9F851E8A-55F8-48AD-8DDB-4AEA13471974}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{318AFF9B-75F5-4BE4-AD24-438471494270}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{D7A1B34D-B7D7-4536-9038-A60D328D0FBF}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [TCP Query User{278ED6EC-CCD5-4833-B667-988F019C8386}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{D055F1C7-2E00-4658-8C72-DAA42DC45186}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{17095B6F-45CD-422B-B81B-BA4DF366A74E}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe FirewallRules: [{6E2CECCF-0A29-4C02-9DA0-903CF24B8668}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\System\Launcher.exe FirewallRules: [{BCB949B6-DBF6-433A-99C3-C35DDC33246E}] => (Allow) E:\Battlefield 2\BF2.exe FirewallRules: [{9209A254-DEC8-4939-85A4-9832C7083049}] => (Allow) E:\Battlefield 2\BF2.exe FirewallRules: [TCP Query User{F9C2B955-D2CA-4CC6-9CB1-04BEAABE85DC}E:\frags\srcds.exe] => (Allow) E:\frags\srcds.exe FirewallRules: [UDP Query User{1B6285DC-E166-4EEC-8C98-A60CDA7195D3}E:\frags\srcds.exe] => (Allow) E:\frags\srcds.exe FirewallRules: [{7401CDCD-9A39-4D7F-A43A-0A3996B200CE}] => (Block) E:\frags\srcds.exe FirewallRules: [{E49F6730-8E28-49DC-89CD-E0A31798F84B}] => (Block) E:\frags\srcds.exe FirewallRules: [{F537EA28-5D05-4D88-B079-335729A20190}] => (Allow) D:\Steam\steamapps\common\SwordsAndSoldiersHD\Swords and Soldiers Launcher.exe FirewallRules: [{6E32BD8B-6E02-40F8-A693-BA1A9EDAEBDB}] => (Allow) D:\Steam\steamapps\common\SwordsAndSoldiersHD\Swords and Soldiers Launcher.exe FirewallRules: [{76F83AF8-CC89-4DCB-88A0-283A6F670D72}] => (Allow) D:\Steam\steamapps\common\Solar 2\Solar2.exe FirewallRules: [{DF8B7903-8F49-4E3C-8E49-EEC981B09E88}] => (Allow) D:\Steam\steamapps\common\Solar 2\Solar2.exe FirewallRules: [{73C38388-4728-4C7C-BE56-5C62A52B71F5}] => (Allow) D:\Steam\steamapps\common\Tropico 3\tropico3.exe FirewallRules: [{F6E47135-0634-46F8-8171-789414E4826A}] => (Allow) D:\Steam\steamapps\common\Tropico 3\tropico3.exe FirewallRules: [{E11B3D34-CB73-4C1B-A30E-8B7D73E5210A}] => (Allow) D:\Steam\steamapps\common\Trine 2\trine2_launcher.exe FirewallRules: [{9E8517D0-8886-47CA-BF1F-1C4D5D1309A3}] => (Allow) D:\Steam\steamapps\common\Trine 2\trine2_launcher.exe FirewallRules: [{F3531A55-2AC7-40A5-B303-7E6ADC9FF985}] => (Allow) D:\Steam\steamapps\common\Rochard\Rochard.exe FirewallRules: [{5961D8B0-10B1-4970-BA8E-F32D12016533}] => (Allow) D:\Steam\steamapps\common\Rochard\Rochard.exe FirewallRules: [{E58DDB2F-C633-453C-A6EF-9142B6F11050}] => (Allow) D:\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe FirewallRules: [{1A3ED41E-4AFC-4853-A2B7-E34816E6CB31}] => (Allow) D:\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe FirewallRules: [{D2CA697A-453E-4D47-B903-953ACD94B8D7}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\System\Postal2.exe FirewallRules: [{4BDA4CA7-A07C-43F0-B75F-9AEE76DA7B3F}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\System\Postal2.exe FirewallRules: [{70FDECD6-CC4D-48F7-B2F8-CBDBE88F95DE}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe FirewallRules: [{436A118B-F77B-44F0-B754-B30125CB1FB8}] => (Allow) D:\Steam\steamapps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe FirewallRules: [TCP Query User{D8CCD002-72BC-4DBC-9F4E-1D05B4A24D26}C:\users\ash\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\ash\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{86D0C743-5A3D-4C09-816C-1C5848D4E5E1}C:\users\ash\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\ash\appdata\local\mycomgames\mycomgames.exe FirewallRules: [{371FA2BD-B3F6-4538-A0A5-A5854617EFBA}] => (Allow) D:\Steam\steamapps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe FirewallRules: [{8D91996F-1D76-4D70-B2DD-4CB54429D889}] => (Allow) D:\Steam\steamapps\common\Space\spacegame\Binaries\Win64\spacegame-Win64-Shipping.exe FirewallRules: [{BA7785A7-D575-49AE-AE25-43C9C6F24CEC}] => (Allow) D:\Steam\steamapps\common\narcissu2\narci2.exe FirewallRules: [{DDF5D9A1-5DDF-46E4-9F06-390248DF76B1}] => (Allow) D:\Steam\steamapps\common\narcissu2\narci2.exe FirewallRules: [{954F06E9-3752-4EE0-8D89-13883EC21CEF}] => (Allow) D:\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe FirewallRules: [{D5B051EB-FF52-403F-809F-76CE850FA741}] => (Allow) D:\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe FirewallRules: [{3DFEF7E8-841A-4700-AAD0-452ABEB16150}] => (Allow) D:\Steam\steamapps\common\Metro 2033\metro2033.exe FirewallRules: [{F64612B8-D514-4991-82C6-6433FAC7C41A}] => (Allow) D:\Steam\steamapps\common\Metro 2033\metro2033.exe FirewallRules: [{43ABFA35-86CE-463D-8380-F741A7EE15F1}] => (Allow) D:\Steam\steamapps\common\Speedball 2 HD\Speedball2_steam.exe FirewallRules: [{956516E0-C0BA-4F2D-ACB8-241676353036}] => (Allow) D:\Steam\steamapps\common\Speedball 2 HD\Speedball2_steam.exe FirewallRules: [{2E501E5A-05D2-476B-94A4-620AEF7FE3FB}] => (Allow) D:\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe FirewallRules: [{83DA8B1B-D330-4D21-BE28-4533A4D3A9DF}] => (Allow) D:\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe FirewallRules: [{956458A0-4AA5-4AB7-8D0B-F17221120ADC}] => (Allow) D:\Steam\steamapps\common\Darksiders\DarksidersPC.exe FirewallRules: [{09BF9FAD-A59E-4C76-9E39-7BD7E6F5EF19}] => (Allow) D:\Steam\steamapps\common\Darksiders\DarksidersPC.exe FirewallRules: [{FF8755F8-3621-4340-B8A7-84C3F0D50A7B}] => (Allow) D:\Steam\steamapps\common\POSTAL1\Postal Plus.exe FirewallRules: [{2F5DA145-55EE-4DE4-94B4-7D8624F5D1D8}] => (Allow) D:\Steam\steamapps\common\POSTAL1\Postal Plus.exe FirewallRules: [{872BE437-8ABC-4B56-A64F-D5F3ADE073F9}] => (Allow) D:\Steam\steamapps\common\Dark Messiah Might and Magic Single Player\mm.exe FirewallRules: [{4DE6F54E-1C16-433C-A64D-0EBB19719E61}] => (Allow) D:\Steam\steamapps\common\Dark Messiah Might and Magic Single Player\mm.exe FirewallRules: [{F08F4A57-C946-43F9-95B6-20995FFDB467}] => (Allow) D:\Steam\steamapps\common\Dark Messiah Might and Magic Multi-Player\runme.exe FirewallRules: [{ACF043A5-1CA8-400C-ACC7-871ADD7579B8}] => (Allow) D:\Steam\steamapps\common\Dark Messiah Might and Magic Multi-Player\runme.exe FirewallRules: [{E95A1889-0D8D-4B2A-BD94-849649ADB707}] => (Allow) D:\Steam\steamapps\common\strife\bin\strife.exe FirewallRules: [{3512E594-C272-40EF-80E9-94EA45419302}] => (Allow) D:\Steam\steamapps\common\strife\bin\strife.exe FirewallRules: [{40D6C44E-2CA5-44F7-86CD-D5A6C8068DED}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe FirewallRules: [{8385E264-3145-4997-B1A0-E768F06306A9}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe FirewallRules: [{042B5DDE-6221-42DA-A898-835297796017}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{577494D1-F592-4841-A488-EA7EC9566153}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F979CF66-DA27-4CA1-BBA6-0B73A5F93BB6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{975D6476-4B5D-4D93-8B97-FC339F685A5B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{8759FB4C-9889-4259-B9AC-876D10F83F52}E:\tera\games\deu_deu\tera\tera-launcher.exe] => (Allow) E:\tera\games\deu_deu\tera\tera-launcher.exe FirewallRules: [UDP Query User{C66A5963-259A-4DC6-AD81-493DE3AB7DC4}E:\tera\games\deu_deu\tera\tera-launcher.exe] => (Allow) E:\tera\games\deu_deu\tera\tera-launcher.exe FirewallRules: [{94EC1524-DFB1-4AC4-9DD5-94CF24AD6CAE}] => (Block) E:\tera\games\deu_deu\tera\tera-launcher.exe FirewallRules: [{14B57559-4C07-4853-BE36-639D666400EF}] => (Block) E:\tera\games\deu_deu\tera\tera-launcher.exe FirewallRules: [{35DB9692-ABBA-4C84-99DC-9D87934E9934}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{2B0D62E0-EFB6-4B80-B067-8C5496E53ABE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{FADC884E-8DCF-48BB-BA66-01E79A64EDE1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{0A84CEF0-8797-45EF-AB99-C7441A4A60BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{FB5C00C7-F948-4548-8837-E1718AB09980}] => (Allow) D:\Steam\steamapps\common\Knights of Pen and Paper\knightspp.exe FirewallRules: [{BB66C0CA-5F0F-42AE-8C93-D82D7FA13E43}] => (Allow) D:\Steam\steamapps\common\Knights of Pen and Paper\knightspp.exe FirewallRules: [{C834046F-31D2-44B7-8068-DC86C32CC35C}] => (Allow) D:\Steam\steamapps\common\strife\strife-ve.exe FirewallRules: [{7B418971-2448-4FC4-B2ED-421E9B81100E}] => (Allow) D:\Steam\steamapps\common\strife\strife-ve.exe FirewallRules: [{07DE01AA-D6C6-4A50-872F-0CEC17E079A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{299C6CB8-51AF-4933-A19B-8F909D1043C5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{96B7A9A5-768F-4076-9CD4-D4706E30C7C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{3DD2BED3-4B68-417E-A101-579DCDFCB483}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{21347F6F-4477-4F31-AAA1-0669336804C2}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe FirewallRules: [{F96A7189-FE3A-4DB4-BC5A-6BFDDBDC0346}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win32\UDK.exe FirewallRules: [{1DFAC8BE-6D06-4E39-B3FC-63471132883B}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe FirewallRules: [{D174A505-5CF1-4BEF-8A22-4EE01AE8BFA8}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\Win64\UDK.exe FirewallRules: [{00E8B022-8132-4ABD-90AE-3E91CE2589A8}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe FirewallRules: [{F63D3F30-0AC5-451E-BC8D-34CE6DE4484C}] => (Allow) D:\Steam\steamapps\common\Viscera\Binaries\UDKLift.exe FirewallRules: [{9F868763-58B6-4E12-BBD4-BD5AD18BFE6F}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{69C498A3-3D48-4DA1-981D-C11A24469869}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{2C459425-8FD6-4830-91E7-A51BA97D134C}] => (Allow) e:\Tera\gfl_client.exe FirewallRules: [{8A6BF52B-41E1-4E11-8E9B-987A77EE0139}] => (Allow) D:\Steam\steamapps\common\WOG\disasm.exe FirewallRules: [{423902C5-EB36-4851-AAF2-024CCB466EA8}] => (Allow) D:\Steam\steamapps\common\WOG\disasm.exe FirewallRules: [{E9B2BF5C-2399-44E2-BD6A-AB5C1F140201}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/22/2015 01:57:08 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (05/22/2015 01:53:31 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (05/21/2015 04:26:49 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Error: (05/21/2015 04:26:47 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (05/19/2015 07:23:09 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Error: (05/19/2015 07:23:07 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest. Error: (05/19/2015 04:45:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7535 Error: (05/19/2015 04:45:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7535 Error: (05/19/2015 04:45:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/19/2015 04:45:21 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcFailed continue stopping. [6] System errors: ============= Error: (05/21/2015 02:11:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC) Error: (05/21/2015 02:11:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad: C:\Windows\system32\Rtlihvs.dll Fehlercode: 126 Error: (05/20/2015 02:15:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad: C:\Windows\system32\Rtlihvs.dll Fehlercode: 126 Error: (05/20/2015 02:15:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC) Error: (05/19/2015 00:13:37 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC) Error: (05/19/2015 00:13:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad: C:\Windows\system32\Rtlihvs.dll Fehlercode: 126 Error: (05/18/2015 00:26:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC) Error: (05/18/2015 00:26:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad: C:\Windows\system32\Rtlihvs.dll Fehlercode: 126 Error: (05/17/2015 01:11:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC) Error: (05/17/2015 01:11:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad: C:\Windows\system32\Rtlihvs.dll Fehlercode: 126 Microsoft Office: ========================= Error: (05/22/2015 01:57:08 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestF:\Downloads\esetsmartinstaller_deu.exe Error: (05/22/2015 01:53:31 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestF:\Downloads\esetsmartinstaller_deu.exe Error: (05/21/2015 04:26:49 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestc:\program files\CCleaner\CCleaner.exe Error: (05/21/2015 04:26:47 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (05/19/2015 07:23:09 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestc:\program files\CCleaner\CCleaner.exe Error: (05/19/2015 07:23:07 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (05/19/2015 04:45:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7535 Error: (05/19/2015 04:45:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7535 Error: (05/19/2015 04:45:28 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/19/2015 04:45:21 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcFailed continue stopping. [6] ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz Percentage of memory in use: 28% Total physical RAM: 8098.19 MB Available physical RAM: 5790.56 MB Total Pagefile: 16194.59 MB Available Pagefile: 13799.29 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.69 GB) (Free:37.64 GB) NTFS Drive d: (Volume) (Fixed) (Total:500 GB) (Free:86.31 GB) NTFS Drive e: (Volume) (Fixed) (Total:215.75 GB) (Free:132.37 GB) NTFS Drive f: (Volume) (Fixed) (Total:215.75 GB) (Free:75.58 GB) NTFS Drive g: (Volume) (Fixed) (Total:232.88 GB) (Free:104.95 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: CD339713) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0CF63428) Partition 1: (Not Active) - (Size=500 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=215.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=215.8 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 232.9 GB) (Disk ID: 698A5CBD) Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS) ==================== End of log ============================ Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 22.05.2015 Suchlauf-Zeit: 02:31:57 Logdatei: malwarebyteslog.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.05.21.04 Rootkit Datenbank: v2015.05.16.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Ash Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 359693 Verstrichene Zeit: 4 Min, 47 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 0 (Keine schädliche Elemente gefunden) Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) |
22.05.2015, 19:23 | #3 |
| Zugriff auf GMX durch dritte. Trojaner o.ä.? TDSS
__________________Code:
ATTFilter 02:56:50.0290 0x0e40 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04 02:56:59.0670 0x0e40 ============================================================ 02:56:59.0670 0x0e40 Current date / time: 2015/05/22 02:56:59.0670 02:56:59.0670 0x0e40 SystemInfo: 02:56:59.0670 0x0e40 02:56:59.0670 0x0e40 OS Version: 6.1.7601 ServicePack: 1.0 02:56:59.0670 0x0e40 Product type: Workstation 02:56:59.0670 0x0e40 ComputerName: ASH-PC 02:56:59.0670 0x0e40 UserName: Ash 02:56:59.0670 0x0e40 Windows directory: C:\Windows 02:56:59.0670 0x0e40 System windows directory: C:\Windows 02:56:59.0670 0x0e40 Running under WOW64 02:56:59.0670 0x0e40 Processor architecture: Intel x64 02:56:59.0671 0x0e40 Number of processors: 4 02:56:59.0671 0x0e40 Page size: 0x1000 02:56:59.0671 0x0e40 Boot type: Normal boot 02:56:59.0671 0x0e40 ============================================================ 02:57:00.0041 0x0e40 KLMD registered as C:\Windows\system32\drivers\40741303.sys 02:57:00.0115 0x0e40 System UUID: {DEEEEE00-86C4-78B0-F587-4E451E967D92} 02:57:00.0382 0x0e40 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 02:57:00.0398 0x0e40 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 02:57:00.0417 0x0e40 Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 02:57:00.0433 0x0e40 ============================================================ 02:57:00.0433 0x0e40 \Device\Harddisk0\DR0: 02:57:00.0433 0x0e40 MBR partitions: 02:57:00.0433 0x0e40 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 02:57:00.0433 0x0e40 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF62000 02:57:00.0434 0x0e40 \Device\Harddisk1\DR1: 02:57:00.0434 0x0e40 MBR partitions: 02:57:00.0434 0x0e40 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3E800000 02:57:00.0434 0x0e40 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3E800800, BlocksNum 0x1AF82800 02:57:00.0434 0x0e40 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x59783000, BlocksNum 0x1AF82800 02:57:00.0434 0x0e40 \Device\Harddisk2\DR2: 02:57:00.0442 0x0e40 MBR partitions: 02:57:00.0442 0x0e40 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800 02:57:00.0442 0x0e40 ============================================================ 02:57:00.0443 0x0e40 C: <-> \Device\Harddisk0\DR0\Partition2 02:57:00.0454 0x0e40 D: <-> \Device\Harddisk1\DR1\Partition1 02:57:00.0488 0x0e40 E: <-> \Device\Harddisk1\DR1\Partition2 02:57:00.0506 0x0e40 F: <-> \Device\Harddisk1\DR1\Partition3 02:57:00.0529 0x0e40 G: <-> \Device\Harddisk2\DR2\Partition1 02:57:00.0529 0x0e40 ============================================================ 02:57:00.0529 0x0e40 Initialize success 02:57:00.0529 0x0e40 ============================================================ 02:57:33.0941 0x1218 ============================================================ 02:57:33.0941 0x1218 Scan started 02:57:33.0941 0x1218 Mode: Manual; SigCheck; TDLFS; 02:57:33.0941 0x1218 ============================================================ 02:57:33.0941 0x1218 KSN ping started 02:57:47.0640 0x1218 KSN ping finished: true 02:57:47.0874 0x1218 ================ Scan system memory ======================== 02:57:47.0874 0x1218 System memory - ok 02:57:47.0874 0x1218 ================ Scan services ============================= 02:57:47.0905 0x1218 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 02:57:47.0936 0x1218 1394ohci - ok 02:57:47.0952 0x1218 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 02:57:47.0952 0x1218 ACPI - ok 02:57:47.0968 0x1218 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 02:57:47.0968 0x1218 AcpiPmi - ok 02:57:47.0983 0x1218 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 02:57:47.0999 0x1218 adp94xx - ok 02:57:48.0014 0x1218 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 02:57:48.0014 0x1218 adpahci - ok 02:57:48.0030 0x1218 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 02:57:48.0030 0x1218 adpu320 - ok 02:57:48.0046 0x1218 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 02:57:48.0046 0x1218 AeLookupSvc - ok 02:57:48.0061 0x1218 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys 02:57:48.0077 0x1218 AFD - ok 02:57:48.0077 0x1218 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 02:57:48.0092 0x1218 agp440 - ok 02:57:48.0092 0x1218 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 02:57:48.0092 0x1218 ALG - ok 02:57:48.0092 0x1218 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 02:57:48.0108 0x1218 aliide - ok 02:57:48.0108 0x1218 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 02:57:48.0108 0x1218 amdide - ok 02:57:48.0124 0x1218 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 02:57:48.0124 0x1218 AmdK8 - ok 02:57:48.0124 0x1218 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 02:57:48.0139 0x1218 AmdPPM - ok 02:57:48.0139 0x1218 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 02:57:48.0155 0x1218 amdsata - ok 02:57:48.0155 0x1218 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 02:57:48.0170 0x1218 amdsbs - ok 02:57:48.0170 0x1218 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 02:57:48.0170 0x1218 amdxata - ok 02:57:48.0170 0x1218 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys 02:57:48.0186 0x1218 AppID - ok 02:57:48.0186 0x1218 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll 02:57:48.0202 0x1218 AppIDSvc - ok 02:57:48.0202 0x1218 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 02:57:48.0202 0x1218 Appinfo - ok 02:57:48.0217 0x1218 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys 02:57:48.0217 0x1218 arc - ok 02:57:48.0233 0x1218 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 02:57:48.0233 0x1218 arcsas - ok 02:57:48.0248 0x1218 [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 02:57:48.0280 0x1218 asComSvc - ok 02:57:48.0295 0x1218 [ 5F1091FA113607C9C9B2ECF4FBC76F37, F4406635C555A942242F40CACEC7EFD2FED47103C191CB3C2EDF21EE78C8122E ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe 02:57:48.0326 0x1218 asHmComSvc - ok 02:57:48.0342 0x1218 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys 02:57:48.0342 0x1218 AsIO - ok 02:57:48.0358 0x1218 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 02:57:48.0358 0x1218 aspnet_state - ok 02:57:48.0373 0x1218 [ AD8947D621FDCA48F1F39F4624B60AA1, D685CD1A378FA411EA11C18615A1EC5D66CEC2F990DB0D4181EE3140B9DF3E8B ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe 02:57:48.0373 0x1218 AsSysCtrlService - ok 02:57:48.0404 0x1218 [ F0AE6B03CF6F46D57993EFFB209DD758, E311E380B0A618DE7F1D0D0C184C5C8BCC9B92A235E0C5CCC4BE532E34B1027D ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.03\AsusFanControlService.exe 02:57:48.0451 0x1218 AsusFanControlService - ok 02:57:48.0451 0x1218 [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys 02:57:48.0467 0x1218 aswHwid - ok 02:57:48.0467 0x1218 [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 02:57:48.0467 0x1218 aswMonFlt - ok 02:57:48.0482 0x1218 [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys 02:57:48.0482 0x1218 aswRdr - ok 02:57:48.0482 0x1218 [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys 02:57:48.0498 0x1218 aswRvrt - ok 02:57:48.0514 0x1218 [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 02:57:48.0529 0x1218 aswSnx - ok 02:57:48.0545 0x1218 [ B1368BE5F6BA529E0886F4DA2361BD2D, B95F430B4E4EFE9D257870722AA8F0507FB96FBE3AAB12068C662CCB6A180FE2 ] aswSP C:\Windows\system32\drivers\aswSP.sys 02:57:48.0545 0x1218 aswSP - ok 02:57:48.0545 0x1218 [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm C:\Windows\system32\drivers\aswStm.sys 02:57:48.0560 0x1218 aswStm - ok 02:57:48.0560 0x1218 [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys 02:57:48.0576 0x1218 aswVmm - ok 02:57:48.0576 0x1218 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 02:57:48.0592 0x1218 AsyncMac - ok 02:57:48.0607 0x1218 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 02:57:48.0607 0x1218 atapi - ok 02:57:48.0623 0x1218 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 02:57:48.0638 0x1218 AudioEndpointBuilder - ok 02:57:48.0654 0x1218 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll 02:57:48.0670 0x1218 AudioSrv - ok 02:57:48.0670 0x1218 [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 02:57:48.0685 0x1218 avast! Antivirus - ok 02:57:48.0701 0x1218 [ 53A2D65393D9F2F9DF8650385F2B9503, DD16F2076F8D1B75441E1B22A4D1E241818DD01C4B0CD7CDCD986A16CA21FC9F ] AVerAF35 C:\Windows\system32\Drivers\AVerAF35.sys 02:57:48.0716 0x1218 AVerAF35 - ok 02:57:48.0732 0x1218 [ 0BA47B92AAC60C9B527AFB7EB6BA9975, A82F1E41469D5171891629CB5BD0DAD403CC90BDAF564359B013F374E44ABD6C ] AVerRemote C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe 02:57:48.0732 0x1218 AVerRemote - detected UnsignedFile.Multi.Generic ( 1 ) 02:57:51.0930 0x1218 AVerRemote ( UnsignedFile.Multi.Generic ) - warning 02:57:54.0691 0x1218 [ 3094F37D17C9F91632689FFE9381FC4B, F60905DEA3168D88CA55F39ABAB46D0EA54CAD924784CB1029AE1BAD0656EAA8 ] AVerScheduleService C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe 02:57:54.0707 0x1218 AVerScheduleService - detected UnsignedFile.Multi.Generic ( 1 ) 02:57:57.0390 0x1218 Detect skipped due to KSN trusted 02:57:57.0390 0x1218 AVerScheduleService - ok 02:57:57.0406 0x1218 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 02:57:57.0421 0x1218 AxInstSV - ok 02:57:57.0437 0x1218 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 02:57:57.0452 0x1218 b06bdrv - ok 02:57:57.0468 0x1218 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 02:57:57.0484 0x1218 b57nd60a - ok 02:57:57.0484 0x1218 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 02:57:57.0484 0x1218 BDESVC - ok 02:57:57.0499 0x1218 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 02:57:57.0515 0x1218 Beep - ok 02:57:57.0530 0x1218 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 02:57:57.0546 0x1218 BFE - ok 02:57:57.0562 0x1218 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 02:57:57.0593 0x1218 BITS - ok 02:57:57.0608 0x1218 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 02:57:57.0608 0x1218 blbdrive - ok 02:57:57.0624 0x1218 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 02:57:57.0624 0x1218 Bonjour Service - ok 02:57:57.0640 0x1218 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 02:57:57.0640 0x1218 bowser - ok 02:57:57.0640 0x1218 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 02:57:57.0655 0x1218 BrFiltLo - ok 02:57:57.0655 0x1218 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 02:57:57.0671 0x1218 BrFiltUp - ok 02:57:57.0671 0x1218 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 02:57:57.0686 0x1218 Browser - ok 02:57:57.0686 0x1218 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 02:57:57.0702 0x1218 Brserid - ok 02:57:57.0702 0x1218 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 02:57:57.0718 0x1218 BrSerWdm - ok 02:57:57.0718 0x1218 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 02:57:57.0718 0x1218 BrUsbMdm - ok 02:57:57.0718 0x1218 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 02:57:57.0733 0x1218 BrUsbSer - ok 02:57:57.0733 0x1218 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 02:57:57.0749 0x1218 BTHMODEM - ok 02:57:57.0749 0x1218 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 02:57:57.0764 0x1218 bthserv - ok 02:57:57.0780 0x1218 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 02:57:57.0796 0x1218 cdfs - ok 02:57:57.0796 0x1218 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 02:57:57.0811 0x1218 cdrom - ok 02:57:57.0811 0x1218 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 02:57:57.0827 0x1218 CertPropSvc - ok 02:57:57.0842 0x1218 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 02:57:57.0842 0x1218 circlass - ok 02:57:57.0858 0x1218 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys 02:57:57.0858 0x1218 CLFS - ok 02:57:57.0874 0x1218 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 02:57:57.0874 0x1218 clr_optimization_v2.0.50727_32 - ok 02:57:57.0889 0x1218 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 02:57:57.0889 0x1218 clr_optimization_v2.0.50727_64 - ok 02:57:57.0905 0x1218 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 02:57:57.0905 0x1218 clr_optimization_v4.0.30319_32 - ok 02:57:57.0920 0x1218 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 02:57:57.0920 0x1218 clr_optimization_v4.0.30319_64 - ok 02:57:57.0920 0x1218 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 02:57:57.0936 0x1218 CmBatt - ok 02:57:57.0936 0x1218 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 02:57:57.0952 0x1218 cmdide - ok 02:57:57.0952 0x1218 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys 02:57:57.0967 0x1218 CNG - ok 02:57:57.0967 0x1218 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 02:57:57.0983 0x1218 Compbatt - ok 02:57:57.0983 0x1218 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 02:57:57.0998 0x1218 CompositeBus - ok 02:57:57.0998 0x1218 COMSysApp - ok 02:57:57.0998 0x1218 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 02:57:57.0998 0x1218 crcdisk - ok 02:57:58.0014 0x1218 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll 02:57:58.0014 0x1218 CryptSvc - ok 02:57:58.0030 0x1218 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 02:57:58.0061 0x1218 DcomLaunch - ok 02:57:58.0061 0x1218 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 02:57:58.0092 0x1218 defragsvc - ok 02:57:58.0092 0x1218 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 02:57:58.0123 0x1218 DfsC - ok 02:57:58.0123 0x1218 [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 02:57:58.0123 0x1218 dg_ssudbus - ok 02:57:58.0139 0x1218 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 02:57:58.0154 0x1218 Dhcp - ok 02:57:58.0170 0x1218 [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack C:\Windows\system32\diagtrack.dll 02:57:58.0201 0x1218 DiagTrack - ok 02:57:58.0201 0x1218 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 02:57:58.0217 0x1218 discache - ok 02:57:58.0232 0x1218 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys 02:57:58.0232 0x1218 Disk - ok 02:57:58.0232 0x1218 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 02:57:58.0248 0x1218 Dnscache - ok 02:57:58.0264 0x1218 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 02:57:58.0279 0x1218 dot3svc - ok 02:57:58.0279 0x1218 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 02:57:58.0310 0x1218 DPS - ok 02:57:58.0310 0x1218 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 02:57:58.0310 0x1218 drmkaud - ok 02:57:58.0326 0x1218 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys 02:57:58.0326 0x1218 dtsoftbus01 - ok 02:57:58.0357 0x1218 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 02:57:58.0373 0x1218 DXGKrnl - ok 02:57:58.0388 0x1218 [ 73F8DE25B04A66CE3BE5D09A10DE56E6, ABA5AA50D936897CC71D710BBCF9A1B1CCCAC290FCD10A710E4471C1CDDE1093 ] e1dexpress C:\Windows\system32\DRIVERS\e1d62x64.sys 02:57:58.0388 0x1218 e1dexpress - ok 02:57:58.0404 0x1218 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 02:57:58.0420 0x1218 EapHost - ok 02:57:58.0482 0x1218 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 02:57:58.0560 0x1218 ebdrv - ok 02:57:58.0560 0x1218 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS C:\Windows\System32\lsass.exe 02:57:58.0576 0x1218 EFS - ok 02:57:58.0591 0x1218 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 02:57:58.0607 0x1218 ehRecvr - ok 02:57:58.0607 0x1218 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 02:57:58.0622 0x1218 ehSched - ok 02:57:58.0638 0x1218 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 02:57:58.0654 0x1218 elxstor - ok 02:57:58.0654 0x1218 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 02:57:58.0654 0x1218 ErrDev - ok 02:57:58.0669 0x1218 [ 5C3BF188F182C26974646A13B0CA4715, 5115BDA0CEEF830DDF14AC9B95E328218EFEA35AED337DD936A2D8F275ADBFAF ] Eve C:\Windows\system32\DRIVERS\eve.sys 02:57:58.0669 0x1218 Eve - ok 02:57:58.0685 0x1218 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 02:57:58.0700 0x1218 EventSystem - ok 02:57:58.0716 0x1218 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 02:57:58.0732 0x1218 exfat - ok 02:57:58.0747 0x1218 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 02:57:58.0763 0x1218 fastfat - ok 02:57:58.0778 0x1218 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 02:57:58.0794 0x1218 Fax - ok 02:57:58.0810 0x1218 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys 02:57:58.0810 0x1218 fdc - ok 02:57:58.0810 0x1218 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 02:57:58.0841 0x1218 fdPHost - ok 02:57:58.0841 0x1218 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 02:57:58.0856 0x1218 FDResPub - ok 02:57:58.0856 0x1218 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 02:57:58.0872 0x1218 FileInfo - ok 02:57:58.0872 0x1218 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 02:57:58.0888 0x1218 Filetrace - ok 02:57:58.0888 0x1218 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 02:57:58.0903 0x1218 flpydisk - ok 02:57:58.0903 0x1218 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 02:57:58.0919 0x1218 FltMgr - ok 02:57:58.0934 0x1218 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll 02:57:58.0966 0x1218 FontCache - ok 02:57:58.0966 0x1218 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 02:57:58.0981 0x1218 FontCache3.0.0.0 - ok 02:57:58.0981 0x1218 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 02:57:58.0981 0x1218 FsDepends - ok 02:57:58.0981 0x1218 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 02:57:58.0997 0x1218 Fs_Rec - ok 02:57:58.0997 0x1218 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 02:57:59.0012 0x1218 fvevol - ok 02:57:59.0012 0x1218 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 02:57:59.0028 0x1218 gagp30kx - ok 02:57:59.0044 0x1218 [ C2730FE9713C1C474257A7085386B11E, 7D35D00D2B455841C8C9A87CE92885CD22F4B8B6690CB21443ED1B515117EF95 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 02:57:59.0059 0x1218 GfExperienceService - ok 02:57:59.0075 0x1218 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 02:57:59.0106 0x1218 gpsvc - ok 02:57:59.0122 0x1218 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 02:57:59.0122 0x1218 gupdate - ok 02:57:59.0122 0x1218 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 02:57:59.0137 0x1218 gupdatem - ok 02:57:59.0137 0x1218 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys 02:57:59.0137 0x1218 hamachi - ok 02:57:59.0184 0x1218 [ B2D769C3899865902706A924CED699C7, 0E80C639BB6EA4E4CCA537494E8F96CB921DEB91429FFD0E93BBE966EF792916 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 02:57:59.0231 0x1218 Hamachi2Svc - ok 02:57:59.0231 0x1218 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 02:57:59.0246 0x1218 hcw85cir - ok 02:57:59.0246 0x1218 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 02:57:59.0262 0x1218 HdAudAddService - ok 02:57:59.0278 0x1218 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 02:57:59.0293 0x1218 HDAudBus - ok 02:57:59.0293 0x1218 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 02:57:59.0309 0x1218 HidBatt - ok 02:57:59.0309 0x1218 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 02:57:59.0324 0x1218 HidBth - ok 02:57:59.0324 0x1218 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 02:57:59.0340 0x1218 HidIr - ok 02:57:59.0340 0x1218 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 02:57:59.0371 0x1218 hidserv - ok 02:57:59.0371 0x1218 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 02:57:59.0387 0x1218 HidUsb - ok 02:57:59.0387 0x1218 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 02:57:59.0402 0x1218 hkmsvc - ok 02:57:59.0418 0x1218 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 02:57:59.0434 0x1218 HomeGroupListener - ok 02:57:59.0434 0x1218 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 02:57:59.0449 0x1218 HomeGroupProvider - ok 02:57:59.0449 0x1218 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 02:57:59.0465 0x1218 HpSAMD - ok 02:57:59.0480 0x1218 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys 02:57:59.0496 0x1218 HTTP - ok 02:57:59.0496 0x1218 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 02:57:59.0512 0x1218 hwpolicy - ok 02:57:59.0512 0x1218 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 02:57:59.0527 0x1218 i8042prt - ok 02:57:59.0543 0x1218 [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys 02:57:59.0558 0x1218 iaStorA - ok 02:57:59.0558 0x1218 [ CE5CD8CBE940965867D507AB8EA2795A, 1CC2C23A1436E4C911DD3B942D8F6DABB7249AB04426F9AB6B6045034226DD25 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys 02:57:59.0558 0x1218 iaStorF - ok 02:57:59.0574 0x1218 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 02:57:59.0590 0x1218 iaStorV - ok 02:57:59.0590 0x1218 [ D9A9FFC89F61CAD4AD9EF31FBB17E634, F81184889B30DA8947F22A9C9ED5C542295ED70F0A1C27D1C91BAC21F4BCD987 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe 02:57:59.0605 0x1218 ICCS - ok 02:57:59.0605 0x1218 [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe 02:57:59.0621 0x1218 IDriverT - detected UnsignedFile.Multi.Generic ( 1 ) 02:58:02.0413 0x1218 Detect skipped due to KSN trusted 02:58:02.0413 0x1218 IDriverT - ok 02:58:02.0460 0x1218 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 02:58:02.0491 0x1218 idsvc - ok 02:58:02.0491 0x1218 IEEtwCollectorService - ok 02:58:02.0491 0x1218 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 02:58:02.0507 0x1218 iirsp - ok 02:58:02.0522 0x1218 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 02:58:02.0538 0x1218 IKEEXT - ok 02:58:02.0600 0x1218 [ 2BEE14AC102CF1259AC99ABF53291A8B, 45FAF81302E7A575D378A67F4EF75C89FDDE3B16AC3155BB2803A54D3A7B0DD3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 02:58:02.0663 0x1218 IntcAzAudAddService - ok 02:58:02.0678 0x1218 [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 02:58:02.0694 0x1218 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 ) 02:58:05.0486 0x1218 Detect skipped due to KSN trusted 02:58:05.0486 0x1218 Intel(R) Capability Licensing Service Interface - ok 02:58:05.0518 0x1218 [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 02:58:05.0549 0x1218 Intel(R) Capability Licensing Service TCP IP Interface - ok 02:58:05.0549 0x1218 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 02:58:05.0564 0x1218 intelide - ok 02:58:05.0564 0x1218 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 02:58:05.0564 0x1218 intelppm - ok 02:58:05.0580 0x1218 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 02:58:05.0596 0x1218 IPBusEnum - ok 02:58:05.0596 0x1218 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 02:58:05.0611 0x1218 IpFilterDriver - ok 02:58:05.0627 0x1218 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 02:58:05.0642 0x1218 iphlpsvc - ok 02:58:05.0658 0x1218 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 02:58:05.0658 0x1218 IPMIDRV - ok 02:58:05.0674 0x1218 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 02:58:05.0689 0x1218 IPNAT - ok 02:58:05.0689 0x1218 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 02:58:05.0705 0x1218 IRENUM - ok 02:58:05.0705 0x1218 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 02:58:05.0705 0x1218 isapnp - ok 02:58:05.0720 0x1218 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 02:58:05.0736 0x1218 iScsiPrt - ok 02:58:05.0736 0x1218 [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys 02:58:05.0736 0x1218 iusb3hcs - ok 02:58:05.0752 0x1218 [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys 02:58:05.0752 0x1218 iusb3hub - ok 02:58:05.0767 0x1218 [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys 02:58:05.0783 0x1218 iusb3xhc - ok 02:58:05.0798 0x1218 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 02:58:05.0798 0x1218 jhi_service - ok 02:58:05.0798 0x1218 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 02:58:05.0814 0x1218 kbdclass - ok 02:58:05.0814 0x1218 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 02:58:05.0814 0x1218 kbdhid - ok 02:58:05.0830 0x1218 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso C:\Windows\system32\lsass.exe 02:58:05.0830 0x1218 KeyIso - ok 02:58:05.0830 0x1218 [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 02:58:05.0845 0x1218 KSecDD - ok 02:58:05.0845 0x1218 [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 02:58:05.0861 0x1218 KSecPkg - ok 02:58:05.0861 0x1218 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 02:58:05.0876 0x1218 ksthunk - ok 02:58:05.0876 0x1218 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 02:58:05.0908 0x1218 KtmRm - ok 02:58:05.0923 0x1218 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 02:58:05.0939 0x1218 LanmanServer - ok 02:58:05.0939 0x1218 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 02:58:05.0970 0x1218 LanmanWorkstation - ok 02:58:05.0970 0x1218 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys 02:58:05.0970 0x1218 LGBusEnum - ok 02:58:05.0970 0x1218 [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys 02:58:05.0986 0x1218 LGSHidFilt - ok 02:58:05.0986 0x1218 [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys 02:58:05.0986 0x1218 LGSUsbFilt - ok 02:58:06.0001 0x1218 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys 02:58:06.0001 0x1218 LGVirHid - ok 02:58:06.0001 0x1218 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 02:58:06.0017 0x1218 lltdio - ok 02:58:06.0032 0x1218 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 02:58:06.0064 0x1218 lltdsvc - ok 02:58:06.0064 0x1218 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 02:58:06.0079 0x1218 lmhosts - ok 02:58:06.0095 0x1218 [ DECDC94EE980974EDFE4663B28A127C1, 9546F6B6F049EAD3D503A18CA106A1716AFE46CA40769D3DB128A3C152E02D30 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe 02:58:06.0095 0x1218 LMIGuardianSvc - ok 02:58:06.0110 0x1218 [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 02:58:06.0126 0x1218 LMS - ok 02:58:06.0126 0x1218 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 02:58:06.0142 0x1218 LSI_FC - ok 02:58:06.0142 0x1218 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 02:58:06.0142 0x1218 LSI_SAS - ok 02:58:06.0157 0x1218 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 02:58:06.0157 0x1218 LSI_SAS2 - ok 02:58:06.0157 0x1218 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 02:58:06.0173 0x1218 LSI_SCSI - ok 02:58:06.0173 0x1218 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 02:58:06.0204 0x1218 luafv - ok 02:58:06.0204 0x1218 [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 02:58:06.0204 0x1218 MBAMProtector - ok 02:58:06.0220 0x1218 [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 02:58:06.0235 0x1218 MBAMService - ok 02:58:06.0251 0x1218 [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 02:58:06.0251 0x1218 MBAMWebAccessControl - ok 02:58:06.0251 0x1218 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 02:58:06.0266 0x1218 Mcx2Svc - ok 02:58:06.0266 0x1218 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 02:58:06.0266 0x1218 megasas - ok 02:58:06.0282 0x1218 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 02:58:06.0298 0x1218 MegaSR - ok 02:58:06.0298 0x1218 [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys 02:58:06.0298 0x1218 MEIx64 - ok 02:58:06.0313 0x1218 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 02:58:06.0329 0x1218 MMCSS - ok 02:58:06.0329 0x1218 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 02:58:06.0344 0x1218 Modem - ok 02:58:06.0360 0x1218 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 02:58:06.0360 0x1218 monitor - ok 02:58:06.0360 0x1218 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 02:58:06.0376 0x1218 mouclass - ok 02:58:06.0376 0x1218 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 02:58:06.0376 0x1218 mouhid - ok 02:58:06.0391 0x1218 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 02:58:06.0391 0x1218 mountmgr - ok 02:58:06.0391 0x1218 [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 02:58:06.0407 0x1218 MozillaMaintenance - ok 02:58:06.0407 0x1218 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 02:58:06.0422 0x1218 mpio - ok 02:58:06.0422 0x1218 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 02:58:06.0438 0x1218 mpsdrv - ok 02:58:06.0469 0x1218 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 02:58:06.0500 0x1218 MpsSvc - ok 02:58:06.0500 0x1218 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 02:58:06.0516 0x1218 MRxDAV - ok 02:58:06.0516 0x1218 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 02:58:06.0532 0x1218 mrxsmb - ok 02:58:06.0532 0x1218 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 02:58:06.0547 0x1218 mrxsmb10 - ok 02:58:06.0563 0x1218 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 02:58:06.0563 0x1218 mrxsmb20 - ok 02:58:06.0563 0x1218 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 02:58:06.0578 0x1218 msahci - ok 02:58:06.0578 0x1218 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe 02:58:06.0578 0x1218 MSCamSvc - ok 02:58:06.0594 0x1218 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 02:58:06.0594 0x1218 msdsm - ok 02:58:06.0594 0x1218 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 02:58:06.0610 0x1218 MSDTC - ok 02:58:06.0610 0x1218 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 02:58:06.0641 0x1218 Msfs - ok 02:58:06.0641 0x1218 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 02:58:06.0656 0x1218 mshidkmdf - ok 02:58:06.0656 0x1218 [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys 02:58:06.0672 0x1218 MSHUSBVideo - ok 02:58:06.0672 0x1218 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 02:58:06.0672 0x1218 msisadrv - ok 02:58:06.0672 0x1218 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 02:58:06.0703 0x1218 MSiSCSI - ok 02:58:06.0703 0x1218 msiserver - ok 02:58:06.0703 0x1218 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 02:58:06.0719 0x1218 MSKSSRV - ok 02:58:06.0734 0x1218 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 02:58:06.0750 0x1218 MSPCLOCK - ok 02:58:06.0750 0x1218 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 02:58:06.0766 0x1218 MSPQM - ok 02:58:06.0781 0x1218 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 02:58:06.0781 0x1218 MsRPC - ok 02:58:06.0797 0x1218 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 02:58:06.0797 0x1218 mssmbios - ok 02:58:06.0797 0x1218 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 02:58:06.0812 0x1218 MSTEE - ok 02:58:06.0828 0x1218 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 02:58:06.0828 0x1218 MTConfig - ok 02:58:06.0828 0x1218 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 02:58:06.0844 0x1218 Mup - ok 02:58:06.0844 0x1218 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 02:58:06.0875 0x1218 napagent - ok 02:58:06.0890 0x1218 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 02:58:06.0906 0x1218 NativeWifiP - ok 02:58:06.0922 0x1218 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 02:58:06.0937 0x1218 NDIS - ok 02:58:06.0953 0x1218 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 02:58:06.0968 0x1218 NdisCap - ok 02:58:06.0968 0x1218 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 02:58:06.0984 0x1218 NdisTapi - ok 02:58:06.0984 0x1218 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 02:58:07.0015 0x1218 Ndisuio - ok 02:58:07.0015 0x1218 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 02:58:07.0031 0x1218 NdisWan - ok 02:58:07.0046 0x1218 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 02:58:07.0062 0x1218 NDProxy - ok 02:58:07.0062 0x1218 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 02:58:07.0078 0x1218 NetBIOS - ok 02:58:07.0093 0x1218 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 02:58:07.0109 0x1218 NetBT - ok 02:58:07.0109 0x1218 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon C:\Windows\system32\lsass.exe 02:58:07.0124 0x1218 Netlogon - ok 02:58:07.0124 0x1218 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 02:58:07.0156 0x1218 Netman - ok 02:58:07.0156 0x1218 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 02:58:07.0171 0x1218 NetMsmqActivator - ok 02:58:07.0171 0x1218 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 02:58:07.0187 0x1218 NetPipeActivator - ok 02:58:07.0202 0x1218 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 02:58:07.0218 0x1218 netprofm - ok 02:58:07.0234 0x1218 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 02:58:07.0234 0x1218 NetTcpActivator - ok 02:58:07.0234 0x1218 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 02:58:07.0249 0x1218 NetTcpPortSharing - ok 02:58:07.0249 0x1218 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 02:58:07.0265 0x1218 nfrd960 - ok 02:58:07.0265 0x1218 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 02:58:07.0280 0x1218 NlaSvc - ok 02:58:07.0280 0x1218 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] npf C:\Windows\system32\drivers\npf.sys 02:58:07.0280 0x1218 npf - ok 02:58:07.0280 0x1218 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 02:58:07.0312 0x1218 Npfs - ok 02:58:07.0312 0x1218 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 02:58:07.0327 0x1218 nsi - ok 02:58:07.0327 0x1218 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 02:58:07.0358 0x1218 nsiproxy - ok 02:58:07.0390 0x1218 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 02:58:07.0421 0x1218 Ntfs - ok 02:58:07.0436 0x1218 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 02:58:07.0452 0x1218 Null - ok 02:58:07.0452 0x1218 NVHDA - ok 02:58:07.0592 0x1218 [ ECC732D5185408FCC323E56D30170848, 7A7A6C410B65DBB1D59653598D7E5414054588BB88505BE68BFFF0378FD555F3 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 02:58:07.0733 0x1218 nvlddmkm - ok 02:58:07.0780 0x1218 [ F9CF3FB8DD81B390783532B3C98D6976, 8C94638136CFAEB3ED6DD7CE2059E98B64B15918DDB0796CC0B88474EE99F5BF ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 02:58:07.0811 0x1218 NvNetworkService - ok 02:58:07.0811 0x1218 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 02:58:07.0826 0x1218 nvraid - ok 02:58:07.0826 0x1218 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 02:58:07.0842 0x1218 nvstor - ok 02:58:07.0842 0x1218 [ 3A7B0570D896602E37EAF80EC3D1615A, 1F5A71432F96731115ADA2A50E605923666188D08F9FD748424AB6588D0E1482 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 02:58:07.0842 0x1218 NvStreamKms - ok 02:58:07.0842 0x1218 NvStreamSvc - ok 02:58:07.0858 0x1218 [ 2AF7D8BCD8912FC16AA15268CDCF2454, 3A2E5ADFC6213A6EA83F78026518EC7EE0DD4BBA7C210CB7A41007BB57DC0636 ] nvsvc C:\Windows\system32\nvvsvc.exe 02:58:07.0889 0x1218 nvsvc - ok 02:58:07.0889 0x1218 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys 02:58:07.0889 0x1218 nvvad_WaveExtensible - ok 02:58:07.0904 0x1218 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 02:58:07.0904 0x1218 nv_agp - ok 02:58:07.0904 0x1218 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 02:58:07.0920 0x1218 ohci1394 - ok 02:58:08.0014 0x1218 [ 4E2D0656946F2A19FED1C60E0E4FC1AF, 5551D5BD89EB650C5485BBB58DAA5473044B7C967B72687A27430FA9A1E812FE ] Origin Client Service E:\Origin\OriginClientService.exe 02:58:08.0076 0x1218 Origin Client Service - ok 02:58:08.0092 0x1218 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 02:58:08.0107 0x1218 p2pimsvc - ok 02:58:08.0123 0x1218 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 02:58:08.0138 0x1218 p2psvc - ok 02:58:08.0138 0x1218 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys 02:58:08.0154 0x1218 Parport - ok 02:58:08.0154 0x1218 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 02:58:08.0170 0x1218 partmgr - ok 02:58:08.0170 0x1218 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll 02:58:08.0185 0x1218 PcaSvc - ok 02:58:08.0185 0x1218 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 02:58:08.0201 0x1218 pci - ok 02:58:08.0201 0x1218 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 02:58:08.0201 0x1218 pciide - ok 02:58:08.0216 0x1218 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 02:58:08.0216 0x1218 pcmcia - ok 02:58:08.0232 0x1218 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 02:58:08.0232 0x1218 pcw - ok 02:58:08.0248 0x1218 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 02:58:08.0263 0x1218 PEAUTH - ok 02:58:08.0279 0x1218 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 02:58:08.0294 0x1218 PerfHost - ok 02:58:08.0326 0x1218 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 02:58:08.0372 0x1218 pla - ok 02:58:08.0388 0x1218 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 02:58:08.0404 0x1218 PlugPlay - ok 02:58:08.0404 0x1218 PnkBstrA - ok 02:58:08.0404 0x1218 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 02:58:08.0419 0x1218 PNRPAutoReg - ok 02:58:08.0419 0x1218 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 02:58:08.0435 0x1218 PNRPsvc - ok 02:58:08.0450 0x1218 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 02:58:08.0466 0x1218 PolicyAgent - ok 02:58:08.0482 0x1218 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 02:58:08.0497 0x1218 Power - ok 02:58:08.0513 0x1218 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 02:58:08.0528 0x1218 PptpMiniport - ok 02:58:08.0528 0x1218 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys 02:58:08.0544 0x1218 Processor - ok 02:58:08.0544 0x1218 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 02:58:08.0560 0x1218 ProfSvc - ok 02:58:08.0560 0x1218 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe 02:58:08.0560 0x1218 ProtectedStorage - ok 02:58:08.0575 0x1218 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 02:58:08.0591 0x1218 Psched - ok 02:58:08.0622 0x1218 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 02:58:08.0653 0x1218 ql2300 - ok 02:58:08.0669 0x1218 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 02:58:08.0669 0x1218 ql40xx - ok 02:58:08.0684 0x1218 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 02:58:08.0700 0x1218 QWAVE - ok 02:58:08.0700 0x1218 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 02:58:08.0716 0x1218 QWAVEdrv - ok 02:58:08.0716 0x1218 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 02:58:08.0731 0x1218 RasAcd - ok 02:58:08.0731 0x1218 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 02:58:08.0762 0x1218 RasAgileVpn - ok 02:58:08.0762 0x1218 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 02:58:08.0778 0x1218 RasAuto - ok 02:58:08.0778 0x1218 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 02:58:08.0809 0x1218 Rasl2tp - ok 02:58:08.0809 0x1218 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 02:58:08.0840 0x1218 RasMan - ok 02:58:08.0840 0x1218 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 02:58:08.0872 0x1218 RasPppoe - ok 02:58:08.0872 0x1218 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 02:58:08.0887 0x1218 RasSstp - ok 02:58:08.0903 0x1218 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 02:58:08.0918 0x1218 rdbss - ok 02:58:08.0918 0x1218 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 02:58:08.0934 0x1218 rdpbus - ok 02:58:08.0934 0x1218 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 02:58:08.0950 0x1218 RDPCDD - ok 02:58:08.0965 0x1218 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 02:58:08.0981 0x1218 RDPENCDD - ok 02:58:08.0981 0x1218 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 02:58:08.0996 0x1218 RDPREFMP - ok 02:58:09.0012 0x1218 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 02:58:09.0012 0x1218 RDPWD - ok 02:58:09.0028 0x1218 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 02:58:09.0028 0x1218 rdyboost - ok 02:58:09.0043 0x1218 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 02:58:09.0059 0x1218 RemoteAccess - ok 02:58:09.0059 0x1218 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 02:58:09.0090 0x1218 RemoteRegistry - ok 02:58:09.0090 0x1218 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 02:58:09.0106 0x1218 RpcEptMapper - ok 02:58:09.0121 0x1218 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 02:58:09.0121 0x1218 RpcLocator - ok 02:58:09.0137 0x1218 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 02:58:09.0152 0x1218 RpcSs - ok 02:58:09.0168 0x1218 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 02:58:09.0184 0x1218 rspndr - ok 02:58:09.0199 0x1218 [ 7461D3DA1AABB5F703504E958455A900, B77D36E095A476A8191C1771539F20529F82CACF3C945BF55D64C39EEF09D0EA ] RTL8192cu C:\Windows\system32\DRIVERS\RTL8192cu.sys 02:58:09.0215 0x1218 RTL8192cu - ok 02:58:09.0215 0x1218 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs C:\Windows\system32\lsass.exe 02:58:09.0230 0x1218 SamSs - ok 02:58:09.0230 0x1218 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 02:58:09.0246 0x1218 sbp2port - ok 02:58:09.0246 0x1218 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 02:58:09.0277 0x1218 SCardSvr - ok 02:58:09.0277 0x1218 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 02:58:09.0293 0x1218 scfilter - ok 02:58:09.0324 0x1218 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 02:58:09.0355 0x1218 Schedule - ok 02:58:09.0371 0x1218 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 02:58:09.0386 0x1218 SCPolicySvc - ok 02:58:09.0386 0x1218 [ 1CA5A783B10EC897FCE91CF220D6C517, DCBCD9E90C73F883B9A55D972CF99F25373049B7684E6738E1E213A20369A5E6 ] scvad_simple C:\Windows\system32\drivers\SplitCamAudio.sys 02:58:09.0386 0x1218 scvad_simple - ok 02:58:09.0402 0x1218 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 02:58:09.0402 0x1218 SDRSVC - ok 02:58:09.0418 0x1218 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 02:58:09.0433 0x1218 secdrv - ok 02:58:09.0433 0x1218 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 02:58:09.0449 0x1218 seclogon - ok 02:58:09.0464 0x1218 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 02:58:09.0480 0x1218 SENS - ok 02:58:09.0480 0x1218 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 02:58:09.0496 0x1218 SensrSvc - ok 02:58:09.0496 0x1218 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 02:58:09.0496 0x1218 Serenum - ok 02:58:09.0511 0x1218 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 02:58:09.0511 0x1218 Serial - ok 02:58:09.0511 0x1218 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 02:58:09.0527 0x1218 sermouse - ok 02:58:09.0527 0x1218 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 02:58:09.0558 0x1218 SessionEnv - ok 02:58:09.0558 0x1218 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 02:58:09.0574 0x1218 sffdisk - ok 02:58:09.0574 0x1218 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 02:58:09.0574 0x1218 sffp_mmc - ok 02:58:09.0589 0x1218 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 02:58:09.0589 0x1218 sffp_sd - ok 02:58:09.0589 0x1218 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 02:58:09.0605 0x1218 sfloppy - ok 02:58:09.0605 0x1218 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 02:58:09.0636 0x1218 SharedAccess - ok 02:58:09.0652 0x1218 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 02:58:09.0683 0x1218 ShellHWDetection - ok 02:58:09.0683 0x1218 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 02:58:09.0683 0x1218 SiSRaid2 - ok 02:58:09.0683 0x1218 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 02:58:09.0698 0x1218 SiSRaid4 - ok 02:58:09.0698 0x1218 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 02:58:09.0730 0x1218 Smb - ok 02:58:09.0730 0x1218 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 02:58:09.0730 0x1218 SNMPTRAP - ok 02:58:09.0745 0x1218 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 02:58:09.0745 0x1218 spldr - ok 02:58:09.0761 0x1218 [ 8FD02AA2AB0A0EB8960E54833C779AC7, D5B63AE609D615E1E8CCCDDB6706CFC5A81190E1C16F521BD044760A3EF889F3 ] SpliCamService C:\Program Files (x86)\SplitCam\SplitCamService.exe 02:58:09.0761 0x1218 SpliCamService - ok 02:58:09.0761 0x1218 [ 64065FFE37680ACACE4D2C8F3CF20541, F6D2883509C6B49180385AE850A6A50052C6450B7CC3DAFDEF551895EE37D444 ] splitcam_hd_driver C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys 02:58:09.0776 0x1218 splitcam_hd_driver - ok 02:58:09.0792 0x1218 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 02:58:09.0808 0x1218 Spooler - ok 02:58:09.0870 0x1218 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 02:58:09.0948 0x1218 sppsvc - ok 02:58:09.0948 0x1218 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 02:58:09.0979 0x1218 sppuinotify - ok 02:58:09.0979 0x1218 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 02:58:09.0995 0x1218 srv - ok 02:58:10.0010 0x1218 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 02:58:10.0026 0x1218 srv2 - ok 02:58:10.0026 0x1218 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 02:58:10.0042 0x1218 srvnet - ok 02:58:10.0042 0x1218 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 02:58:10.0073 0x1218 SSDPSRV - ok 02:58:10.0073 0x1218 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 02:58:10.0088 0x1218 SstpSvc - ok 02:58:10.0104 0x1218 [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 02:58:10.0104 0x1218 ssudmdm - ok 02:58:10.0120 0x1218 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe 02:58:10.0151 0x1218 ss_conn_service - ok 02:58:10.0151 0x1218 [ 0398BF35F898BA77033E678609AAB64F, E48D2E1E1C8FD314340BA1AA69E8942F630139B1E7019C8828BA5525444320D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 02:58:10.0182 0x1218 Steam Client Service - ok 02:58:10.0182 0x1218 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 02:58:10.0182 0x1218 stexstor - ok 02:58:10.0182 0x1218 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 02:58:10.0198 0x1218 StillCam - ok 02:58:10.0198 0x1218 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 02:58:10.0229 0x1218 stisvc - ok 02:58:10.0229 0x1218 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 02:58:10.0229 0x1218 swenum - ok 02:58:10.0244 0x1218 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 02:58:10.0276 0x1218 swprv - ok 02:58:10.0307 0x1218 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 02:58:10.0354 0x1218 SysMain - ok 02:58:10.0369 0x1218 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 02:58:10.0369 0x1218 TabletInputService - ok 02:58:10.0385 0x1218 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys 02:58:10.0385 0x1218 tap0901 - ok 02:58:10.0385 0x1218 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 02:58:10.0416 0x1218 TapiSrv - ok 02:58:10.0416 0x1218 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 02:58:10.0447 0x1218 TBS - ok 02:58:10.0478 0x1218 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 02:58:10.0525 0x1218 Tcpip - ok 02:58:10.0556 0x1218 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 02:58:10.0588 0x1218 TCPIP6 - ok 02:58:10.0603 0x1218 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 02:58:10.0603 0x1218 tcpipreg - ok 02:58:10.0603 0x1218 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 02:58:10.0619 0x1218 TDPIPE - ok 02:58:10.0619 0x1218 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 02:58:10.0634 0x1218 TDTCP - ok 02:58:10.0634 0x1218 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys 02:58:10.0650 0x1218 tdx - ok 02:58:10.0728 0x1218 [ 6CA83C69643E7BF144A428B7BDC7D630, DB015BA4428509E1D5BE74FEFB446A29D316564617EB15A379424B3FCE3B74A9 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe 02:58:10.0806 0x1218 TeamViewer - ok 02:58:10.0806 0x1218 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 02:58:10.0822 0x1218 TermDD - ok 02:58:10.0837 0x1218 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 02:58:10.0853 0x1218 TermService - ok 02:58:10.0853 0x1218 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 02:58:10.0868 0x1218 Themes - ok 02:58:10.0868 0x1218 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 02:58:10.0884 0x1218 THREADORDER - ok 02:58:10.0900 0x1218 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 02:58:10.0915 0x1218 TrkWks - ok 02:58:10.0915 0x1218 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 02:58:10.0946 0x1218 TrustedInstaller - ok 02:58:10.0946 0x1218 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 02:58:10.0962 0x1218 tssecsrv - ok 02:58:10.0962 0x1218 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 02:58:10.0962 0x1218 TsUsbFlt - ok 02:58:10.0962 0x1218 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 02:58:10.0993 0x1218 tunnel - ok 02:58:10.0993 0x1218 [ A070ABB9D85582B2BECADBE6FCD12350, 3EBFA349F87933E20C4EADA2FA2E64206CCAC70DFB8B52C2E41670FFB16D7336 ] t_mouse.sys C:\Windows\system32\DRIVERS\t_mouse.sys 02:58:10.0993 0x1218 t_mouse.sys - ok 02:58:11.0009 0x1218 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 02:58:11.0009 0x1218 uagp35 - ok 02:58:11.0024 0x1218 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 02:58:11.0040 0x1218 udfs - ok 02:58:11.0040 0x1218 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 02:58:11.0056 0x1218 UI0Detect - ok 02:58:11.0056 0x1218 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 02:58:11.0071 0x1218 uliagpkx - ok 02:58:11.0071 0x1218 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 02:58:11.0071 0x1218 umbus - ok 02:58:11.0087 0x1218 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 02:58:11.0087 0x1218 UmPass - ok 02:58:11.0102 0x1218 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 02:58:11.0118 0x1218 upnphost - ok 02:58:11.0134 0x1218 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 02:58:11.0134 0x1218 usbaudio - ok 02:58:11.0134 0x1218 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 02:58:11.0149 0x1218 usbccgp - ok 02:58:11.0149 0x1218 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 02:58:11.0165 0x1218 usbcir - ok 02:58:11.0165 0x1218 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 02:58:11.0180 0x1218 usbehci - ok 02:58:11.0180 0x1218 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 02:58:11.0196 0x1218 usbhub - ok 02:58:11.0212 0x1218 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 02:58:11.0212 0x1218 usbohci - ok 02:58:11.0212 0x1218 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 02:58:11.0227 0x1218 usbprint - ok 02:58:11.0227 0x1218 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 02:58:11.0243 0x1218 USBSTOR - ok 02:58:11.0243 0x1218 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 02:58:11.0243 0x1218 usbuhci - ok 02:58:11.0243 0x1218 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 02:58:11.0258 0x1218 usbvideo - ok 02:58:11.0258 0x1218 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 02:58:11.0290 0x1218 UxSms - ok 02:58:11.0290 0x1218 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc C:\Windows\system32\lsass.exe 02:58:11.0290 0x1218 VaultSvc - ok 02:58:11.0305 0x1218 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 02:58:11.0305 0x1218 vdrvroot - ok 02:58:11.0321 0x1218 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 02:58:11.0352 0x1218 vds - ok 02:58:11.0352 0x1218 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 02:58:11.0352 0x1218 vga - ok 02:58:11.0368 0x1218 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 02:58:11.0383 0x1218 VgaSave - ok 02:58:11.0383 0x1218 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 02:58:11.0399 0x1218 vhdmp - ok 02:58:11.0399 0x1218 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 02:58:11.0399 0x1218 viaide - ok 02:58:11.0414 0x1218 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 02:58:11.0414 0x1218 volmgr - ok 02:58:11.0430 0x1218 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 02:58:11.0430 0x1218 volmgrx - ok 02:58:11.0446 0x1218 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys 02:58:11.0461 0x1218 volsnap - ok 02:58:11.0461 0x1218 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 02:58:11.0477 0x1218 vsmraid - ok 02:58:11.0508 0x1218 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 02:58:11.0555 0x1218 VSS - ok 02:58:11.0555 0x1218 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 02:58:11.0570 0x1218 vwifibus - ok 02:58:11.0570 0x1218 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 02:58:11.0586 0x1218 vwififlt - ok 02:58:11.0586 0x1218 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 02:58:11.0617 0x1218 W32Time - ok 02:58:11.0617 0x1218 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 02:58:11.0633 0x1218 WacomPen - ok 02:58:11.0633 0x1218 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 02:58:11.0664 0x1218 WANARP - ok 02:58:11.0664 0x1218 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 02:58:11.0680 0x1218 Wanarpv6 - ok 02:58:11.0711 0x1218 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 02:58:11.0742 0x1218 wbengine - ok 02:58:11.0742 0x1218 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 02:58:11.0758 0x1218 WbioSrvc - ok 02:58:11.0773 0x1218 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 02:58:11.0789 0x1218 wcncsvc - ok 02:58:11.0789 0x1218 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 02:58:11.0804 0x1218 WcsPlugInService - ok 02:58:11.0804 0x1218 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys 02:58:11.0820 0x1218 Wd - ok 02:58:11.0836 0x1218 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 02:58:11.0851 0x1218 Wdf01000 - ok 02:58:11.0851 0x1218 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 02:58:11.0867 0x1218 WdiServiceHost - ok 02:58:11.0867 0x1218 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 02:58:11.0867 0x1218 WdiSystemHost - ok 02:58:11.0882 0x1218 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 02:58:11.0898 0x1218 WebClient - ok 02:58:11.0898 0x1218 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 02:58:11.0929 0x1218 Wecsvc - ok 02:58:11.0929 0x1218 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 02:58:11.0945 0x1218 wercplsupport - ok 02:58:11.0960 0x1218 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 02:58:11.0976 0x1218 WerSvc - ok 02:58:11.0976 0x1218 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 02:58:11.0992 0x1218 WfpLwf - ok 02:58:12.0007 0x1218 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 02:58:12.0007 0x1218 WIMMount - ok 02:58:12.0007 0x1218 WinDefend - ok 02:58:12.0007 0x1218 WinHttpAutoProxySvc - ok 02:58:12.0023 0x1218 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 02:58:12.0038 0x1218 Winmgmt - ok 02:58:12.0085 0x1218 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll 02:58:12.0116 0x1218 WinRM - ok 02:58:12.0132 0x1218 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys 02:58:12.0132 0x1218 WinUsb - ok 02:58:12.0163 0x1218 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 02:58:12.0179 0x1218 Wlansvc - ok 02:58:12.0194 0x1218 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 02:58:12.0194 0x1218 WmiAcpi - ok 02:58:12.0194 0x1218 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 02:58:12.0210 0x1218 wmiApSrv - ok 02:58:12.0210 0x1218 WMPNetworkSvc - ok 02:58:12.0226 0x1218 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 02:58:12.0226 0x1218 WPCSvc - ok 02:58:12.0226 0x1218 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 02:58:12.0241 0x1218 WPDBusEnum - ok 02:58:12.0241 0x1218 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 02:58:12.0272 0x1218 ws2ifsl - ok 02:58:12.0272 0x1218 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 02:58:12.0288 0x1218 wscsvc - ok 02:58:12.0288 0x1218 WSearch - ok 02:58:12.0319 0x1218 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll 02:58:12.0366 0x1218 wuauserv - ok 02:58:12.0382 0x1218 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 02:58:12.0382 0x1218 WudfPf - ok 02:58:12.0397 0x1218 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\drivers\WUDFRd.sys 02:58:12.0397 0x1218 WUDFRd - ok 02:58:12.0397 0x1218 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 02:58:12.0413 0x1218 wudfsvc - ok 02:58:12.0428 0x1218 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 02:58:12.0428 0x1218 WwanSvc - ok 02:58:12.0444 0x1218 ================ Scan global =============================== 02:58:12.0444 0x1218 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 02:58:12.0444 0x1218 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll 02:58:12.0460 0x1218 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll 02:58:12.0460 0x1218 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 02:58:12.0475 0x1218 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 02:58:12.0475 0x1218 [ Global ] - ok 02:58:12.0475 0x1218 ================ Scan MBR ================================== 02:58:12.0475 0x1218 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 02:58:12.0506 0x1218 \Device\Harddisk0\DR0 - ok 02:58:12.0538 0x1218 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 02:58:12.0600 0x1218 \Device\Harddisk1\DR1 - ok 02:58:12.0616 0x1218 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk2\DR2 02:58:12.0678 0x1218 \Device\Harddisk2\DR2 - ok 02:58:12.0678 0x1218 ================ Scan VBR ================================== 02:58:12.0678 0x1218 [ 7BBDBEF73560D87FEA5C39E397AFDC46 ] \Device\Harddisk0\DR0\Partition1 02:58:12.0678 0x1218 \Device\Harddisk0\DR0\Partition1 - ok 02:58:12.0694 0x1218 [ 3432EDE2A7B8F3E73D7330E167C9CB32 ] \Device\Harddisk0\DR0\Partition2 02:58:12.0694 0x1218 \Device\Harddisk0\DR0\Partition2 - ok 02:58:12.0694 0x1218 [ 9BEC19E5519D94FE3CDDEA7486B2A91E ] \Device\Harddisk1\DR1\Partition1 02:58:12.0740 0x1218 \Device\Harddisk1\DR1\Partition1 - ok 02:58:12.0756 0x1218 [ 34C06E91BB64442142CA77B7D693AD42 ] \Device\Harddisk1\DR1\Partition2 02:58:12.0756 0x1218 \Device\Harddisk1\DR1\Partition2 - ok 02:58:12.0756 0x1218 [ A97C4610012178888FD8CC4BDE4DAC0E ] \Device\Harddisk1\DR1\Partition3 02:58:12.0756 0x1218 \Device\Harddisk1\DR1\Partition3 - ok 02:58:12.0756 0x1218 [ 8178AD706B39B8E88D7E152D2BA17ECE ] \Device\Harddisk2\DR2\Partition1 02:58:12.0756 0x1218 \Device\Harddisk2\DR2\Partition1 - ok 02:58:12.0756 0x1218 ================ Scan generic autorun ====================== 02:58:12.0912 0x1218 [ 5BAD798CBAB39F3A56A9CD495320F67E, 668FB3F30DD99CBF9EBDDF4C079636DFD2C7693B3506AC8A6DD1B3CA4B5BAF11 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 02:58:13.0037 0x1218 RTHDVCPL - ok 02:58:13.0240 0x1218 [ 3F0B5EBDEB180C073E01A4A2DFA28C12, 0ACE6F70260E17284B8307D0DD0ACC9B59B379A99AE43429AB644B421ADAE8A7 ] C:\Program Files\Logitech Gaming Software\LCore.exe 02:58:13.0442 0x1218 Launch LCore - ok 02:58:13.0458 0x1218 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe 02:58:13.0474 0x1218 ShadowPlay - ok 02:58:13.0505 0x1218 [ 046DDF9B31BEC14D03CCC97DD728A4D1, D29F49F870B27553E13F9C1486D9B27A27C41FBEC7ACEC77EDFD5552C941E710 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 02:58:13.0552 0x1218 NvBackend - ok 02:58:13.0567 0x1218 [ 094E4E76FB9AB960A73F841BC6733F42, 01C1BFF17BEC6588E192EC4D7ACB74FC9B95ECA7CB8BB9585B04FC8EA73C3B43 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 02:58:13.0567 0x1218 USB3MON - ok 02:58:13.0598 0x1218 [ 57C635C41750117D206C90DA9C599777, D5291ED79FC08217758FB526FC8CCC9D374B65B49446104D271C36B0C1298446 ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe 02:58:13.0614 0x1218 BrMfcWnd - detected UnsignedFile.Multi.Generic ( 1 ) 02:58:16.0422 0x1218 Detect skipped due to KSN trusted 02:58:16.0422 0x1218 BrMfcWnd - ok 02:58:16.0578 0x1218 [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe 02:58:16.0672 0x1218 AvastUI.exe - ok 02:58:16.0687 0x1218 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 02:58:16.0719 0x1218 Sidebar - ok 02:58:16.0719 0x1218 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 02:58:16.0734 0x1218 mctadmin - ok 02:58:16.0765 0x1218 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 02:58:16.0781 0x1218 Sidebar - ok 02:58:16.0781 0x1218 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 02:58:16.0797 0x1218 mctadmin - ok 02:58:16.0797 0x1218 [ 3CA879373F4F5A7BC57E5DD0CA4CC282, 6AA3521AC3B4402330AAE5595967C7E9C6A028FB52747ADD5FDC76AF39504FA5 ] C:\Users\Ash\AppData\Roaming\TV Movie\TV Movie Clickfinder\tvstart.exe 02:58:16.0812 0x1218 TVTip - detected UnsignedFile.Multi.Generic ( 1 ) 02:58:19.0480 0x1218 Detect skipped due to KSN trusted 02:58:19.0480 0x1218 TVTip - ok 02:58:19.0480 0x1218 Waiting for KSN requests completion. In queue: 5 02:58:20.0494 0x1218 Waiting for KSN requests completion. In queue: 5 02:58:21.0508 0x1218 Waiting for KSN requests completion. In queue: 5 02:58:22.0553 0x1218 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated ) 02:58:22.0553 0x1218 Win FW state via NFP2: enabled 02:58:25.0314 0x1218 ============================================================ 02:58:25.0314 0x1218 Scan finished 02:58:25.0314 0x1218 ============================================================ 02:58:25.0314 0x0578 Detected object count: 1 02:58:25.0314 0x0578 Actual detected object count: 1 02:58:44.0689 0x0578 AVerRemote ( UnsignedFile.Multi.Generic ) - skipped by user 02:58:44.0689 0x0578 AVerRemote ( UnsignedFile.Multi.Generic ) - User select action: Skip Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004 www.malwarebytes.org Database version: main: v2015.05.22.01 rootkit: v2015.05.16.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.17801 Ash :: ASH-PC [administrator] 22.05.2015 12:32:04 mbar-log-2015-05-22 (12-32-04).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 360110 Time elapsed: 4 minute(s), 56 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) Muss ich mir Sorgen machen oder machen die auch dicht, bzw bekomme ich so ne Mail, wenn evtl mein Postfach ge-bruteforce'd wurde? Sollte ich die jungs bei GMX mal anrufen und nachfragen, wenn auch 0900 nummer? Wollte auch mal mit Avira Rescue Live CD booten und scannen, hing sich aber immer auf :/ Vielen Dank schonmal für deine Zeit! |
23.05.2015, 17:53 | #4 |
/// the machine /// TB-Ausbilder | Zugriff auf GMX durch dritte. Trojaner o.ä.? Hi, Passwort ändern und beobachten ob es nochmal vorkommt.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
23.05.2015, 22:26 | #5 |
| Zugriff auf GMX durch dritte. Trojaner o.ä.? ok, danke. |
24.05.2015, 19:16 | #6 |
/// the machine /// TB-Ausbilder | Zugriff auf GMX durch dritte. Trojaner o.ä.? kein Problem
__________________ --> Zugriff auf GMX durch dritte. Trojaner o.ä.? |
Themen zu Zugriff auf GMX durch dritte. Trojaner o.ä.? |
antivirus, avast, bonjour, browser, computer, defender, e-mail, helper, home, installation, launch, mozilla, panda usb vaccine, realtek, registry, rundll, scan, schutz, security, sicherheit, software, svchost.exe, tcp, trojaner, usb, vista, windows |